Presentation is loading. Please wait.

Presentation is loading. Please wait.

TrueErase: Secure Deletion on Flash Storage Sarah Diesburg, Chris Meyers, An-I Andy Wang 10/8/2015.

Published byLawrence Kelley Maxwell Modified over 9 years ago

Similar presentations

Presentation on theme: "TrueErase: Secure Deletion on Flash Storage Sarah Diesburg, Chris Meyers, An-I Andy Wang 10/8/2015."— Presentation transcript:

1 TrueErase: Secure Deletion on Flash Storage Sarah Diesburg, Chris Meyers, An-I Andy Wang 10/8/2015

2 The Problem Most users believe that files cannot be retrieved once  Files are no longer visible  The trashcan is emptied  The partition is formatted In reality, only link to the file is deleted  Actual data remains 2

3 The Problem Decommissioned storage devices leak sensitive information 3

4 What is Secure Deletion? Secure deletion means rendering files completely irrecoverable  No forensic analysis should be able to recover data from media 4

5 Secure Deletion Complications 5 Flash electronic storage can make it nearly impossible to erase files

6 Flash Characteristics Locations must first be erased before new data can be written  But it can take awhile to erase a location Locations can only be written or erased a small amount of times The flash solution is to rotate locations for writes. 6

7 7 Flash Write Behavior Flash management software rotates the usage of locations Flash 1234567 7 Operating System

8 8 Flash Write Behavior Flash management software rotates the usage of locations Write gibberish to 2 Flash 1234567 8 Operating System

9 9 Flash Write Behavior Write gibberish to 2 Flash 1234567 O(\ks@ 9 Overwrites go to new location instead of original block Dead data left behind until that location is erased Operating System

10 Is this a problem? 10 Removal via hot airUniversal chip reader We must somehow erase sensitive data! 10 Raw flash chips can be removed and placed in a reader

11 Achieving Secure Deletion Need to send erase command to flash to erase sensitive information  Flash has no information about the security of the file – only the file system knows this  Currently, file systems only understand read and write commands, not erase commands 11

12 TrueErase Components 1. Centralized module that passes secure deletion information from file system to lower layers 2. Extension to storage block layer to take advantage of above information  Issue secure overwrite command  Call storage-specific secure deletion command 12

13 TrueErase Datapath View Applications File System Block Layer Storage User Kernel Secure Deletion Module Block # Add Check Secure delete commands 13 Block #

14 14 Securely erase my file! Secure delete Operating System TrueErase User View

15 15 TrueErase Flash Behavior We can now tell the flash to erase locations Securely delete 2 Flash 1234567 15 Operating System

16 16 TrueErase Flash Behavior Flash 1234567 16 The location can be securely deleted! Operating System Erase!

17 Why is this challenging? Flash management not easily changeable  Performance implications  Rotating the right locations File systems not designed for erase  Backward compatibility issues Handling crashes during secure deletion  Correctness issues 17

18 Current Development – TrueErase 18

19 Current Development – TrueErase Programming complete prototype  Fixing final bugs Expected to be done for conference paper submission in early January 19

20 Questions? For more information about TrueErase, visit http://ww2.cs.fsu.edu/~diesburg/trueerase.html 20

Download ppt "TrueErase: Secure Deletion on Flash Storage Sarah Diesburg, Chris Meyers, An-I Andy Wang 10/8/2015."

Similar presentations

Higher Computing Computer Systems S. McCrossan Higher Grade Computing Studies 7. Systems Software 1 System Software This software is used to provide the.

Higher Computing Computer Systems S. McCrossan Higher Grade Computing Studies 7. Systems Software 1 System Software This software is used to provide the.
Autonomic Systems Justin Moles, Winter 2006 Enabling autonomic behavior in systems software with hot swapping Paper by: J. Appavoo, et al. Presentation.

Autonomic Systems Justin Moles, Winter 2006 Enabling autonomic behavior in systems software with hot swapping Paper by: J. Appavoo, et al. Presentation.
Full-Datapath Secure Deletion Sarah Diesburg 1. Overview Problem  Current secure deletion methods do not work State of the art  Optimistic system-wide.

Full-Datapath Secure Deletion Sarah Diesburg 1. Overview Problem  Current secure deletion methods do not work State of the art  Optimistic system-wide.
Lesson 3: File Management. 2 Learning Objectives After studying this lesson, you will be able to:  Browse files on the computer  Open files from a folder.

Lesson 3: File Management. 2 Learning Objectives After studying this lesson, you will be able to:  Browse files on the computer  Open files from a folder.
Lesson 13 PROTECTING AND SHARING DOCUMENTS

Lesson 13 PROTECTING AND SHARING DOCUMENTS
Chapter 7: Configuring Disks. 2/24 Objectives Learn about disk and file system configuration in Vista Learn how to manage storage Learn about the additional.

Chapter 7: Configuring Disks. 2/24 Objectives Learn about disk and file system configuration in Vista Learn how to manage storage Learn about the additional.
Building Secure Software Chapter 9 Race Conditions.

Building Secure Software Chapter 9 Race Conditions.
Chapter 11 Operating Systems

Chapter 11 Operating Systems
COMPREHENSIVE Windows Tutorial 10 Improving Your Computer’s Performance.

COMPREHENSIVE Windows Tutorial 10 Improving Your Computer’s Performance.
Format Scandisk Defragmentation Antivirus Compression Software

Format Scandisk Defragmentation Antivirus Compression Software
Data Elimination 101. What Does Degauss Mean? Computer hard drives use magnetic fields to store data on special discs called platters. Degaussing is the.

Data Elimination 101. What Does Degauss Mean? Computer hard drives use magnetic fields to store data on special discs called platters. Degaussing is the.
The OSI Model A layered framework for the design of network systems that allows communication across all types of computer systems regardless of their.

The OSI Model A layered framework for the design of network systems that allows communication across all types of computer systems regardless of their.
 What is electronic data?  Information stored electronically, e.g. pictures, music, documents, etc.  Where can you store your data?  Cell phones 

 What is electronic data?  Information stored electronically, e.g. pictures, music, documents, etc.  Where can you store your data?  Cell phones 
Chapter 3 – Computer Hardware Computer Components – Hardware (cont.) Lecture 3.

Chapter 3 – Computer Hardware Computer Components – Hardware (cont.) Lecture 3.
New School Websites Teacher Pages. Visit the SCUSD Website for videos tutorials: www.scusd.edu/website-training-teachers For more information.

New School Websites Teacher Pages. Visit the SCUSD Website for videos tutorials: For more information.
File System. NET+OS 6 File System Architecture Design Goals File System Layer Design Storage Services Layer Design RAM Services Layer Design Flash Services.

File System. NET+OS 6 File System Architecture Design Goals File System Layer Design Storage Services Layer Design RAM Services Layer Design Flash Services.
Data Deletion and Recovery. Data Deletion  What does data deletion mean in your own words?

Data Deletion and Recovery. Data Deletion  What does data deletion mean in your own words?
Go to our website, www.lvccld.org and click on the eMedia Catalog link www.lvccld.org To find books, either click on the advanced search (which I will.

Go to our website, and click on the eMedia Catalog link To find books, either click on the advanced search (which I will.
PPOUG, 05-OCT-01 Agenda RMAN Architecture Why Use RMAN? Implementation Decisions RMAN Oracle9i New Features.

PPOUG, 05-OCT-01 Agenda RMAN Architecture Why Use RMAN? Implementation Decisions RMAN Oracle9i New Features.
 FILE S SYSTEM  DIFFERENT FILE SYSTEMS  FILE SYSTEM COMPONENTS  FILE OPERATIONS  LOG STRUCTERD FILE SYSTEM  FILE EXAMPLES.

 FILE S SYSTEM  DIFFERENT FILE SYSTEMS  FILE SYSTEM COMPONENTS  FILE OPERATIONS  LOG STRUCTERD FILE SYSTEM  FILE EXAMPLES.

Similar presentations

Ads by Google