TrueErase Secure File DeletionGrants: NSF grants CNS-0845672/CNS-1065127, DoE grant P200A060279, Philanthropic Educational Organization, and FSU Research Foundation
PIs: An-I Andy Wang, Florida State University Sarah Diesburg, Florida State University
Current team members: Christopher Meyers, Mark Stanovich, Michael Mitchell, Justin Marshall, Julia Gould, Florida State University Geoff Kuenning, Harvey Mudd College
Dissertation committee members: Theodore Baker, Mike Burmester, Lois Hawkes, Steve Bellenot, Florida State University
Past contributers: David Lary, Saransh Chauhan Florida State University
The ability to delete sensitive data securely from electronic storage is becoming an increasing concern. However, current per-file deletion solutions tend to be limited to one segment of the operating system's legacy storage data path (Figure 1), and may leave behind sensitive data when interacting with storage components such as journaling, file-system caches, and certain storage media such as NAND flash.
We introduce TrueErase, a holistic, data-path-wide framework that irrevocably deletes data and metadata (Figure 2). TrueErase is composed of three components: (1) a user model for which a user can use legacy attribute-setting tools to specify files and directories whose data and metadata will be securely deleted, (2) a type/attribute propagation (TAP) module that propagates additional secure-deletion information from the file system to lower layers, and (3) an enhanced storage-management layer to take advantage of the propagated information by issuing storage-specific secure overwrite or deletion commands.
Through design, implementation, verification, and evaluation, we have demonstrated that TrueErase is unique in the following combination of properties: (1) TrueErase works with legacy applications, common file systems, and emerging storage media (e.g., NAND flash). (2) Unlike techniques that involve the physical destruction of storage devices, TrueErase offers the flexibility to securely delete individual files (e.g., for cases such as expired client data, statute of limitations, etc.). (3) Unlike most per-file solutions, TrueErase is holistic and covers the entire storage data path, so that a secure-deletion operation issued by one segment of the data path (e.g., file system) will not be negated by another (e.g., flash that keeps versions of data). (4) TrueErase is designed to survive common system failures, and (5) the core logic of the framework is verified systematically.
Figure 1: Segments of the operating
system data path.
Figure 2: TrueErase framework inserted into the
operating system data path.
- Sarah Diesburg, Christopher Meyers, Mark Stanovich, Michael Mitchell, Justin Marshall, Julia Gould, An-I Andy Wang, and Geoff Kuenning. TrueErase: Per-file Secure Deletion for the Storage Data Path Proceedings of the 2012 Annual Computer Security Applications Conference, 2012. [19% acceptance rate] Supersedes Technical Report TR-111020, Department of Computer Science, Florida State University, October 2011.
- Sarah Diesburg and An-I Andy Wang. A Survey of Confidential Data Storage and Deletion Methods. ACM Computing Surveys, 43(1), 2010. Supersedes Technical Report TR-080508, Department of Computer Science, Florida State University, May 2008.
- Sarah Diesburg, Chris Meyers, David Lary, An-I Andy Wang. When Cryptography Meets Storage. Proceedings of the 4th International Workshop on Storage Security and Survivability (StorageSS), October 2008.
An-I Andy Wang. TrueErase: Per-file Full-dat-path Secure Deletion for Electornic Storage. Presented at the Computer Science Colloquium, Florida State University, Tallahassee, December 2012.
Sarah Diesburg. Per-file Full-data-path Secure Deletion for Electronic Storage. Presented at the FSU Operating Systems Lecture, November 2012.
An-I Andy Wang. TrueErase: Full-storage-data-path Per-file Secure Deletion. Presented at the Computer Science Research Seminar, Chalmers University of Technology, Gothenburg, Sweden, May 2012.
Sarah Diesburg. TrueErase: Secure Deletion on Flash Storage. Presented at the FSU Advanced Operating Systems Lecture, January 2012.
An-I Andy Wang. TrueErase: Full-storage-data-path Per-file Secure Deletion. Presented at the 8th International Workshop Operating System Technologies for Large Scale NVRAM, Jeju Island, Korea, November 2011.
An-I Andy Wang. TrueErase: Full-storage-data-path Per-file Secure Deletion. Presented at the Computer Science Colloquium, Florida State University, Tallahassee, October 2011.
Sarah Diesburg. TrueErase: Secure Deletion on Flash Storage. Presented at the Feed Your Brain Symposium at the Florida State University College of Communication and Information, November 2009.
Sarah Diesburg. TrueErase: Secure Deletion on Electronic Media. Presented to the FSU Board of Trustees, Florida State University, August 2009.
Sarah Diesburg, Chris Meyers, An-I Andy Wang. Full-Datapath Secure Deletion. Presented as a Work-in-Progress Report at The 18th USENIX Security Symposium, Montreal, August 2009.
Sarah Diesburg. Full-Datapath Secure Data Deletion. Presented as an Invited Talk at The University of Northern Iowa, May 2009.
Sarah Diesburg. Full-Datapath Secure Data Deletion. Presented at the ACM Student Research Conference, Florida State University, April 2009.
Sarah Diesburg. When Cryptography Meets Storage. Presented at The 4th International Workshop on Storage Security and Survivability (StorageSS), Washington D.C., October 2008.
Elizabeth Copps. Gone in a Flash. Research in Review Fall/Winter 2009, p.15.
Kaylani Levine, Florida State Standouts: Sarah Diesburg. Florida State Headlines, October 13, 2009.
Doug Blackburn. FSU student tackles 'flash' issues, Tallahassee Democrat, front page article, October 4, 2009.
Doug Blackburn. FSU student develops software prototype to erase electronic files, Tallahassee Democrat, October 3, 2009.
Florida State Star Designation, profile, October 1, 2009.
Susan Hellstrom, Florida State Doctoral Students Win Top Research Scholarships, May 2, 2009.
This material is based upon work supported by the National Science Foundation under grant no. CNS-0845672/CNS-1065127, US Department of Education under grant no. P200A060279, Philanthropic Education Organization, and FSU Research Foundation.
Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the National Science Foundation, US Department of Education, the Philanthropic Education Organization, or the FSU Research Foundation.
Last modified: October 27th, 2011