Browse Prior Art Database

Method And System for an Optimized Secure Erase of data on Non-Volatile Data Storage Devices

IP.com Disclosure Number: IPCOM000205100D
Publication Date: 2011-Mar-15
Document File: 3 page(s) / 73K

Publishing Venue

The IP.com Prior Art Database

Abstract

This article describes a method and system that perform a transparent secure erase of deleted data on non-volatile data storage devices.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 38% of the total text.

Page 01 of 3

Method And System for an Optimized Secure Erase of data on Non -Volatile Data Storage Devices

Disclosed is a method and system that transparently and securely erases deleted data on non-volatile data storage devices, without requiring any additional software on major existing operating systems.

Background

    This disclosure addresses security concerns with regards to potential data loss or theft, more specially (but not limited to) on laptops or on removable storage devices.

Problem

    In non-volatile data storage devices such as hard drives, data usually remains accessible for a period of time after it is deleted from the device. Indeed, most operating systems "hide" the data from application and users, and do not erase the content of the files that users and applications previously deleted. This is inherently not secure. On any current non-volatile data storage devices, there is no automatic and transparent way to perform a secure erase of data after files are deleted. This process is left up to the user to carry through, which requires manual intervention & can be time consuming. Most users will not bother or assume that once a file is deleted it is not recoverable.

    Even more importantly, in some cases, files (e.g. temporary file, internal application files, etc) may be deleted automatically by the system or certain applications without user intervention. There is currently no guaranteed way to automatically secure erase these files without any modification to the operating system.

    Some users may decide to secure-erase the whole free area of their disk on a daily basis, but this is very time consuming and slows down disk access (and therefore the whole computer). Very few users would be inclined to do this, therefore leaving the possibility for a malicious user to recover this data.

    So in most cases, specialised tools (forensic tools, "undelete" tools) will be able to recover data that was thought to be deleted, which exposes any user (employees or individuals) to security & data privacy & protection issues. In some cases, users may be able to manually secure-erase certain files, but in other cases, this will not be possible.

Some partial solutions to the problem exist. For example using the TRIM command: http://en.wikipedia.org/wiki/TRIM http://www.windowsitpro.com/article/file-systems/q-what-is-the-trim-function-for-solid- state-disks-ssds-and-why-is-it-important-.aspx

    However, this solution involves either completely wiping the disk, wiping unused parts of the disk, or wiping files before deleting them. These solutions are all manual, time consuming, prone to errors and the file-sanitisation methods cannot be used on application-deleted or system-deleted files.

Secure wiping methods also exist, for example: http://www.killdisk.com/, http://www.protectstar.com/2

_126

    Again, these products propose several algorithms for manually securely wiping disks, with all the drawbacks specified above.

The problem has been highlighted in: http...