research-article

Public Access

Sanitizing data is not enough!: towards sanitizing structural artifacts in flash media

Authors:

Peng LiuAuthors Info & Claims

ACSAC '16: Proceedings of the 32nd Annual Conference on Computer Security Applications

Pages 496 - 507

https://doi.org/10.1145/2991079.2991101

Published: 05 December 2016 Publication History

Abstract

Conventional overwriting-based and encryption-based secure deletion schemes can only sanitize data. However, the past existence of the deleted data may leave artifacts in the layout at all layers of a computing system. These structural artifacts may be utilized by the adversary to infer sensitive information about the deleted data or even to fully recover them. The conventional secure deletion solutions unfortunately cannot sanitize them.

In this work, we introduce truly secure deletion, a novel security notion that is much stronger than the conventional secure deletion. Truly secure deletion requires sanitizing both the obsolete data as well as the corresponding structural artifacts, so that the resulting storage layout after a delete operation is indistinguishable from that the deleted data never appeared. We propose TedFlash, a Truly secure deletion scheme for Flash-based block devices. TedFlash can successfully sanitize both the data and the structural artifacts, while satisfying the design constraints imposed for flash memory. Security analysis and experimental evaluation show that TedFlash can achieve the truly secure deletion guarantee with a small additional overhead compared to conventional secure deletion solutions.

References

[1]

Blockchain. https://blockchain.info/.

[2]

fio, http://freecode.com/projects/fio.

[3]

Jasmine openssd platform, http://www.openssd-project.org/wiki/Jasmine_OpenSSD_Platform.

[4]

Lpc-h3131, https://www.olimex.com/Products/ARM/NXP/LPC-H3131/.

[5]

Multibit. https://multibit.org/.

[6]

New ssd-backed elastic block storage. https://aws.amazon.com/blogs/aws/new-ssd-backed-elastic-block-storage/.

[7]

Opennfm, https://code.google.com/p/opennfm/.

[8]

Sage s881. http://www.sage-micro.com/chip-7.html.

[9]

Samsung ssd. http://www.samsung.com/cn/consumer/memory/ssd.

[10]

Scalability - bitcoin wiki. https://en.bitcoin.it/wiki/Scalability.

[11]

Trim, http://en.wikipedia.org/wiki/Trim_%28computing%29.

[12]

Uk data protection act 1998 (dpa). http://www.legislation.gov.uk/ukpga/1998/29.

[13]

106th United States Congress. Gramm-Leach-Bailey Act. http://www.gpo.gov/fdsys/pkg/PLAW-106publ102/pdf/PLAW-106publ102.pdf, 1999.

[14]

Guy E. Blelloch and Daniel Golovin. Strongly history-independent hashing with applications. In Proceedings of IEEE Symposium on Foundations of Computer Science, FOCS '07, pages 272--282. IEEE Computer Society, 2007.

Digital Library

[15]

Bing Chang, Zhan Wang, Bo Chen, and Fengwei Zhang. Mobipluto: File system friendly deniable storage for mobile devices. In Proceedings of the 31st Annual Computer Security Applications Conference, pages 381--390. ACM, 2015.

Digital Library

[16]

Bo Chen, Anil Kumar Ammula, and Reza Curtmola. Towards server-side repair for erasure coding-based distributed storage systems. In Proceedings of the 5th ACM Conference on Data and Application Security and Privacy, pages 281--288. ACM, 2015.

Digital Library

[17]

Bo Chen, Reza Curtmola, Giuseppe Ateniese, and Randal Burns. Remote data checking for network coding-based distributed storage systems. In Proceedings of the 2010 ACM workshop on Cloud computing security workshop, pages 31--42. ACM, 2010.

Digital Library

[18]

Bo Chen and Radu Sion. Hiflash: A history independent flash device. arXiv preprint arXiv:1511.05180, 2015.

[19]

United States Congress. Health Insurance Portability and Accountability Act. http://www.hhs.gov/ocr/privacy/index.html, 1996.

[20]

Reza Curtmola, Osama Khan, Randal Burns, and Giuseppe Ateniese. Mr-pdp: Multiple-replica provable data possession. In Distributed Computing Systems, 2008. ICDCS'08. The 28th International Conference on, pages 411--420. IEEE, 2008.

Digital Library

[21]

Sarah Diesburg, Christopher Meyers, Mark Stanovich, Michael Mitchell, Justin Marshall, Julia Gould, An-I Andy Wang, and Geoff Kuenning. Trueerase: Per-file secure deletion for the storage data path. In Proceedings of the 28th Annual Computer Security Applications Conference, pages 439--448. ACM, 2012.

Digital Library

[22]

Simson L Garfinkel and Abhi Shelat. Remembrance of data passed: A study of disk sanitization practices. IEEE Security & Privacy, (1):17--27, 2003.

Digital Library

[23]

Roxana Geambasu, Tadayoshi Kohno, Amit A Levy, and Henry M Levy. Vanish: Increasing data privacy with self-destructing data. In USENIX Security Symposium, pages 299--316, 2009.

Digital Library

[24]

Peter Gutmann. Secure deletion of data from magnetic and solid-state memory. In Proceedings of the Sixth USENIX Security Symposium, San Jose, CA, volume 14, 1996.

Digital Library

[25]

Jason D Hartline, Edwin S Hong, Alexander E Mohr, William R Pentney, and Emily C Rocke. Characterizing history independent data structures. Algorithmica, 42(1):57--74, 2005.

Digital Library

[26]

Shijie Jia, Luning Xia, Bo Chen, and Peng Liu. Nfps: Adding undetectable secure deletion to flash translation layer. In Proceedings of The 11th ACM Asia Conference on Computer and Communications Security (ASIACCS '16). ACM, 2016.

Digital Library

[27]

Byunghee Lee, Kyungho Son, Dongho Won, and Seungjoo Kim. Secure data deletion for usb flash memory. J. Inf. Sci. Eng., 27(3):933--952, 2011.

[28]

Jaeheung Lee, Junyoung Heo, Yookun Cho, Jiman Hong, and Sung Y. Shin. Secure deletion for nand flash file system. In Proceedings of the 2008 ACM symposium on Applied computing, SAC '08, pages 1710--1714, New York, NY, USA, 2008. ACM.

Digital Library

[29]

Jaeheung Lee, Sangho Yi, Junyoung Heo, Hyungbae Park, Sung Y Shin, and Yookun Cho. An efficient secure deletion scheme for flash file systems. J. Inf. Sci. Eng., 26(1):27--38, 2010.

[30]

David Molnar, Tadayoshi Kohno, Naveen Sastry, and David Wagner. Tamper-evident, history-independent, subliminal-free data structures on prom storage-or-how to store ballots on a voting machine. In Security and Privacy, 2006 IEEE Symposium on, pages 6--pp. IEEE, 2006.

Digital Library

[31]

Moni Naor and Vanessa Teague. Anti-persistence: History independent data structures. In In Proceedings of ACM symposium on Theory of computing, pages 492--501. ACM Press, 2001.

Digital Library

[32]

Radia Perlman. The ephemerizer: Making data disappear. In Journal of Information System Security. Citeseer, 2005.

[33]

Radia Perlman. File system design with assured delete. In Security in Storage Workshop, 2005. SISW'05. Third IEEE International, pages 6--pp. IEEE, 2005.

Digital Library

[34]

Timothy M Peters, Mark A Gondree, and Zachary NJ Peterson. Defy: A deniable, encrypted file system for log-structured storage. 2015.

[35]

Joel Reardon, Srdjan Capkun, and David Basin. Data node encrypted file system: Efficient secure deletion for flash memory. In Proceedings of the 21st USENIX conference on Security symposium, pages 17--17. USENIX Association, 2012.

Digital Library

[36]

Joel Reardon, Claudio Marforio, Srdjan Capkun, and David Basin. Secure deletion on log-structured file systems. arXiv preprint arXiv:1106.0917, 2011.

[37]

U.S. Senator Paul Sarbanes and U.S. Representative Michael G. Oxley. Sarbanes-Oxley Act. http://www.sec.gov/about/laws.shtml#sox2002, 2002.

[38]

Kyoungmoon Sun, Jongmoo Choi, Donghee Lee, and Sam H Noh. Models and design of an adaptive hybrid scheme for secure deletion of data in consumer electronics. Consumer Electronics, IEEE Transactions on, 54(1):100--104, 2008.

Digital Library

[39]

Yang Tang, Patrick PC Lee, John Lui, and Radia Perlman. Secure overlay cloud storage with access control and assured deletion. Dependable and Secure Computing, IEEE Transactions on, 9(6):903--916, 2012.

Digital Library

[40]

Michael Yung Chung Wei, Laura M Grupp, Frederick E Spada, and Steven Swanson. Reliably erasing data from flash-based solid state drives. In FAST, volume 11, pages 8--8, 2011.

Digital Library

[41]

Xingjie Yu, Bo Chen, Zhan Wang, Bing Chang, Wen Tao Zhu, and Jiwu Jing. Mobihydra: Pragmatic and multi-level plausibly deniable encryption storage for mobile devices. In Information Security, pages 555--567. Springer, 2014.

[42]

Apostolis Zarras, Katharina Kohls, Markus Dürmuth, and Christina Pöpper. Neuralyzer: Flexible expiration times for the revocation of online data. In Proceedings of the Sixth ACM on Conference on Data and Application Security and Privacy, pages 14--25. ACM, 2016.

Digital Library

Cited By

Hu XChang JAhmad TZhang FZhang Y(2025)Identity-Based Integrity Auditing Scheme With Sensitive Information Hiding for Proxy-Server-Assisted Cloud Storage ApplicationsIEEE Internet of Things Journal10.1109/JIOT.2024.349131512:6(6673-6684)Online publication date: 15-Mar-2025
https://doi.org/10.1109/JIOT.2024.3491315
Chen BRother CDafoe JLuo BLiao XXu JKirda ELie D(2024)Poster: A Full-stack Secure Deletion Framework for Modern Computing DevicesProceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security10.1145/3658644.3691369(4967-4969)Online publication date: 2-Dec-2024
https://dl.acm.org/doi/10.1145/3658644.3691369
Gao BJia SYin PZhang X(2023)Protection of Access PatternProceedings of the 2023 7th International Conference on Computer Science and Artificial Intelligence10.1145/3638584.3638585(99-105)Online publication date: 8-Dec-2023
https://dl.acm.org/doi/10.1145/3638584.3638585
Show More Cited By

Index Terms

Sanitizing data is not enough!: towards sanitizing structural artifacts in flash media
1. Information systems
  1. Information storage systems
    1. Information storage technologies
      1. Storage class memory
        Flash memory
2. Security and privacy
  1. Database and storage security
    1. Data anonymization and sanitization

Recommendations

NFPS: Adding Undetectable Secure Deletion to Flash Translation Layer
ASIA CCS '16: Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security

Securely removing data from modern computing systems is challenging, as past existence of the deleted data may leave artifacts in the layout at all layers of a computing system, which can be utilized by the adversary to infer information about the ...
ComboFTL: Improving performance and lifespan of MLC flash memory using SLC flash buffer

Multi-level cell (MLC) flash memory has lower bit cost compared to single-level cell (SLC) flash memory. However, there are several obstacles to the wide use of MLC flash memory, including slow write performance and shorter lifespan. To improve the ...
An Analysis of Flash Page Reuse With WOM Codes
Special Issue on NVM and Storage

Flash memory is prevalent in modern servers and devices. Coupled with the scaling down of flash technology, the popularity of flash memory motivates the search for methods to increase flash reliability and lifetime. Erasures are the dominant cause of ...

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences

ACSAC '16: Proceedings of the 32nd Annual Conference on Computer Security Applications

December 2016

614 pages

ISBN:9781450347716

DOI:10.1145/2991079

Conference Chair:
Stephen Schwab
USC Information Sciences Institute
,
Program Chairs:
Wil Robertson
Northeastern University
,
Davide Balzarotti
Eurecom

Copyright © 2016 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

ACSA: Applied Computing Security Assoc

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 05 December 2016

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

Conference

ACSAC '16

Sponsor:

ACSA

ACSAC '16: 2016 Annual Computer Security Applications Conference

December 5 - 8, 2016

California, Los Angeles, USA

Acceptance Rates

Overall Acceptance Rate 104 of 497 submissions, 21%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

13
Total Citations
View Citations
726
Total Downloads

Downloads (Last 12 months)212
Downloads (Last 6 weeks)43

Reflects downloads up to 08 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Hu XChang JAhmad TZhang FZhang Y(2025)Identity-Based Integrity Auditing Scheme With Sensitive Information Hiding for Proxy-Server-Assisted Cloud Storage ApplicationsIEEE Internet of Things Journal10.1109/JIOT.2024.349131512:6(6673-6684)Online publication date: 15-Mar-2025
https://doi.org/10.1109/JIOT.2024.3491315
Chen BRother CDafoe JLuo BLiao XXu JKirda ELie D(2024)Poster: A Full-stack Secure Deletion Framework for Modern Computing DevicesProceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security10.1145/3658644.3691369(4967-4969)Online publication date: 2-Dec-2024
https://dl.acm.org/doi/10.1145/3658644.3691369
Gao BJia SYin PZhang X(2023)Protection of Access PatternProceedings of the 2023 7th International Conference on Computer Science and Artificial Intelligence10.1145/3638584.3638585(99-105)Online publication date: 8-Dec-2023
https://dl.acm.org/doi/10.1145/3638584.3638585
Ma BYang YLi JZhang FShen WZhou YMa JMeng WJensen CCremers CKirda E(2023)Travelling the Hypervisor and SSD: A Tag-Based Approach Against Crypto Ransomware with Fine-Grained Data RecoveryProceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security10.1145/3576915.3616665(341-355)Online publication date: 15-Nov-2023
https://dl.acm.org/doi/10.1145/3576915.3616665
Fukami ARegazzoni FGeradts ZTakahashi A(2023)Data Sanitization on eMMCsProceedings of the 28th Asia and South Pacific Design Automation Conference10.1145/3566097.3568349(455-460)Online publication date: 16-Jan-2023
https://dl.acm.org/doi/10.1145/3566097.3568349
Chen NChen BSuga YSakurai KDing XSako K(2022)Duplicates also Matter! Towards Secure Deletion on Flash-based Storage Media by Removing DuplicatesProceedings of the 2022 ACM on Asia Conference on Computer and Communications Security10.1145/3488932.3523255(54-66)Online publication date: 30-May-2022
https://dl.acm.org/doi/10.1145/3488932.3523255
Jia SZhang QXia LJing JLiu P(2022)MDEFTL: Incorporating Multi-Snapshot Plausible Deniability into Flash Translation LayerIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2021.310089719:5(3494-3507)Online publication date: 1-Sep-2022
https://doi.org/10.1109/TDSC.2021.3100897
Yang LLi CWei TZhang FMa JXiong N(2022)Vacuum: Efficient and Assured Deletion Scheme for User Sensitive Data on Mobile DevicesIEEE Internet of Things Journal10.1109/JIOT.2021.31195149:12(10093-10107)Online publication date: 15-Jun-2022
https://doi.org/10.1109/JIOT.2021.3119514
Gao BChen BJia SXia LGalbraith SRussello GSusilo WGollmann DKirda ELiang Z(2019)eHIFSProceedings of the 2019 ACM Asia Conference on Computer and Communications Security10.1145/3321705.3329839(573-585)Online publication date: 2-Jul-2019
https://dl.acm.org/doi/10.1145/3321705.3329839
Wang PJia SChen BXia LLiu PAhn GThuraisingham BKantarcioglu MKrishnan R(2019)MimosaFTLProceedings of the Ninth ACM Conference on Data and Application Security and Privacy10.1145/3292006.3300041(327-338)Online publication date: 13-Mar-2019
https://dl.acm.org/doi/10.1145/3292006.3300041
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Figures

Tables

Media

View Table of Conten