Eliminação Segura de Arquivos em Memória Não-Volátil
Resumo
A Internet das Coisas (IoT) e a popularização de dispositivos móveis traz novos desafios quanto a remoção de arquivos. Técnicas tradicionalmente empregadas em meios magnéticos não são efetivas para memórias não voláteis, como a memória flash. Consequentemente, novos métodos de remoção segura foram desenvolvidos, que empregam operações de Sobrescrita com Zeros e de Apagamento de Blocos. Este trabalho analisa estes métodos e propõe um novo, com melhor desempenho. O método proposto é um híbrido, combinando de forma equilibrada operações de sobrescrita e apagamento, para evitar o apagamento desnecessário de blocos ainda não utilizados e reduzir o desgaste prematuro da memória.
Referências
Ban, A. “Flash file system”. US Patent, no. 5404485, 1995.
Bauer, S.; Priyantha, N. B. “Secure Data Deletion for Linux File Systems”. In: Usenix Security Symposium, 2001, pp. 153–164.
Breeuwsma, M.; Jongh, M.; Klaver, C.; van der Knijff, R.; Roeloffs, M. “Forensic data recovery from flash memory”. Small Scale Digital Device Forensics Journal, vol. 1, 2007, pp. 1-17.
DOE. “Media Sanitization Manual”. US Department of Energy, DOE M 205.1-6. Capturado em: <http://www.directives.doe.gov>, Junho 2016.
Gal, E.; Toledo, S. “Algorithms and Data Structures for Flash Memories”. ACM Computing Surveys, vol. 37, 2005, pp. 138–163.
Garfinkel, S. “Anti-Forensics: Techniques, Detection and Countermeasures”. In: 2nd International Conference on i-Warfare and Security, 2007, pp. 77-84
Gutmann, P. “Secure deletion of data from magnetic and solid-state memory”. In Proceedings of the 6th USENIX UNIX Security Symposium, 1996, pp. 77-90.
Gutmann, P. “Data Remanence in Semiconductor Devices” In: Proceedings of the 10th conference on USENIX Security Symposium, 2001, pp. 4.
Hao, F.; Clarke, D.; Zorzo, A.F. “Deleting secret data with public verifiability”, IEEE Transactions on Dependable and Secure Computing, vol. 13, num. 6, 2016, pp. 617-629.
Huang, N.; He, J.; Zhao, B. “Secure Data Sanitization for Android Device Users”. International Journal of Security and its Applications, vol. 9( 5), 2015, pp. 61-68.
Micron Technology, Inc. “Technical Note: Design and Use Considerations for NAND Flash Memory”. 2006.
NIST. “Guidelines for Media Sanitization”. NIST Special Publication 800-88. Capturado em: <http://dx.doi.org/10.6028/NIST.SP.800-88r1>, Maio 2016.
Peterson. Z.N.J.; Burns. R.; Herring. J.; Stubblefield. A.; Rubin. A.D. “Secure Deletion for a Versioning File System”. In: Proceedings of the 4th Conference on USENIX Conference on File and Storage Technologies (FAST), 2005, vol. 4, pp. 143-154.
Sun, K.; Choi, J.; Lee, D.; Noh, S. “Models and Design of an Adaptive Hybrid Scheme for Secure Deletion of Data in Consumer Electronics”. IEEE Transactions on Consumer Electronics, vol. 54, 2008, pp. 100–104.
Wang, Y.; Qin, Z.; Shao, Z.; Wang, Q.; Li, S.; Yang, L. T. “A Real-Time Flash Translation Layer for NAND Flash Memory Storage Systems”. IEEE Transactions on Multi-Scale Computing Systems, vol. 2, no. 1, January-March 2016, pp. 17-28.
Wei, M.; Grupp, L. M.; Spada, F. M.; Swanson, S. “Reliably Erasing Data from Flash-Based Solid State Drives”. In: Proceedings of the 9th USENIX conference on File and Storage Technologies, Berkeley, CA, USA, 2011, pp. 105–117.
Bauer, S.; Priyantha, N. B. “Secure Data Deletion for Linux File Systems”. In: Usenix Security Symposium, 2001, pp. 153–164.
Breeuwsma, M.; Jongh, M.; Klaver, C.; van der Knijff, R.; Roeloffs, M. “Forensic data recovery from flash memory”. Small Scale Digital Device Forensics Journal, vol. 1, 2007, pp. 1-17.
DOE. “Media Sanitization Manual”. US Department of Energy, DOE M 205.1-6. Capturado em: <http://www.directives.doe.gov>, Junho 2016.
Gal, E.; Toledo, S. “Algorithms and Data Structures for Flash Memories”. ACM Computing Surveys, vol. 37, 2005, pp. 138–163.
Garfinkel, S. “Anti-Forensics: Techniques, Detection and Countermeasures”. In: 2nd International Conference on i-Warfare and Security, 2007, pp. 77-84
Gutmann, P. “Secure deletion of data from magnetic and solid-state memory”. In Proceedings of the 6th USENIX UNIX Security Symposium, 1996, pp. 77-90.
Gutmann, P. “Data Remanence in Semiconductor Devices” In: Proceedings of the 10th conference on USENIX Security Symposium, 2001, pp. 4.
Hao, F.; Clarke, D.; Zorzo, A.F. “Deleting secret data with public verifiability”, IEEE Transactions on Dependable and Secure Computing, vol. 13, num. 6, 2016, pp. 617-629.
Huang, N.; He, J.; Zhao, B. “Secure Data Sanitization for Android Device Users”. International Journal of Security and its Applications, vol. 9( 5), 2015, pp. 61-68.
Micron Technology, Inc. “Technical Note: Design and Use Considerations for NAND Flash Memory”. 2006.
NIST. “Guidelines for Media Sanitization”. NIST Special Publication 800-88. Capturado em: <http://dx.doi.org/10.6028/NIST.SP.800-88r1>, Maio 2016.
Peterson. Z.N.J.; Burns. R.; Herring. J.; Stubblefield. A.; Rubin. A.D. “Secure Deletion for a Versioning File System”. In: Proceedings of the 4th Conference on USENIX Conference on File and Storage Technologies (FAST), 2005, vol. 4, pp. 143-154.
Sun, K.; Choi, J.; Lee, D.; Noh, S. “Models and Design of an Adaptive Hybrid Scheme for Secure Deletion of Data in Consumer Electronics”. IEEE Transactions on Consumer Electronics, vol. 54, 2008, pp. 100–104.
Wang, Y.; Qin, Z.; Shao, Z.; Wang, Q.; Li, S.; Yang, L. T. “A Real-Time Flash Translation Layer for NAND Flash Memory Storage Systems”. IEEE Transactions on Multi-Scale Computing Systems, vol. 2, no. 1, January-March 2016, pp. 17-28.
Wei, M.; Grupp, L. M.; Spada, F. M.; Swanson, S. “Reliably Erasing Data from Flash-Based Solid State Drives”. In: Proceedings of the 9th USENIX conference on File and Storage Technologies, Berkeley, CA, USA, 2011, pp. 105–117.
Publicado
06/11/2017
Como Citar
WEBER, Julia S.; ZORZO, Avelino F..
Eliminação Segura de Arquivos em Memória Não-Volátil. In: SIMPÓSIO BRASILEIRO DE SEGURANÇA DA INFORMAÇÃO E DE SISTEMAS COMPUTACIONAIS (SBSEG), 17. , 2017, Brasília.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2017
.
p. 56-69.
DOI: https://doi.org/10.5753/sbseg.2017.19490.
