Data Node Encrypted File System: Efficient Secure Deletion for Flash Memory
Authors:
Joel Reardon, Srdjan Capkun, and David Basin, ETH Zurich
Abstract:
We propose the Data Node Encrypted File System (DNEFS), which uses on-the-fly encryption and decryption of file system data nodes to efficiently and securely delete data on flash memory systems. DNEFS is a generic modification of existing flash file systems or controllers that enables secure data deletion while preserving the underlying systems’ desirable properties: application-independence, fine-grained data access, wear-levelling, and efficiency.
We describe DNEFS both abstractly and in the context of the flash file system UBIFS. We propose UBIFSec, which integrates DNEFS into UBIFS. We implement UBIFSec by extending UBIFS’s Linux implementation and we integrate UBIFSec in the Android operating system running on a Google Nexus One smartphone. We show that it is efficient and usable; Android OS and applications (including video and audio playback) run normally on top of UBIFSec. To the best of our knowledge, this work presents the first comprehensive and fully-implemented secure deletion solution that works within the specification of flash memory.
USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.
BibTeX
@inproceedings {180222,
author = {Joel Reardon and Srdjan Capkun and David Basin},
title = {Data Node Encrypted File System: Efficient Secure Deletion for Flash Memory},
booktitle = {21st USENIX Security Symposium (USENIX Security 12)},
year = {2012},
isbn = {978-931971-95-9},
address = {Bellevue, WA},
pages = {333--348},
url = {https://www.usenix.org/conference/usenixsecurity12/technical-sessions/presentation/reardon},
publisher = {USENIX Association},
month = aug,
}
connect with us