Security '01 Abstract
Secure Data Deletion for Linux File Systems
Steven Bauer and Nissanka B. Priyantha, MIT
Security conscious users of file systems require that deleted information and
its associated meta-data are no longer accessible on the underlying physical disk.
Existing file system implementations only reset the file system data structures
to reflect the removal of data, leaving both the actual data and its associated
meta-data on the physical disk. Even when this information has been overwritten,
it may remain visible to advanced probing techniques such as magnetic force
microscopy or magnetic force scanning tunneling microscopy. Our project addresses
this problem by adding support to the Linux kernel for asynchronous
secure deletion of file data and meta-data.
We provide an implementation for the Ext2 file system; other file systems can be accommodated easily.
An asynchronous overwriting process sacrifices immediate security but ultimately
provides a far more usable and complete secure deletion facility. We justify
our design by arguing that user-level secure deletion tools are inadequate in
many respects and that synchronous deletion facilities are too
time consuming to be acceptable to users. Further, we contend that encrypting file
information, either using manual tools or a encrypted file system,
is not a sufficient solution to alleviate the need for secure data
- View the full text of this paper in
The Proceedings are published as a collective work, © 2001 by the USENIX Association. All Rights Reserved. Rights
to individual papers remain with the author or the author's employer.
Permission is granted for the noncommercial reproduction of the complete
work for educational or research purposes. USENIX acknowledges all
trademarks within this paper.
- If you need the latest Adobe Acrobat Reader, you can download it from Adobe's site.
- To become a USENIX Member, please see our Membership Information.