Previous [ 1] [ 2] [ 3] [ 4] [ 5] [ 6] [ 7] [ 8] [ 9] [ 10] [ 11] [ 12] [ 13] [ 14] [ 15] [ 16] [ 17] [ 18] [ 19] [ 20] [ 21] [ 22] [ 23] [ 24]

¡@

Journal of Information Science and Engineering, Vol. 27 No. 3, pp. 933-952 (May 2011)

Secure Data Deletion for USB Flash Memory*

BYUNGHEE LEE, KYUNGHO SON, DONGHO WON AND SEUNGJOO KIM+
Information Security Group
Sungkyunkwan University
Gyeonggi-do, 440-746 Korea
E-mail: {bhlee; khson; dhwon}@security.re.kr
+Center for Information Security Technologies
Korea University
Seoul, 136-713 Korea
E-mail: skim71@korea.ac.kr

People commonly use USB flash memory because of its convenience and portability. It stores various data such as documents, pictures, certificates, and private data (e.g., passwords, account numbers). These data, especially private data, should not be revealed to the outside. However, even when the stored data is deleted, these data can be recovered using data recovery programs. To prevent this problem, various techniques have been proposed. In this paper, we review previous methods and analyze the security of these methods. We then propose a secure deletion method that requires only one write or erase operation. Our benchmark study shows the proposed method satisfies government agencies¡¦ requirements for the secure deletion and performs better than the previous methods. The main contribution of this paper is two-fold: (1) we show our method satisfies the government¡¦s recommendations for secure data deletion and (2) our proposed method has better performance than previously proposed method because only one write or write-then-erase operation is performed.

Keywords: flash memory, file recovery, forensic, sanitize, wiping, secure delete

Full Text (¥ş¤åÀÉ) Retrieve PDF document (201105_08.pdf)

Received October 9, 2009; revised July 19 & September 6, 2010; accepted October 25, 2010.
Communicated by Tei-Wei Kuo.
* This work was supported by the IT R&D program of MKE, Korea[Development of Privacy Enhancing Cryptography on Ubiquitous Computing Environment] and also supported by the MKE (Ministry of Knowledge Economy), Korea, under the ITRC (Information Technology Research Center) support program supervised by the NIPA (National IT Industry Promotion Agency) (NIPA-2010-(C1090-1031-0005)).
+ Corresponding author.