Florida State University Libraries Electronic Theses, Treatises and Dissertations The Graduate School 2012 Per-File Full-Data-Path Secure Deletion for Electronic Storage Sarah M. (Sarah Marie) Diesburg Follow this and additional works at the FSU Digital Library. For more information, please contact [email protected] THE FLORIDA STATE UNIVERSITY COLLEGE OF ARTS AND SCIENCES PER-FILE FULL-DATA-PATH SECURE DELETION FOR ELECTRONIC STORAGE By SARAH M. DIESBURG A Dissertation submitted to the Department of Computer Science in partial fulfillment of the requirements for the degree of Doctor of Philosophy Degree Awarded: Fall Semester, 2012 Sarah M. Diesburg defended this Dissertation on October 31, 2012. The members of the supervisory committee were: An-I Andy Wang Professor Directing Dissertation Steven Bellenot University Representative Theodore Baker Committee Member Mike Burmester Committee Member Lois Hawkes Committee Member The Graduate School has verified and approved the above-named committee members, and certifies that the dissertation has been approved in accordance with university requirements. ii I dedicate this dissertation to my husband, Brad, and my parents for their love, support, and encouragement. I also dedicate this work to those everywhere who fight to protect personal privacy. iii ACKNOWLEDGEMENTS I would like to thank my graduate advisor, Andy Wang, for his insightful discussions, support, and guidance throughout my graduate research and teaching career. You have shown by example how to not only produce top-notch research, but also how to be a good teacher, speaker, and writer. I would also like to thank my undergraduate advisor, Paul Gray, for lighting the fire that has inspired my research. I would never have reached this point if it had not been for your contagious passions for technology and education and the research opportunities you gave me. In addition, I would like to thank the members of my dissertation committee. Lois Hawkes has provided indispensable guidance in both navigating graduate school and my technical work. Ted Baker, Mike Burmester, and Steve Bellenot have also provided valuable feedback on my work and have helped me to push my research to a higher standard. Other students have made contributions to this work. In particular, I would like to thank both Chris Meyers and Mark Stanovich for their direct contributions to this research. Michael Mitchell, Justin Marshall, and Julia Gould have also made contributions. Research is a group effort, and I enjoyed the time I spent with all of you discussing ideas and implementations. I would like to acknowledge the grants and scholarships that have made this research possible. This work has been sponsored by NSF CNS-0845672/CNS-1065127, DoE P200A060279, Philanthropic Educational Organization, and Florida State University. The content of this dissertation is largely drawn from papers published in the proceedings of the 4th ACM International Workshop on Storage Security and Survivability [13] and the proceedings of the 28th Annual Computer Security Applications Conference [12], as well as a journal survey article published in ACM Computing Surveys [14]. I would like to thank Geoff Kuenning, Peter Reiher, and anonymous reviewers for their comments on improving the publications, and indirectly, the quality of this dissertation. On a personal note, I would like to thank Brad Diesburg for his love and support, especially during the more stressful times. My parents have always encouraged me to shoot for the stars, and I am thankful for all the sacrifices they made for me. I am thankful to Nichole Lee and Saiju Gangadharan for their friendship and morale support, and I am thankful to John and Karen Burns for providing the wonderful distraction and stress relief of dance. Finally, I would iv like to thank Atomic Coffee and their mocha lattes for helping me get this dissertation completed on time. v TABLE OF CONTENTS List of Tables ............................................................................................................................... viii List of Figures ................................................................................................................................ ix Abstract .......................................................................................................................................... xi 1. INTRODUCTION ...................................................................................................................1 1.1 Legacy Storage-data-path Constraints ...........................................................................3 1.2 Threat Models and Assumptions ...................................................................................4 1.3 Contributions and Impact ...............................................................................................5 2. BACKGROUND .....................................................................................................................7 2.1 Operating System Storage Data Path .............................................................................7 2.1.1 Background ........................................................................................................7 2.1.2 Data Path Challenges .........................................................................................9 2.2 NAND Flash Secure Deletion ......................................................................................10 2.3 Desirable Characteristics for Secure Deletion .............................................................12 3. TRUEERASE DESIGN ........................................................................................................15 3.1 Design Guideline and Overview ..................................................................................15 3.2 User Model...................................................................................................................16 3.2.1 Sensitive Status ................................................................................................17 3.2.2 Name Handling ................................................................................................17 3.2.3 Links ................................................................................................................19 3.3 The Type/Attribute Propagation Module .....................................................................19 3.3.1 Data Structures and Globally Unique IDs .......................................................19 3.3.2 Event Reporting Interface ................................................................................21 3.4 Storage-management Layer Enhancements .................................................................23 3.4.1 NAND Flash ....................................................................................................23 3.4.2 Hard Drive .......................................................................................................25 3.5 Other Design Points .....................................................................................................25 3.6 File System Consistency Properties .............................................................................26 4. TRUEERASE IMPLEMENTATION ...................................................................................29 4.1 User Model...................................................................................................................29 4.2 File System Interactions with TAP ..............................................................................30 4.2.1 File System Background ..................................................................................30 4.2.2 Deployment Model ..........................................................................................31 4.3 Extended Storage-management Layer .........................................................................36 4.3.1 Extended Flash Device Interface .....................................................................36 4.3.2 INFTL Background ..........................................................................................37 4.3.3 INFTL Extensions ............................................................................................40 4.3.4 Hard-drive Extensions .....................................................................................42 4.4 Development Tools ......................................................................................................45 4.4.1 Lightweight Kernel Flash Monitor ..................................................................45 4.4.2 User-space Flash Development Environment ..................................................46 vi 5. VERIFICATION ...................................................................................................................48 5.1 Basic Cases ..................................................................................................................48 5.2 Two-version Programming ..........................................................................................49 6. PERFORMANCE EVALUATION .......................................................................................53 6.1 Flash Chip Properties ...................................................................................................53 6.2 Flash Small File Workload ..........................................................................................56 7. RELATED WORK ................................................................................................................60