SADUS: Secure data deletion in user space for mobile devices

Abstract

Conventional data deletion is implemented for reclaiming storage as a rapid operation. However, the content of the deleted file still persists on the storage medium. Secure data deletion is a task of deleting data irrecoverably from the physical medium. Mobile devices use flash memory as the internal storage. However, flash memory does not support the in-place update which is in direct opposition to efforts to securely delete sensitive data from storage. Previously practical secure deletion tools and techniques are rapidly becoming obsolete, and are rendered ineffective. Therefore, research on secure data deletion approaches for mobile devices has become a practical and urgent issue.In this paper, we study the logic structure and operation characteristics of flash memory, and survey related work on secure data deletion. In addition, we define the adversary capability and threat model, putting forward the design goals that secure data deletion scheme needs to meet. Then an approach in user space that uses the user space file system to provide secure deletion guarantees at file granularity is proposed, independent of the characteristics of the underlying file system and storage medium. The approach encrypting every file on an insecure medium with a unique key that can later be discarded to cryptographically render the data irrecoverable. Moreover, we implement our secure data deletion approach on Android platform named SADUS. Finally, experiments are conducted, and the results indicate that SADUS prototype ensures the secure deletion of data in flash memory on mobile devices with comparable overhead and it can meet the requirements of the users in daily use.