Vacuum: Efficient and Assured Deletion Scheme for User Sensitive Data on Mobile Devices

Abstract

Embedded devices (e.g., mobile phones, smart watches, etc.) store a large amount of sensitive information. However, Android-based devices may leak a lot of user information if unsafe data deletion. Therefo re, research on secure data deletion for embedded devices has become a practical and urgent issue. In this article, we study the logic structure, operation characteristics, and data management mechanisms of flash memory. Then, we propose a novel method Vacuum that uses a user-space file system and can provide fine-grained file deletion guarantees. Our approach encrypts files on an insecure medium with a unique key that can later be discarded to cryptographically render the data irrecoverable. Additionally, we use TrustZone as a secure key vault, and a garbage collection mechanism is introduced to purge the memory. Finally, we carried out experiments on the Android system, and the results showed that the solution is efficient and can meet the needs of real applications.