| The popularity of smart mobile devices has changed the way that people deal with their information.Many attractive and innovative smartphone apps obtain a large amount of sensitive information while providing convenience for users.This information has built up a personal digital portrait in the new age of the Internet.Insecure data deletion may reveal large amounts of user information when mobile devices are resold,lost,or stolen.Conventional data deletion is implemented for reclaiming storage as a rapid operation where a file is unlinked,meaning its metadata states that it is no longer present while the content of deleted file still persists on the storage medium.Secure data deletion is a task of deleting data irrecoverably from the physical medium.Mobile devices use flash memory as the internal storage.However,flash memory does not support the in-place update due to the asymmetry between the access and the erase unit,which is in direct opposition to efforts to securely delete sensitive data from storage.Previously practical secure deletion tools and techniques are rapidly becoming obsolete,and are rendered ineffective.Therefore,research on secure data deletion approaches for mobile devices has become a practical and urgent issue.In this paper,we study the logic structure,operation characteristics and data management mechanism of flash memory,and analyze the process of data deletion.The reasons for the failure of data deletion are clarified from the aspects of physical storage,file system and the implementation of Android data deletion function.In addition,we define the adversary capability and threat model,putting forward the design goals that secure data deletion scheme needs to meet.Then an approach in user space that uses the user space file system to provide secure deletion guarantees at file granularity is proposed,independent of the characteristics of the underlying file system and storage medium.The approach encrypting every file on an insecure medium with a unique key that can later be discarded to cryptographically render the data irrecoverable.Trust Zone is used as a secure key vault to ensure the security management of the keys,and the garbage collection mechanism is introduced to purging the memory,reclaiming the discarded flash pages.Moreover,we implement our secure data deletion approach on Android platform named SADUS.Finally,experiments are conducted,and the results indicate that SADUS prototype ensures the secure deletion of data in flash memory on mobile devices with comparable overhead and it can meet the requirements of the users in daily use. |
PDF Full Text Request