Secure deletion from inverted indexes on compliance storage

Soumyadeb Mitra, M. Winslett
{"title":"Secure deletion from inverted indexes on compliance storage","authors":"Soumyadeb Mitra, M. Winslett","doi":"10.1145/1179559.1179572","DOIUrl":null,"url":null,"abstract":"Recent litigation and intense regulatory focus on secure retention of electronic records have spurred a rush to introduce Write-Once-Read-Many (WORM) storage devices for retaining business records such as electronic mail. A file committed to a WORM device cannot be deleted even by a super-user and hence is secure from attacks originating from company insiders. Secure retention, however, is only a part of a document's lifecycle: It is often crucial to delete documents after its mandatory retention period is over. Since most of the modern WORM devices are built on top of magnetic media, they also support a secure deletion operation by associating expiration time with files. However, for the deleted document to be truly unrecoverable, it must also be deleted from any index structure built over it.This paper studies the problem of securely deleting entries from an inverted index. We first formalize the concept of secure deletion by defining two deletion semantics: strongly and weakly secure deletions. We then analyze some of the deletion schemes that have been proposed in literature and show that they only achieve weakly secure deletion. Furthermore, such schemes have poor space efficiency and/or are inflexibe. We then propose a novel technique for hiding index entries for deleted documents, based on the concept of ambiguating deleted entries. The proposed technique also achieves weakly secure deletion, but is more space efficient and flexible.","PeriodicalId":413919,"journal":{"name":"ACM International Workshop on Storage Security And Survivability","volume":"43 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2006-10-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"16","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"ACM International Workshop on Storage Security And Survivability","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/1179559.1179572","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 16

Abstract

Recent litigation and intense regulatory focus on secure retention of electronic records have spurred a rush to introduce Write-Once-Read-Many (WORM) storage devices for retaining business records such as electronic mail. A file committed to a WORM device cannot be deleted even by a super-user and hence is secure from attacks originating from company insiders. Secure retention, however, is only a part of a document's lifecycle: It is often crucial to delete documents after its mandatory retention period is over. Since most of the modern WORM devices are built on top of magnetic media, they also support a secure deletion operation by associating expiration time with files. However, for the deleted document to be truly unrecoverable, it must also be deleted from any index structure built over it.This paper studies the problem of securely deleting entries from an inverted index. We first formalize the concept of secure deletion by defining two deletion semantics: strongly and weakly secure deletions. We then analyze some of the deletion schemes that have been proposed in literature and show that they only achieve weakly secure deletion. Furthermore, such schemes have poor space efficiency and/or are inflexibe. We then propose a novel technique for hiding index entries for deleted documents, based on the concept of ambiguating deleted entries. The proposed technique also achieves weakly secure deletion, but is more space efficient and flexible.
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
从合规存储上的倒排索引中安全删除
最近的诉讼和对电子记录安全保存的严格监管,促使人们纷纷引进用于保存电子邮件等商业记录的“写一次读多”(WORM)存储设备。提交给WORM设备的文件即使是超级用户也不能删除,因此可以防止来自公司内部人员的攻击。然而,安全保留只是文档生命周期的一部分:在强制保留期限结束后删除文档通常是至关重要的。由于大多数现代WORM设备都建立在磁性介质之上,因此它们还通过将过期时间与文件关联来支持安全删除操作。但是,要使被删除的文档真正不可恢复,还必须将其从构建在其上的任何索引结构中删除。研究了倒排索引中安全删除条目的问题。我们首先通过定义两种删除语义来形式化安全删除的概念:强安全删除和弱安全删除。然后,我们分析了文献中提出的一些删除方案,并表明它们只能实现弱安全删除。此外,这种方案的空间效率很差和/或缺乏灵活性。然后,我们提出了一种隐藏已删除文档索引项的新技术,该技术基于已删除项的歧义概念。该技术也实现了弱安全删除,但具有更高的空间效率和灵活性。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
自引率
0.00%
发文量
0
期刊最新文献
Secure data deduplication Improving secure long-term archival of digitally signed documents Efficient integrity checking of untrusted network storage Testable commitments When cryptography meets storage
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1