Assisted deletion of related content

On primary storage systems content is often replicated, converted or modified, and the users quickly lose control over its dispersal on the system. Deleting content related to a particular project from the system therefore becomes a labor-intensive task for the user. In this paper we present IRCUS, a system that assists the user in securely removing project-related content, but does not require changes to the user's behavior or to any of the system components, such as the file system, kernel or applications. IRCUS transparently integrates within the user's system, operates in user-space and stores the resulting metadata alongside the files. We implemented and evaluated our system and show that its overhead and accuracy are acceptable for practical use and deployment.

[1]  Shan Lu,et al.  Flight data recorder: monitoring persistent-state interactions to improve systems management , 2006, OSDI '06.

[2]  Sushil Jajodia,et al.  Efficiently tracking application interactions using lightweight virtualization , 2008, VMSec '08.

[3]  Leslie Lamport,et al.  Time, clocks, and the ordering of events in a distributed system , 1978, CACM.

[4]  William K. Robertson,et al.  PrivExec: Private Execution as an Operating System Service , 2013, 2013 IEEE Symposium on Security and Privacy.

[5]  Richard J. Lipton,et al.  A Revocable Backup System , 1996, USENIX Security Symposium.

[6]  Byung-Gon Chun,et al.  TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones , 2010, OSDI.

[7]  Kiran-Kumar Muniswamy-Reddy,et al.  Causality-based versioning , 2009, TOS.

[8]  Ethan L. Miller,et al.  Tracking Emigrant Data via Transient Provenance , 2011, TaPP.

[9]  Yang Tang,et al.  CleanOS: Limiting Mobile Data Exposure with Idle Eviction , 2012, OSDI.

[10]  Roxana Geambasu,et al.  Keypad: an auditing file system for theft-prone devices , 2011, EuroSys '11.

[11]  Subbarayan Venkatesan,et al.  Forensic analysis of file system intrusions using improved backtracking , 2005, Third IEEE International Workshop on Information Assurance (IWIA'05).

[12]  Srdjan Capkun,et al.  User-level secure deletion on log-structured file systems , 2012, ASIACCS '12.

[13]  Piotr Indyk,et al.  Similarity Search in High Dimensions via Hashing , 1999, VLDB.

[14]  Daniel Shawcross Wilkerson,et al.  Winnowing: local algorithms for document fingerprinting , 2003, SIGMOD '03.

[15]  David Mazières,et al.  A low-bandwidth network file system , 2001, SOSP.

[16]  Samuel T. King,et al.  Backtracking intrusions , 2003, SOSP '03.

[17]  David Wetherall,et al.  Privacy oracle: a system for finding application leaks with black box differential testing , 2008, CCS.

[18]  Hubert Ritzdorf,et al.  Secure data deletion from persistent media , 2013, CCS.

[19]  Tzi-cker Chiueh,et al.  Design, implementation, and evaluation of repairable file service , 2003, 2003 International Conference on Dependable Systems and Networks, 2003. Proceedings..

[20]  Srdjan Capkun,et al.  SoK: Secure Data Deletion , 2013, 2013 IEEE Symposium on Security and Privacy.

[21]  Landon P. Cox,et al.  TightLip: Keeping Applications from Spilling the Beans , 2007, NSDI.

[22]  Wu-chi Feng,et al.  Forensix: a robust, high-performance reconstruction system , 2005, 25th IEEE International Conference on Distributed Computing Systems Workshops.

[23]  Herbert Bos,et al.  System-Level Support for Intrusion Recovery , 2012, DIMVA.

[24]  Markus Jakobsson,et al.  How to Forget a Secret , 1999, STACS.

[25]  Peter Gutmann,et al.  Secure deletion of data from magnetic and solid-state memory , 1996 .

[26]  William Enck,et al.  Preventing accidental data disclosure in modern operating systems , 2013, CCS.

[27]  Krzysztof Z. Gajos,et al.  Evaluation of Filesystem Provenance Visualization Tools , 2013, IEEE Transactions on Visualization and Computer Graphics.

[28]  Yelena Mejova,et al.  Reuse in the wild: an empirical and ethnographic study of organizational content reuse , 2011, CHI.

[29]  Brian D. Noble,et al.  Using Provenance to Aid in Personal File Search , 2007, USENIX Annual Technical Conference.

[30]  Andrew Tridgell,et al.  Efficient Algorithms for Sorting and Synchronization , 1999 .

[31]  Eyal de Lara,et al.  The taser intrusion recovery system , 2005, SOSP '05.

[32]  Srdjan Capkun,et al.  Secure Deletion on Log-structured File Systems , 2011, ArXiv.

[33]  Bongshin Lee,et al.  Which version is this?: improving the desktop experience within a copy-aware computing ecosystem , 2011, CHI.

[34]  Margo I. Seltzer,et al.  Provenance-Aware Storage Systems , 2006, USENIX ATC, General Track.

[35]  Heng Yin,et al.  Panorama: capturing system-wide information flow for malware detection and analysis , 2007, CCS '07.

[36]  Andrei Z. Broder,et al.  On the resemblance and containment of documents , 1997, Proceedings. Compression and Complexity of SEQUENCES 1997 (Cat. No.97TB100171).

[37]  Alessandro Sorniotti,et al.  Policy-based secure deletion , 2013, IACR Cryptol. ePrint Arch..

[38]  Thomas G. Dietterich,et al.  The life and times of files and information: a study of desktop provenance , 2010, CHI.