In response to regulatory focus on secure retention of electronic records, businesses are using magnetic disks configured as write-once read-many (WORM) compliance storage devices to store business documents such as electronic mail for their mandated retention periods. A document committed to a compliance storage device cannot be altered or deleted even by a superuser until its retention period is over, and hence is secure from attacks originating from company insiders. Secure retention, however, is only a part of a document's lifecycle: it is often crucial to properly delete documents once their retention period ends. It is relatively simple to delete a document, but much harder to remove its index entries from WORM. Yet if these entries are not obliterated, the contents of the deleted document can often be reconstructed.
In this paper, we formally define secure deletion of document entries from an inverted index on compliance storage. We show that previously proposed deletion schemes for compliance storage index entries do not meet the objectives of secure deletion. On the other hand, the naive approach to secure deletion results in very poor query performance. To provide secure deletion of index entries without compromising lookup efficiency, we propose a novel indexing technique that employs noise terms, merged posting lists, and deletion epochs. Experiments with real-life data show that lookups in our scheme are 5 times faster than the naive approach.
[1]
Windsor W. Hsu,et al.
Fossilized index: the linchpin of trustworthy non-alterable electronic records
,
2005,
SIGMOD '05.
[2]
Ian H. Witten,et al.
Managing gigabytes (2nd ed.): compressing and indexing documents and images
,
1999
.
[3]
Marianne Winslett,et al.
Trustworthy keyword search for regulatory-compliant records retention
,
2006,
VLDB.
[4]
Silvio Micali,et al.
Probabilistic Encryption
,
1984,
J. Comput. Syst. Sci..
[5]
Ian H. Witten,et al.
Managing Gigabytes: Compressing and Indexing Documents and Images
,
1999
.
[6]
Marianne Winslett,et al.
Secure deletion from inverted indexes on compliance storage
,
2006,
StorageSS '06.