Information Theoretic and Statistical Drive Sanitization Models

IF 0.5 Q4 COMPUTER SCIENCE, SOFTWARE ENGINEERING
Jeffrey Medsger, A. Srinivasan, Jie Wu
{"title":"Information Theoretic and Statistical Drive Sanitization Models","authors":"Jeffrey Medsger, A. Srinivasan, Jie Wu","doi":"10.1080/15536548.2015.1045380","DOIUrl":null,"url":null,"abstract":"Current drive sanitization techniques employ little or no intelligence to determine if the area being sanitized, with data overwriting, actually contains sensitive resident data. All data blocks in the target area are sanitized, utilizing brute-force sanitization techniques of one to several wipe passes. In reality, a significant number of drives needing sanitization may contain areas with no sensitive data—or even any data. Consequently, sanitizing such areas is counterintuitive and counterproductive. This article proposes two information-theoretic techniques—ERASE and ERASERS, which utilize an entropy measurement of data blocks for quick and effective drive sanitization. The first technique, ERASE, computes the entropy of each data block in the target area. Subsequently, all data blocks, which have an entropy within the user-specified sensitivity range, are wiped. The second technique, ERASERS, which is an extension of ERASE, employs random sampling to enhance the speed performance of ERASE. To achieve this goal, ERASERS divides the target area into subpopulations, performs random sampling of blocks from each subpopulation, and computes the entropy of each sampled block. If the entropy of any sampled block, within a subpopulation, is within the user-specified sensitive entropy range, the entire subpopulation is wiped.","PeriodicalId":44332,"journal":{"name":"International Journal of Information Security and Privacy","volume":"32 1","pages":"117 - 97"},"PeriodicalIF":0.5000,"publicationDate":"2015-04-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Information Security and Privacy","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1080/15536548.2015.1045380","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"COMPUTER SCIENCE, SOFTWARE ENGINEERING","Score":null,"Total":0}
引用次数: 2

Abstract

Current drive sanitization techniques employ little or no intelligence to determine if the area being sanitized, with data overwriting, actually contains sensitive resident data. All data blocks in the target area are sanitized, utilizing brute-force sanitization techniques of one to several wipe passes. In reality, a significant number of drives needing sanitization may contain areas with no sensitive data—or even any data. Consequently, sanitizing such areas is counterintuitive and counterproductive. This article proposes two information-theoretic techniques—ERASE and ERASERS, which utilize an entropy measurement of data blocks for quick and effective drive sanitization. The first technique, ERASE, computes the entropy of each data block in the target area. Subsequently, all data blocks, which have an entropy within the user-specified sensitivity range, are wiped. The second technique, ERASERS, which is an extension of ERASE, employs random sampling to enhance the speed performance of ERASE. To achieve this goal, ERASERS divides the target area into subpopulations, performs random sampling of blocks from each subpopulation, and computes the entropy of each sampled block. If the entropy of any sampled block, within a subpopulation, is within the user-specified sensitive entropy range, the entire subpopulation is wiped.
信息论和统计驱动消毒模型
当前的驱动器清理技术很少或根本没有使用智能来确定正在清理的区域(数据覆盖)是否实际上包含敏感的驻留数据。利用一到几次擦除的暴力清理技术,对目标区域中的所有数据块进行清理。实际上,需要清理的大量驱动器可能包含没有敏感数据甚至没有数据的区域。因此,对这些区域进行消毒是违反直觉和适得其反的。本文提出了两种信息理论技术- erase和ERASERS,它们利用数据块的熵测量来快速有效地对驱动器进行消毒。第一种技术,ERASE,计算目标区域中每个数据块的熵。随后,在用户指定的灵敏度范围内具有熵的所有数据块被擦除。第二种技术是ERASERS,它是ERASE的扩展,采用随机采样来提高ERASE的速度性能。为了实现这一目标,ERASERS将目标区域划分为子种群,从每个子种群中随机抽取块,并计算每个采样块的熵。如果子种群中任何采样块的熵在用户指定的敏感熵范围内,则清除整个子种群。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
International Journal of Information Security and Privacy
International Journal of Information Security and Privacy COMPUTER SCIENCE, SOFTWARE ENGINEERING-
CiteScore
2.50
自引率
0.00%
发文量
73
期刊介绍: As information technology and the Internet become more and more ubiquitous and pervasive in our daily lives, there is an essential need for a more thorough understanding of information security and privacy issues and concerns. The International Journal of Information Security and Privacy (IJISP) creates and fosters a forum where research in the theory and practice of information security and privacy is advanced. IJISP publishes high quality papers dealing with a wide range of issues, ranging from technical, legal, regulatory, organizational, managerial, cultural, ethical and human aspects of information security and privacy, through a balanced mix of theoretical and empirical research articles, case studies, book reviews, tutorials, and editorials. This journal encourages submission of manuscripts that present research frameworks, methods, methodologies, theory development and validation, case studies, simulation results and analysis, technological architectures, infrastructure issues in design, and implementation and maintenance of secure and privacy preserving initiatives.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信