Data processing: database and file management or data structures – Database design – Data structure types
Reexamination Certificate
2000-05-23
2001-11-06
Homere, Jean R. (Department: 2777)
Data processing: database and file management or data structures
Database design
Data structure types
C707S793000, C707S793000
Reexamination Certificate
active
06314437
ABSTRACT:
TECHNICAL FIELD OF THE INVENTION
The present invention relates in general to the field of electronic systems, and more specifically to a method and apparatus for real-time secure file deletion.
BACKGROUND OF THE INVENTION
File management processes executed by operating systems and system applications typically do not implement secure file deletion. For example, in WINDOWS 95, deletion of a file does not make the contents of the file unrecoverable. In fact, it can be a relatively simple process to recover the deleted file. Further, many common software applications such as word processing, e-mail and spreadsheet applications write temporary files during operation. Although these applications typically automatically delete the temporary files, they do so using an insecure file deletion method leaving traces of the files on the hard drive or other storage device. Virtual memory files, such as swap files, also cause a problem in that file fragments are swapped in and out the virtual memory files during operation. The fact that information is thus available on a storage device despite having apparently been deleted generates a security risk that is unacceptable to many individuals and public and private organizations.
One method for alleviating this problem is simply to physically destroy the storage device such that any data stored thereon is unrecoverable. However, this is an understandably expensive and time consuming solution. As an alternative to physical destruction of the storage device, conventional secure file deletion products provide targeted secure file deletion functions. Examples of conventional products include NUKER (available from GENIO USA), MICROZAP (available from NEW TECHNOLOGIES INC.), BURNIT (available from SYNCRONYS SOFTCORP) and SECUREWIN (available from CIPHER LOGICS CORPORATION).
In general, “secure” deletion involves overwriting the appropriate space on the storage device with specified overwrite arrays to obscure the original data. The overwrite arrays can be random or pseudo-random data as well as defined character or data patterns. Further, a series of overwrites can be performed in sequence with different specified arrays to ensure that the data can not be recovered even by destructive analysis of the fixed storage media. Conventional targeted secure deletion products allow a user to select a file for deletion and then securely delete that file. Such products can also allow a user to secure delete all free media space on a storage device. Also, conventional secure delete products may allow a user to secure delete virtual memory files (e.g., swap files).
However, conventional secure file deletion products suffer from a number of problems. One problem is that the targeted nature of the conventional products relies upon user activation of the process. Further, the user only executes the secure deletion process at discrete points in time. Thus, during the period of time between successive executions, the storage device will contain insecurely deleted information, Further, conventional products can be prohibitively time consuming because, to secure a storage device, they have to process the entire device to overwrite all unused storage space.
SUMMARY OF THE INVENTION
In accordance with the present invention, a method and apparatus for real-time secure file deletion are disclosed that provide advantages over previously developed secure file deletion methods and products.
According to one aspect of the present invention, a method and apparatus provide enhancement of file system calls to a file system structure of an operating system. In particular, the file system calls can be enhanced to provide real-time secure file deletion on an ongoing basis. According to the present invention, a file system call that is intended to perform a function with respect to data stored on a storage device is intercepted. It is then determined whether the file system call is of a type that should be processed. If not, the original file system call is passed on through the file system. If the file system call should be processed, supplemental processing is performed to enhance the original file system call and the file system call is transparently returned to the calling system application. In one embodiment, real-time secure file deletion is implemented using a vendor supplied driver (VSD) executing within the installable file system (IFS) of WINDOWS 95.
According to another aspect of the present invention, a method and system are disclosed for real-time secure data deletion in a system having an NTFS file system. Read calls are monitored using a read filter and pointers to NTFS metafiles and page files are recognized and stored. Write calls are monitored using a write filter and real-time secure data deletion of buffers is performed. File creation operations are monitored and real-time secure data deletion of user files is performed when the file is to be overwritten. Further, set information operations are monitored and real-time secure data deletion is performed for truncated, shrunk or deleted user files.
A technical advantage of the present invention is the interception of file system calls such that supplemental file management processes can be performed in a manner transparent not only to the user but also to the operating system.
Another technical advantage of the present invention is that secure file deletion is performed real-time on an ongoing basis transparently to the user of the system. Thus, secure deletion of files on storage devices is accomplished without relying upon periodic actions by the user.
A further technical advantage of the present invention is that, for write calls, overhang of data in the existing file on the storage device is identified and overwritten as part of the real-time secure deletion process.
Another technical advantage is that secure deletion of buffers, user files and other data in a WINDOWS NT file system are automatically handled.
Additional technical advantages should be readily apparent from the drawings, description, and claims.
REFERENCES:
patent: 4996663 (1991-02-01), Nemes
patent: 5265159 (1993-11-01), Kung
patent: 5485613 (1996-01-01), Engelstad et al.
patent: 5689701 (1997-11-01), Ault et al.
patent: 5742818 (1998-04-01), Shoroff et al.
patent: 5761680 (1998-06-01), Cohen et al.
patent: 5765192 (1998-06-01), Berliner
patent: 5808821 (1998-09-01), Davy
patent: 5819298 (1998-10-01), Wong et al.
patent: 5832526 (1998-11-01), Schuyler
patent: 5881229 (1999-03-01), Singh et al.
patent: 5909540 (1999-06-01), Carter et al.
patent: 5991778 (1999-11-01), Starek et al.
patent: 6070174 (2000-05-01), Starek et al.
patent: 0575765A1 (1993-06-01), None
patent: WO 96/07961 (1996-03-01), None
patent: WO 97/26736 (1997-07-01), None
Russinovich et al., Examining the windows 95 Layered File System, http://www.ddj.com, Dec. 1995.*
Inside the Windows NT File System, chapter 2 p. 11-23, Dec. 1995.*
Examining the Windows 95 Layered File Systems, by Mark Russinovich and Bryce Cogswell, Dr. Dobb's Journal, Dec. 1995.
Inside the Windows 95 File System, Stan Mitchell, O'Reilly & Associates, Inc., pp. 124-143; 202-203.
Matlock et al., Microsoft Windows NT step by step, Microsoft Press, pp. 92-94, Jan. 1994.
NTFS obtained via the Internet, http://fuhs.ropnorth.org
etwork/hardware/boot/NTFS.html, Jun. 1999.
Snoop-Proof Your PC obtained from the Internet www.infowar.comp/p.sub.-and.sub.-s/p.sub.—and.sub.-s 022498c printed Dec. 30, 1998, two pages.
Chambers Jason Lee
Friedman George
Marshall David Earl
Moorman Michael J.
Newgard Terry S.
Homere Jean R.
Infraworks Corporation
Robinson Greta L.
Schnader Harrison Segal & Lewis LLP
LandOfFree
Method and apparatus for real-time secure file deletion does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and apparatus for real-time secure file deletion, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and apparatus for real-time secure file deletion will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2586515