Sciweavers

SISW
2005
IEEE

File System Design with Assured Delete

14 years 5 months ago
File System Design with Assured Delete
This paper describes a system that supports high availability of data, until the data should be expunged, at which time it is impossible to recover the data. This design supports three types of assured delete; expiration time known at file creation, on-demand deletion of individual files, and custom keys for classes of data. The obvious approach, of course, is to encrypt the data on nonvolatile storage, and then destroy keys at the appropriate times. However, managing ephemeral keys; robustly keeping them for some amount of time, and then reliably destroying every copy, is difficult. We partition the problem so that the burden of ephemeral key management can be outsourced to a minimally trusted third party we refer to as an “ephemerizer”, with negligible performance overhead, resulting in a file system that is easy and inexpensive to manage.
Radia J. Perlman
Added 25 Jun 2010
Updated 25 Jun 2010
Type Conference
Year 2005
Where SISW
Authors Radia J. Perlman
Comments (0)