1. Field of the Invention
The present invention is related to methods for deleting file data, in particular, to permanent deletion of files without possibility of restoration.
2. Description of the Related Art
Typically, user data is stored on a rewritable storage. In case of a PC, rewritable data storage is implemented on a hard magnetic disk (i.e., HDD) or as a Flash memory (i.e., SSD storage). These storage devises are currently used in all computers. In addition to writing and reading user data in and out of a data storage an important issue is deleting the data when it is no longer needed by the user.
In Windows and DOS systems, files are deleted by standard OS means. Typically, a file is deleted from a list of files located on a disk. Then, clusters used for the file are marked as free. However, the clusters used for storing the file are not physically cleaned. In NTFS file system, MFT cell containing file-related metadata is also not cleaned out. Therefore, the deleted file becomes invisible, but data related to this file remains on the storage for some time.
While the file-related data remains on a hard disk, the space occupied by the deleted file is available for writing new data into it. When a new data is written into the space occupied by the data related to the deleted file, the file is lost and cannot be restored. In case of formatting of a logical disc, when a file is deleted, a table of file locations is recreated. New location table indicates that the disk is empty in the areas previously occupied by the deleted file.
However, file-related data at these locations is intentionally not erased. If this data is not overwritten by new data after formatting, the data of the deleted file can be recovered by special applications. When logical partitions are deleted (or created), a new partition table is created. New disks are considered empty, while old data mostly remains in its locations on the disks. However, this data cannot be accessed by standard OS means.
The data on the hard disk can be restored by special utilities that implement sector-by-sector read of a storage device analyzing logical structures of the disk. Thus, lost file data can be found and retrieved. In case when all file-related metadata is lost, special utilities can analyze suspected file content read from the disk. For example, some files (images, documents, etc.) have specific headers. This allows for recovering these files without any data about location and size of the file.
Currently, mobile storage devices, such as USB Flash Drives and various memory sticks or cards are widely used. When one of these devices is sold or given from one user to another, a user can unintentionally provide some of his personal data that still remains on the mobile storage device after the files have been deleted.
However, an ability to recover accidently deleted data is very important. At the same time the ability to recover deleted data by people with malicious intents can have a very negative impact. This is especially true as it comes to trade secrets, financial data, passwords, etc.
In order to permanently delete a file and to make sure that this file will not be recovered, special applications called “shredders” are employed. All existing shredders work in a similar manner. File content is erased (i.e., overwritten) by some senseless data, such as, for example, by zeros or by random byte sequences. There are several algorithms used for erasing of data. These algorithms differ by a number of passes over the file data and by a type of data written over the file data.
The simpler the algorithm, the less time it requires for deleting data. However, a probability of restoration of data is higher for simple algorithms. Multi-pass erasing of data needs to be used only for hard disks, because after one-pass-deletion sufficient magnetism remains, that allows for restoration of the erased data by employing special methods. Therefore, the more data overwriting cycles are used, the harder it is to restore the file data. Flash drives require just one pass for permanent deletion of data.
Conventional shredders have a number of disadvantages. The shredders cannot automatically choose a data erasing algorithm. A common data erasing algorithm is selected manually by a user. The selected algorithm is used on all types of objects. The user cannot create own algorithms. None of the conventional shredders provide for centralized control.
A system for data deletions is disclosed in U.S. Pat. No. 5,265,159. Deleted information is encrypted and cannot be read even if restored. This system does not overwrite the data. The disadvantage of such system is an encryption key, which can end up in the hands of a party interested in the deleted data. The data can be restored and easily decrypted and read.
U.S. Pat. No. 7,228,379 discloses a system for permanent deletion of a file. The data deletion system is connected to a data storage device. The deletion system sends a command for permanent deletion to the data storage device. Then, zeros or random byte sequences are written on the data storage. Such system has a number of shortcomings. For example, the data deletion system can be connected to the data storage device only via IDE interface. The entire data is erased from the data storage. The data deletion device requires a separate power supply. The system does not provide for selection of data deletion algorithm.
U.S. Pat. No. 7,228,379 discloses a system for permanent deletion of a file data. This system creates a bitmap of blocks, clusters, and sectors of a data storage device. The bitmap contains information about unused blocks, clusters, and sectors of a data storage device that need to be overwritten by random data or deleted by a known permanent deletion algorithm. Then, the bitmap is updated to reflect the overwritten data. However, the disclosed system does not provide for dynamic generation of the deletion algorithm based on parameters of the file being deleted, location of this file and user criteria.
Accordingly, there is a need in the art for a system for effective permanent deletion of files that dynamically employs different deletion algorithms based on objects being deleted.