1. Field of the Invention
The present invention relates to a flash memory device and a method for deleting a flash file, and more particularly, to a flash memory device having a secure file deletion function and a method for securely deleting a flash file.
This work was supported by the IT R&D Program of MIC/IITA [2006-S-039-02, Embedded Secure Operating System Technology Development].
2. Description of the Related Art
In most file systems, metadata for a file is deleted or changed according to a file deletion command, but the data of the file still remains in a physical medium without being deleted. Accordingly, it is possible to recover an erased file. However, in some cases, a user may not desire to recover the erased file. This demand has increased in an embedded system that uses a flash memory as a storage medium.
A method of securely deleting data in a magnetic recording medium has been known. This method uses a method in which another bit pattern is overwritten in data to delete the corresponding data. Specifically, this method includes a process of overwriting random bit patterns in data four times, a process of overwriting predetermined patterns in the data twenty-seven times, and a process of overwriting random bit patterns in the data four times. Accordingly, overwriting is usually performed thirty-five times.
Further, a method of securely deleting data in a magnetic disk has been suggested. In a DoD 5220 22-M method that is used in U.S. DEPARTMENT OF DEFENSE, a process of overwriting an arbitrary bit pattern in data, overwriting a complement of the arbitrary bit pattern in data, and overwriting an arbitrary bit pattern in data is repeated seven times. Accordingly, overwriting is performed twenty-one times.
In order to overwrite data written in a flash memory with another data, a deletion process needs to be first performed. A data deletion process in the flash memory is performed in a block unit and a writing process is performed in a page unit. In general, a block is composed of 32 pages each of which has a size of 512 bytes or 64 pages each of which has a size of 2048 bytes. Since the writing unit is not matched to the deletion unit, a log-structured file system is generally used for a flash file system.
In the log-structured file system, when a file is corrected, a file before correction becomes invalid without being deleted, and file contents after correction are written in a new page. Further, in the log-structured file system, the entire file system is searched to delete an invalid page, thereby realizing secure file deletion.
However, even though the above-described complicated processes are performed to delete data in a magnetic recording medium or a magnetic disk, a magnetic residual image still remains in erased data. Accordingly, even when the corresponding data is deleted using a method of overwriting another bit pattern in data, original data can be extracted using an apparatus capable of detecting marks of the weak magnetic field that still remains in the disk.
Further, the method of securely deleting data according to the related art relates to a magnetic recording medium or a magnetic disk. Accordingly, the method of securely deleting data according to the related art cannot be applied to a method of securely deleting data from a flash memory that is structurally different from the magnetic recording medium.
The method of securely deleting a file in the flash file system, that is, the log-structured file system is inefficient, because the entire file system needs to be searched to delete an invalid page.