1. Field of the Invention
The present invention relates to a computer program product, system, and method for using different secure erase algorithms to erase chunks from a file associated with different security levels.
2. Description of the Related Art
A secure erase algorithm (also referred to as data clearing or data wiping) is a software program that deletes a file by overwriting the file data one or more times with a data pattern to remove any remnants of the data from the storage device to prevent an unauthorized user from accessing the remnants of the deleted data. Permanent data erasure goes beyond basic file deletion commands, which only remove direct pointers to data disk sectors and make data recovery possible with common software tools. Unlike degaussing and physical destruction, which render the storage media unusable, secure erasure removes all information while leaving the disk operable, preserving information technology assets and the environment.
Software-based overwriting uses a software application to write patterns of random meaningless data onto all of a hard drive's sectors. There are key differentiators between data erasure and other overwriting methods, which can leave data intact and raise the risk of data breach or spill, identity theft and failure to achieve regulatory compliance. Many data eradication programs also provide multiple overwrites so that they support recognized government and industry standards.
Secure erasure algorithms that perform multiple passes of the overwrite operation require additional computational resources to perform the multiple overwrites.
Further, different portions of a file may be associated with different security levels. In certain prior art file servers, the file server may analyze security levels assigned to chunks (comprising consecutive blocks in the file) or sections of a file, and then select storage devices commensurate with the security levels assigned to the chunks to store the chunks so that chunks of a file are dispersed in different storage devices based on the security levels of the chunks. For instance, file chunks with high security requirements can be stored on storage device with built-in encryption while file chunks with normal security requirement can be stored on Just Bunch of Disks (JBODs) or array controllers.
There is a need in the art for improved techniques for implementing a secure erase operation for a file.