When deleting data in a non-volatile memory device by an operating system (OS) of a host device, there is method of updating only data management information on the OS (updating only metadata of OS file system) without actually erasing the data in the non-volatile memory device. In such a method, when an HDD (Hard Disk Drive) is employed as the non-volatile memory device, the deletion process is not necessarily performed in the non-volatile memory device every time the data is deleted by the OS. The absence of the deletion process leads to improved performance of the operation of the external storage device.
However, according to this method, the deleted data on the OS is recognized as valid data still existing on the non-volatile memory device.
To solve this problem, in recent years, a command protocol in which the OS notifies the non-volatile memory device of memory areas unnecessary for the OS as a deletion notification has been developed. Such data can be then deleted in the non-volatile memory device as well as in the OS file system. However, the data in the memory area in the non-volatile memory device notified by the deletion notification is not necessarily erased by processing the deletion notification and may remain in the non-volatile memory in the non-volatile memory device. Therefore, even if the data is deleted by the user, the data may be restored by breaking down the non-volatile memory device and then analyzing the non-volatile memory therein if the user data has not been encrypted or the encrypted user data has weak cipher strength. As a result, the deleted user data may be stolen by malicious users. In other words, such deletion process is not secure.