1. Field of the Invention
The invention generally relates to computer storage systems and methods of storage retrieval, and more particularly to a system and method for quickly and securely deleting an object from a rewriteable storage device.
2. Description of the Related Art
Data that is written once and seldom retrieved is classified as “Reference Data”. The growth of reference data is increasing at a faster rate than traditional customer data like on-line transaction processing (OLTP) data. In reference storage systems, the customers specify an expiration date for their data. The reference storage system has to ensure that this data cannot be accidentally removed and that the data is physically removed from the storage media after the expiration date. For example, many companies prefer to delete regulatory documents immediately after the government regulated mandatory retention time period.
Reference data can be stored on write-once (WORM) media like DVDs or WORM-tapes, or it can also be stored on non-WORM media like disks and tapes. Physical deletion of data on WORM media usually amounts to the physical destruction of the DVDs or CDs, whereas, physical deletion of data on non-WORM media requires the storage system to over-write the existing data multiple times with random data.
When customers have large amounts of data, the physical deletion of data after the expiration date can take many hours/days (depending upon the amount of data). In many traditional storage systems, when a user requests that an object be deleted from storage, the computer system marks that the space storing the object may be reused, but actually the computer system does not really remove the bits from the media. An investigator or malicious user can use special tools to retrieve data that has been marked for deletion but not yet overwritten. This is a liability for users with sensitive or valuable data.
To guard against the disclosure of data after it has been deleted, the Department of Defense has developed a standard to ensure that detected data is actually unrecoverable. The standard requires that storage used to record data be overwritten when the data is deleted, not simply marked for reclamation. In fact, to ensure that the storage does not contain the magnetic signature of the original data, the standard requires that the storage be overwritten multiple times. While this ensures that the data is securely removed, the cost of removing data is several times the cost of writing data normally.
Another conventional approach is to interleave a file's blocks with one another. Then, securely deleting a subset of the blocks of storage actually destroys data from throughout the file. The problem with this approach is that the rest of the file remains readable. This could allow investigators or malicious users to extract valuable information from the remnants of the data that remain.
However, due to the drawbacks and limitations of the conventional systems and methods there remains a need for a system and method for quickly and securely deleting an object from a rewriteable storage device.