Data Remanence - PowerPoint PPT Presentation

About This Presentation
Title:

Data Remanence

Description:

Brandon Ochs Data remanence is the residual representation of data that has been in some way nominally erased or removed. This residue may be due to data being left ... – PowerPoint PPT presentation

Number of Views:235
Avg rating:3.0/5.0
Slides: 29
Provided by: Brand75
Learn more at: http://www.cs.ucf.edu
Category:

less

Transcript and Presenter's Notes

Title: Data Remanence


1
Data Remanence
  • Brandon Ochs

2
Overview
  • Introduction
  • Causes
  • Countermeasures
  • Complications

3
Introduction
  • Data remanence is the residual representation of
    data that has been in some way nominally erased
    or removed

4
Causes
  • Files may not be deleted immediately
  • Most computers do not remove the contents of a
    file when deleted
  • Enough metadata may be left behind to restore the
    file

5
Metadata
  • Data about data
  • Required of effective data management

6
Countermeasures
  • Clearing requires a lot of effort to recover
  • Purging cannot possibly be recovered

7
Overwriting
  • Overwrite the store device with new data
  • Can be implemented through software
  • Can use different
  • overwrite patterns
  • Takes a lot of time

8
Overwriting Patterns
  • Writing all zeros
  • Alternating ones and zeros
  • Complement or bitwise NOT
  • Some areas of disk may not be accessible

9
Gutmann Method
  • Algorithm for erasing hard drive
  • Write a series of
  • 35 patterns over
  • region
  • Patterns specific
  • to encoding
  • mechanism of
  • drive

10

11
DoD Standards
  • Overwriting no longer acceptable method
  • Degaussing or
  • Physical destruction

12
Degaussing
  • Reduction or removal of a magnetic field
  • May purge the entire device
  • Renders the hard disk inoperable

13
Encryption
  • Encrypting can eliminate data remanence
  • Data may be unrecoverable

14
Physical Destruction
  • Guaranteed to eliminate data remanence if done
    properly
  • Most expensive of the techniques
  • Small fragments may still contain data

15
Physical Destruction Methods
  • Physically breaking the
  • media apart, by grinding,
  • shredding
  • Incinerating
  • Phase transition (liquification
  • or vaporization of a solid disk)
  • Application of corrosive chemicals, such as
    acids, to recording surfaces
  • For magnetic media, raising its temperature above
    the Curie point (1400F for steel, 800F for most
    HDD alloys)

16
Head Crashing
  • Bad Parking
  • Manual power down
  • Modern disks have a
  • retract mechanism

17
Magnets?
  • Consumer-grade magnets dont cut it
  • Strength of magnet required
  • to completely
  • destroy data
  • would bend the
  • platter and casing

18
Guard Dog
  • Developed by Georgia Tech Research Institute
  • uses a 125 pound magnet delivered via hand crank

19
Complications
  • Inaccessible media areas
  • Advanced Storage
  • Systems
  • Optical Media
  • Data in RAM

20
Inaccessible Media Areas
  • Areas may become inaccessible
  • Bad sectors on hard drives
  • Make overwriting ineffective

21
Advanced Storage Systems
  • Make overwriting ineffective
  • Especially hard to overwrite single files
  • Built in revision control
  • May be duplicate data

22
Optical Media
  • Non magnetic
  • Write-once media cannot be overwritten
  • Safest to physically destroy
  • Throw it in the microwave!

23
Data In RAM
  • May retain data at room temperature
  • Data remains longer at low temperatures
  • Partial data greatly
  • reduces search space

24

25
Oscilloscopes
  • Can be used to look at hard drive sectors
  • Write head is not 100 accurate
  • Peaks and valleys
  • become entrenched
  • over time
  • Media not truly digital

26
Conclusion
  • Data is not truly eliminated from media when
    erased
  • Safest way is to physically destroy
  • Oscilloscopes make overwriting unsafe
  • Encryption is relatively strong, but is
    susceptible to recovering data in RAM

27
Questions
  • What is the difference between purging and
    clearing?
  • What are two DoD acceptable methods for
    eliminating data?

28
References
  • Peter Gutmann (July 1996). "Secure Deletion of
    Data from Magnetic and Solid-State Memory".
    Retrieved on 2008-4-08.
  • Sergei Skorobogatov (June 2002). "Low temperature
    data remanence in static RAM". University of
    Cambridge, Computer Laboratory.
  • Media Destruction Guidance. NSA. Retrieved on
    2008-4-08.
Write a Comment
User Comments (0)
About PowerShow.com