Secure Deletion Primitive

We start this series of articles about the primitives developed in TREDISEC project with Secure Deletion.

The key feature of the Secure Deletion primitive is to allow users to retain more control over their data. Once a user decides to securely delete data, it is irrecoverably deleted. Thereby, secure deletion provides privacy and compliance with existing data retention laws. We provide a new multi-user secure deletion solution.

Previous work has already studied secure deletion for different media and in different scenarios. Initially, secure deletion was studied for local storage media, such as classical hard drives. Later, due to the advances in technology, the focus shifted to flash-based storage media and as cloud storage became more popular, appropriate secure deletion solutions were devised. However, to the best of our knowledge all of these solutions are single-user or single-device solutions. Our solution provides secure deletion on collaborative cloud storage for one or more users using one or more devices.

In this diagram we can see how our solution has been depicted.

The group members want to collaboratively use the cloud storage, i.e. they want to upload, download, modify and delete files. In our solution we assume that the group members trust each other and are therefore not malicious. Each member uses its client app, that was previously configured by the administrator. The client app then translates the basic users commands into appropriate actions. If a user uploads a file, the client app securely encrypts it, stores the encrypted file on the cloud storage and informs the other members about the encryption key so that the cloud does not learn anything about the encryption key. Through a careful handling of the key over the file’s lifetime, secure deletion can be achieved.

Today, many companies use cloud storage for different tasks, as it allows fast and efficient collaboration between employees. Based on our solution, more advanced cloud applications can be developed that provide secure deletion. Note, that due to data privacy regulation, such a secure deletion solution is a necessity for many companies, if they want to leverage the cloud advantages.