Abstract: This paper describes an important part of data security - data destruction, including technical principles, the main content classification, development and typical applications.
Keywords: data clear (Data Eraser), data deletion (Data Delete), degaussing (Degausser), data recovery (Data Recovery)
I. Introduction:
With the increasing popularity of computer applications, it has penetrated into all aspects of society; computer security attendant problems has become increasingly prominent. The data security is the core issue of computer security, data encryption, access control, backup and recovery, privacy protection, etc. aspects, all based on the data as an object of protection.
However, government agencies, defense, military, and many have a high degree of security and confidentiality requirements of the unit is also facing: must be completely destroyed when confidential files on your computer to delete, without leaving a trace, can not be recovered, this is data destruction, how the right to destroy data and probably a lot of people do not know.
This article is an article on data destruction, tried to be systematic and comprehensive.
Second, an overview:
With the rapid development of the Internet, hackers can invade complex systems such as the Pentagon and the bureau, also you can easily steal personal privacy and bank account number. Related survey shows that companies steal confidential information and personal privacy act is now becoming more common, and victims often do not perceive. Just think, if not completely delete data on the hard drive, once people with ulterior motives to obtain and use, the consequences can be imagined.
In the increasing emphasis on environmental protection and resource recycling today, it can be recycled computer equipment is also increasing attention of the whole society.
Similarly, some industries, sectors periodically upgrading computer equipment, discarded computers still can most normal use, can be provided to schools in remote areas to use, such as in recent years, a lot of hope primary schools have gradually accepted the donation of second-hand the computer, which has for improving the educational level of the local computer as a direct stimulus, while recycling used computers, protecting the environment; it also brings data security. So some of our very important department had to put out secret computer room, let it gather dust.
In order to protect national security information, to meet the needs of data destruction, rising data security was established in 2001 and gradually establish a comprehensive system of data destruction system, including self-developed software, special equipment, perfect protection mechanism, and become specify a number of classified data security institutions important sector.
Mainstream data destruction technology, there are data deletion, several data clear, physical destruction and so on. Here's one by one in detail.
Third, the data deletion: (the Delete)
Conventional methods remove the disk data are: delete and format. From the implementation and practical effect, both very different.
u 删除 (Delete):
"Delete (Delete)" is the most convenient method for deleting data, such as: "Delete" to delete the system frequently used commands. In fact there is no real data will be deleted from the hard disk, but the index file delete it, let the operating system and user files have been deleted believe, but also to make room to store new data.
This method is the least secure, only to deceive the ordinary user, but it is also well known. Data Recovery can easily recover these missing data, but also a lot of software specifically designed for data recovery.
u format (Format)
"Format" has many different meanings: physical or low-level formatting, operating system format, quick format, format the partition and so on ...
In most cases, the average user format does not affect the use of the data on the hard disk. Formatting is only operating system to create a new empty file index, all sectors marked as "unused" state, so that there is no operating system files on the hard disk.
Therefore, the hard disk is formatted data can be restored, which means unsafe data.
Fourth, the data clear: (Eraser)
Since the disk can be reused after the previous data is overwritten following data, the previous data is reduced the possibility of greatly reduced, with an increase in the number of times of overwriting, the possibility can be reduced will tend to zero, but the more appropriate time expenditure. Required level of security classification corresponds to a different standard, low security classification requirement is a one-time overwrite the entire disk; high security classification requirements shall be overwritten many times more than the rule.
♂ Reference: 5220.22M US Department of Defense DOD's standard;
NATO NATO standards
References essence repeatedly overwriting standard that specifies the number of data coverage, coverage in the form of data.
u override the principle (Overwriting)
Override means use predefined format - meaningless, irregular coverage data previously stored information on the hard disk. This method is not only effective but also operations to destroy data. If the data is "success" completely overwritten, even if only once overwritten, the data can also be considered to be unrecoverable.
Data on the hard disk is a binary "1" and "0" is stored. After completely overwritten will not be able to know the original data is "1" or "0", and also achieve the purpose of clearing data.
u method override:
According to a particular sequence when override, override the software is divided into bitwise override, override Tab, and other random overwrite mode, depending on the time, different security classification requirements, may be used in combination the above modes, reliable professional software should also be clear It supports multiple modes.
u limitations override:
Now, once you can completely override the elimination of data, but also why that standard is required to be repeatedly overwrite it? Since the magnetic signal leaked historical data traces, the traces may be identified by a special professional equipment further recover overwritten data. This is also the reason the relevant standards.
