Oblivious data structures: applications to cryptography
STOC '97 Proceedings of the twenty-ninth annual ACM symposium on Theory of computing
ACM Computing Surveys (CSUR)
Anti-presistence: history independent data structures
STOC '01 Proceedings of the thirty-third annual ACM symposium on Theory of computing
File size distribution on UNIX systems: then and now
ACM SIGOPS Operating Systems Review
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Strongly History-Independent Hashing with Applications
FOCS '07 Proceedings of the 48th Annual IEEE Symposium on Foundations of Computer Science
History-Independent Cuckoo Hashing
ICALP '08 Proceedings of the 35th international colloquium on Automata, Languages and Programming, Part II
Uniquely represented data structures with applications to privacy
Uniquely represented data structures with applications to privacy
B-Treaps: A Uniquely Represented Alternative to B-Trees
ICALP '09 Proceedings of the 36th International Colloquium on Automata, Languages and Programming: Part I
Super-efficient aggregating history-independent persistent authenticated dictionaries
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
History-independence: a fresh look at the case of R-trees
Proceedings of the 27th Annual ACM Symposium on Applied Computing
A File Is Not a File: Understanding the I/O Behavior of Apple Desktop Applications
ACM Transactions on Computer Systems (TOCS)
Deterministic history-independent strategies for storing information on write-once memories
ICALP'07 Proceedings of the 34th international conference on Automata, Languages and Programming
SP '13 Proceedings of the 2013 IEEE Symposium on Security and Privacy
Ficklebase: Looking into the future to erase the past
ICDE '13 Proceedings of the 2013 IEEE International Conference on Data Engineering (ICDE 2013)
Hi-index | 0.00 |
Ensuring complete irrecoverability of deleted data is difficult to achieve in modern systems. Simply overwriting data or deploying encryption with ephemeral keys is not sufficient. The mere (previous) existence of deleted records impacts the current system state implicitly at all layers. This can be used as an oracle to derive information about the past existence of deleted records. Yet there is hope. If all system layers would exhibit history independence, such implicit history-related oracles would disappear. However, achieving history independence efficiently is hard due to the fact that current systems are designed to heavily benefit from (data and time) locality at all layers through heavy caching, and existing history independent data structures completely destroy locality. In this work we devise a way to achieve history independence while preserving locality (and thus be practical). We then design, implement and experimentally evaluate the first history independent file system (HIFS). HIFS guarantees secure deletion by providing full history independence across both file system and disk layers of the storage stack. It preserves data locality, and provides tunable efficiency knobs to suit different application history-sensitive scenarios.