Verified hardware-based erasure of data on distributed systems

摘要

Systems, methods and related processes for securely erasing and/or rendering permanently inaccessible data stored on storage systems securely erased is described. Such storage systems may, in some aspects, integrate hardware capable of secure erasure. In some aspects, a cryptographically-based system is utilized.

主权项

1. A computer-implemented method for modifying access to data, comprising:
implementing, by a computer system, a storage system comprising a secure storage device; upon receiving, from a customer entity, a first request associated with an authorization of the customer entity to enable verifiable erasure of the data stored on the storage system, at least:
allocating a portion of the secure storage device to the customer entity;moving existing data from another storage space of the storage system to the allocated portion of the secure storage device, the existing data generated by the client entity prior to the request; andstoring additional data on the portion of the secure device, the additional data generated by the client entity subsequent to the request; upon receiving a second request to change the additional data and the existing data to be permanently inaccessible, at least determining whether the second request can be fulfilled within a predetermined length of time, the second request automatically generated based at least in part on the customer entity being disconnected from the allocated portion of the secure storage device; if the second request can be fulfilled within the predetermined length of time, at least:
submitting an erasure command to the secure storage device, the erasure command causing the secure storage device to change the additional data and the existing data stored on the portion of the secure storage device to be permanently inaccessible; andsubmitting information to the customer entity that at least indicates that the additional data and the existing data are permanently inaccessible; and if the second request cannot be fulfilled within the predetermined length of time, at least:
queuing the erasure command to the secure storage device such that a next operation executed by the secure storage device comprises the erasure command; andsubmitting information to the customer entity indicating that the erasure command has been queued and the additional data and the existing data are permanently accessible.