Information Theoretic and Statistical Drive Sanitization Models

Current enterprise drive sanitization techniques employ little or no intelligence to determine if the area being sanitized, with data overwriting, actually contains sensitive resident data. All data blocks in the target area are sanitized, utilizing bruteforce sanitization techniques of one to several wipe passes. In reality, a significant number of drives needing sanitization may contain areas with no sensitive data, or even any data for that matter. Consequently, sanitizing such areas is counter-intuitive and counter-productive. In this paper, we propose two information-theoretic techniques – ERASE and ERASERS, which utilize an entropy measurement of data blocks for quick and effective drive sanitization. Our first technique, ERASE, unlike current brute-force methods, computes the entropy of each data block in the target area. Subsequently, all data blocks, which have an entropy within the user-specified sensitivity range, are wiped. Our second technique, ERASERS, which is an extension of ERASE, employs random sampling to enhance the speed performance of ERASE. To achieve this, ERASERS divides the target area into subpopulations, performs random sampling of blocks from each subpopulation, and computes the entropy of each sampled block. If the entropy of any sampled block, within a subpopulation, is within the user-specified sensitive entropy range, the entire subpopulation is wiped. The random sampling component of ERASERS gives organizations an alternative for a faster wipe, compared to the currently employed brute-force sanitization techniques. We have presented results, which compare the performance of our proposed techniques against the current brute-force technique. In a test, performed on the HFS+ unallocated space of an Apple MacBook Pro, used under real-world conditions, ERASERS averaged a speed improvement of 50.47% over a brute force technique, while retaining an accuracy of 99.84%, when set to a greater than 0 bpB and less than or equal to 8 bpB entropy range.