NAND flash memory-based IoT device can potentially still leave behind original personal data in an invalid area even if the data has been deleted. In this paper, we raise the forensic issue of original data remaining in unmanaged blocks caused by NAND flash memory and introduce methods for secure deletion of such data in the invalid area. We also propose a verification technique for secure deletion that is performed based on cell count information, which refers to the difference in bits between personal data and data stored in the block. The pass/fail of the verification technique according to the cell count information is determined in consideration of error correction capabilities. With the forensic issue of de-identification being a vital theme in the big data industry, the threat of serious privacy breaches coupled with our proposal to prevent these attacks will prove to be critical technological necessities in the future.
翻译:在本文件中,我们提出了由NAND闪存造成原数据留在未管理区块中的法证问题,并提出了在无效区安全删除此类数据的方法;我们还提出了基于细胞清点信息的安全删除核查技术,该技术指的是个人数据和储存在区块中的数据之间的比特差异;根据细胞清点信息进行的核查技术的出入/失灵取决于错误校正能力;由于去辨问题是大数据行业的一个重要主题,严重隐私侵犯的威胁,加上我们防止这些攻击的建议,今后将证明是关键的技术需要。