Some content of this application is unavailable at the moment.
If this situation persist, please contact us atFeedback&Contact
1. (WO2018141929) METHOD AND SYSTEM FOR VERIFYING A DATA ERASURE PROCESS
Note: Text based on automatic Optical Character Recognition processes. Please use the PDF version for legal matters

CLAIMS

1 . A method of erasing data from a data storage apparatus comprising a memory, the method comprising:

writing a known data pattern to a plurality of known memory locations of the data storage apparatus;

causing the data storage apparatus to perform a data erasure procedure;

reading data stored at the known memory locations after completion of the data erasure procedure;

comparing the read data and the data of the known data pattern; and

determining a verification result based at least in part on the result of the comparison between the read data and the data of the known data pattern.

2. A method according to claim 1 , wherein the data storage apparatus comprises an encrypting data storage apparatus.

3. A method according to claim 1 or 2, wherein at least one of:

a) the plurality of known memory locations of the data storage apparatus are physical locations;

b) the known memory locations of the data storage apparatus are defined using logical block addressing (LBA);

c) the writing and/or reading is performed without using a file system and/or file transfer protocol associated with the memory.

4. A method according to any preceding claim, wherein the data erasure procedure comprises erasing data from substantially all of the addressable memory.

5. A method according to any preceding claim, wherein the data erasure procedure comprises writing a further data pattern to the memory.

6. A method according to claim 5, wherein the further data pattern comprises at least one of: a predefined static pattern, all 1 s, all 0s, a random data pattern, a series of ones and zeroes repeated at least once, for example a 0x55, OxAA or 0x3C series repeated at least once, a series of ones and zeroes repeated periodically, for example a 0x55, OxAA or 0x3C series repeated periodically.

7. A method according to any preceding claim, wherein the data erasure procedure comprises replacing or deleting a key used to encrypt and/or decrypt data.

8. A method according to any preceding claim, comprising providing a positive verification result according to whether a predetermined proportion or amount of the read data and the data of the known data pattern are different.

9. A method according to any preceding claim, comprising providing a positive verification result according to whether all of the read data and the data of the known data pattern are different.

10. A method according to any preceding claim, comprising providing a negative verification result according to whether a predetermined proportion or amount of the read data and the data of the known data pattern are substantially the same.

1 1 . A method according to any preceding claim, comprising:

in response to the providing of a negative verification result:

causing the data storage apparatus to perform the data erasure procedure one or more additional times; and/or

indicating that the data storage apparatus should be destroyed; and/or performing an alternative erasure procedure.

12. A method according to any preceding claim, comprising writing the known data pattern across a predetermined proportion or amount of a total data storage capacity of the data storage apparatus, for example at least 1 %, 2%, 5% or 10% of the total data storage capacity of the data storage apparatus.

13. A method according to claim 12, comprising generating the known data pattern in dependence on the predetermined proportion or amount of the total data storage capacity of the data storage apparatus.

14. A method according to any preceding claim, comprising selecting a plurality of regions of the memory and writing the known data pattern to each of the regions.

15. A method according to claim 14, wherein at least one of:

the plurality of regions of the memory are distributed across the memory;

the plurality of regions of memory are distributed substantially periodically across physical locations in the memory;

the plurality of regions of memory are spaced apart by a selected spacing in physical memory space;

the plurality of regions of the memory may be distributed randomly;

the plurality of regions of the memory may be selected randomly within a given subset of the memory;

the plurality of regions of the memory may be selected by logically slicing the memory into a plurality of equal sized sections with one section for each region and selecting each region of the memory randomly within a corresponding one of the sections;

the plurality of regions of memory are defined using logical block addressing

(LB A).

16. A method according to any preceding claim, wherein:

the known data pattern is reproducible;

the known data pattern comprises a predefined static pattern;

the known data pattern is generated using an algorithm or a formula;

the known data pattern comprises at least two different data values;

the known data pattern comprises a series of ones and zeroes repeated at least once, for example a series of ones and zeroes repeated periodically;

the known data pattern comprises a 0xB5 series repeated at least once, for example a 0xB5 series repeated periodically;

the known data pattern consists of multiple instances of a series of ones and zeroes, for example wherein the known data pattern consists of multiple instances of a 0xB5 series; and/or

the known data pattern is generated using a Random Number Generator (RNG) with a known fixed seed.

17. A method according to any preceding claim, comprising performing a preliminary verification procedure comprising:

determining whether a predetermined proportion or amount of data read from the memory are substantially identical.

18. A method according to claim 17, comprising providing a positive initial verification result if the predetermined proportion or amount of data read from the memory are substantially identical or have consistent values, otherwise providing a negative initial verification result.

19. A method according to claim 17 or 18, comprising:

determining whether the predetermined proportion or amount of the data read from the memory are all binary zeroes or all binary ones or any other consistent pattern that repeats, for example OxCC, OxAA or any other clearly repeating pattern; and

if the predetermined proportion or amount of data read from the memory are binary zeroes or binary ones or any other consistent pattern that repeats, for example all OxCC, OxAA or any other clearly repeating pattern then providing a positive initial verification result, else providing a negative initial verification result.

20. A method according to any of claims 17 to 19, comprising performing the determining of said verification result in response to providing a negative initial verification result.

21 . A method according to any preceding claim, wherein the data storage apparatus is, or comprises, at least one of a Self-encrypting Drive (SED), a Hard Disk

Drive (HDD), a Solid State Drive (SSD), Non-Volatile Memory, flash memory, NAND flash memory, Random Access Memory (RAM), a memory card of any kind, for example a MicroMediaCard (MMC) of any kind such as an embedded MMC (eMMC) card, a Secure Digital (SD) card.

22. A method according to any preceding claim, wherein the data storage apparatus stores or is associated with a data erasure routine specific to the data storage apparatus, optionally implemented in firmware, configured to perform the data erasure procedure, and the method comprises instructing by a data erasure apparatus the performance of the data erasure routine.

23. A method according to any preceding claim, wherein the data storage apparatus comprises at least one of hardware, firmware, and software and the data erasure procedure is defined by at least one of the hardware, firmware, and software of the data storage apparatus.

24. A method according to any preceding claim, comprising connecting the data storage apparatus, or a device containing the data storage apparatus, to an external processing resource, and performing at least one of the writing of the known data pattern, the performing of the data erasure procedure, the reading of the data and the determining of the verification result under control of the external processing resource.

25. A data eraser apparatus configured to:

write a known data pattern across a plurality of known memory locations of a data storage apparatus;

perform, or cause the data storage apparatus to perform, a data erasure procedure;

read data stored at the known memory locations after completion of the data erasure procedure;

compare the read data and the data of the known data pattern; and

determine a verification result based at least in part on the result of the comparison between the read data and the data of the known data pattern.

26. A computer program product comprising computer-executable instructions that are executable to:

write a known data pattern across a plurality of known memory locations of a data storage apparatus;

perform a data erasure procedure at the data storage apparatus;

read data stored at each of the known memory locations after completion of the data erasure procedure; and

compare the read data and the data of the known data pattern; and

determine a verification result based at least in part on the result of the comparison between the read data and the data of the known data pattern.