5.4.1. Exemplary lifetime of cloud storage and motivation
Motivation for secure data erasing
When users decides to transfer their data to a cloud storage facility, a SLA (service level agreement) is signed, determining, among other things, what happens to the data after the storage period. Since cloud provider has complete access to the data, there is a risk that he may try to keep private data when the storage period expires. In many cases, both in business practice and literature, it is assumed that a statement in SLA assuring the service provider deletes all their copies of stored data, is sufficient to trust them doing so. Nevertheless one needs to be aware that a dishonest provider may keep the data for their own use. A storage provider has access to all the patterns (or even transcripts) of user's data handling, even encrypted data may be exposed to threat. In order to be fully convinced, service provider has to provide of proof that he has no access to the data previously stored in the cloud.
User Cloud storage Data Data \(\stackrel{\text{store } \texttt{Data}}{\rightarrow} \) NewData=Modify(Data) \( \stackrel{\text{update } \texttt{Data}}{\rightarrow}\) NewData NewData \( \stackrel{\text{delete } \texttt{NewData}}{\rightarrow} \) ?
(from : 1 )
- large share of the security guarantees depends on SLA,
- deletion consists of negating first bit in every byte of the data on one of the cloud servers,
- deletion of copies stored on other servers relies on the provider, who should ''update all copies to the newest version".
There is a patent based on this approach -- US8504532 B2.