IPOD2: an irrecoverable and verifiable deletion scheme for outsourced data

Abstract

Abstract To alleviate the burden of data storage and management, there is a growing trend of outsourcing data to the cloud that enables users to remotely manage their data flexibly. However, this shift also raises concerns regarding outsourced data deletion, as users lose physical control over their outsourced data and are unable to verify its proper eradication. To address this issue, cloud service providers are required to provide a scheme that guarantees the effective deletion of outsourced data. Existing schemes, including key management-based and overwriting-based schemes, fail to ensure both the irrecoverability of deleted data and the verifiability of the deletion process. In this paper, we propose IPOD2, an irrecoverable and verifiable deletion scheme for outsourced data. Specifically, IPOD2 utilizes the overwriting-based deletion method to implement outsourced data deletion and extends the Integrity Measurement Architecture to measure the operations in the deletion process. The measurement results are protected by the Trusted Platform Module and verifiable for users. To demonstrate the viability of IPOD2, we implement a prototype of IPOD2 on the Linux kernel 5.4.120. Experimental results show that, compared with the three existing schemes, IPOD2 has the minimum overhead in both deletion and verification processes.