[144381] in cryptography@c2.net mail archive
Re: Destroying confidential information from database
daemon@ATHENA.MIT.EDU (james hughes)
Thu Apr 30 23:09:38 2009
Cc: james hughes <hughejp@mac.com>, cryptography@metzdowd.com
From: james hughes <hughejp@mac.com>
To: Mads <mads@lsitec.org.br>
In-reply-to: <49B5286B.6040803@lsitec.org.br>
Date: Fri, 01 May 2009 07:53:34 +0800
On Mar 9, 2009, at 10:32 PM, Mads wrote:
>
> I know of procedures and programs to erase files securely from
> disks, Guttman did a paper on that....
>
> What I don't know is how to securely erase information from a
> database.
If the material is that sensitive, and you only want to selectively
delete the information, the only way is to:
1) delete the information from the database using the commercial means,
2) export the database
3) Inspect the exported data to ensure all the sensitive information
is deleted
4) import the database to another storage system.
5) destroy (degauss, wipe) the original storage system.
6) the truly paranoid would destroy the raid controllers also (since
it contains NVRAM)
Not trivial...
Jim
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
