SYSTEM AND METHOD FOR WIPING ENCRYPTED DATA ON A DEVICE HAVING FILE-LEVEL CONTENT PROTECTION
First Claim
1. A computer-implemented method of erasing user data stored in a file system, the method causing a computing device to perform steps comprising:
- destroying all key bags containing encryption keys on a device having a file system encrypted on a per file and on a per class basis;
erasing and rebuilding at least part of the file system associated with user data; and
creating a new default key bag containing encryption keys.
1 Assignment
0 Petitions
Accused Products
Abstract
Disclosed herein are systems, methods, and non-transitory computer-readable storage media for erasing user data stored in a file system. The method includes destroying all key bags containing encryption keys on a device having a file system encrypted on a per file and per class basis, erasing and rebuilding at least part of the file system associated with user data, and creating a new default key bag containing encryption keys. Also disclosed herein is a method of erasing user data stored in a remote file system encrypted on a per file and per class basis. The method includes transmitting obliteration instructions to a remote device, which cause the remote device to destroy all key bags containing encryption keys on the remote device, erase and rebuild at least part of the file system associated with user data, and create on the remote device a new default key bag containing encryption keys.
-
Citations
25 Claims
-
1. A computer-implemented method of erasing user data stored in a file system, the method causing a computing device to perform steps comprising:
-
destroying all key bags containing encryption keys on a device having a file system encrypted on a per file and on a per class basis; erasing and rebuilding at least part of the file system associated with user data; and creating a new default key bag containing encryption keys. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A system for erasing user data stored in a file system, the system comprising:
-
a processor; a first module controlling the processor to destroy all key bags containing encryption keys on a device having a file system encrypted on a per file and on a per class basis; a second module controlling the processor to erase and rebuild at least part of the file system associated with user data; and a third module controlling the processor to create a new default key bag containing encryption keys. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A non-transitory computer-readable storage medium storing instructions which, when executed by a computing device, cause the computing device to erase user data stored in a file system, the instructions comprising:
-
destroying all key bags containing encryption keys on a device having a file system encrypted on a per file and on a per class basis; erasing and rebuilding at least part of the file system associated with user data; and creating a new default key bag containing encryption keys. - View Dependent Claims (14, 15, 16, 17, 18)
-
-
19. A system for erasing user data stored in a remote file system, the system comprising:
-
a processor; a first module controlling the processor to transmit obliteration instructions to a remote device, the obliteration instructions causing the remote device to perform steps comprising; destroying all key bags containing encryption keys on the remote device, wherein the remote device has a file system encrypted on a per file and on a per class basis; erasing and rebuilding at least part of the file system associated with user data; and creating on the remote device a new default key bag containing encryption keys. - View Dependent Claims (20, 21, 22)
-
-
23. A computer-implemented method of erasing user data stored in a remote file system, the method causing a computing device to perform steps comprising:
transmitting obliteration instructions to a remote device, the obliteration instructions causing the remote device to perform steps comprising; destroying all key bags containing encryption keys on the remote device, wherein the remote device has a file system encrypted on a per file and on a per class basis; erasing and rebuilding at least part of the file system associated with user data; and creating on the remote device a new default key bag containing encryption keys. - View Dependent Claims (24, 25)
Specification