Method and apparatus for real-time secure file deletion

A method and apparatus are provided that enhance file system calls to a file system structure of an operating system. In particular, file system calls can be enhanced to provide real-time secure file deletion on an ongoing basis. A file system call that is intended to perform a function with respect to data stored on a storage device is intercepted. It is then determined whether the file system call is of a type that should be processed. If not, the original file system call is passed on through the file system. If the file system call should be processed, supplemental processing is performed to enhance the original file system call and the file system call is transparently returned to the calling system application. In embodiment, real-time secure file deletion is implemented using a vendor supplied driver (VSD) executing within the installable file system (IFS) of WINDOWS 95. Further, a method and system are disclosed for real-time secure data deletion in a system having an NTFS file system. Read calls are monitored using a read filter and pointers to NTFS metafiles and page files are recognized and stored. Write calls are monitored using a write filter and real-time secure data deletion of buffers is performed. File creation operations are monitored and real-time secure data deletion of user files is performed when the file is to be overwritten. Further, set information operations are monitored and real-time secure data deletion is performed for truncated, shrunk or deleted user files.