Date of Award


Document Type

Campus Access Dissertation

Degree Name

Doctor of Philosophy in Computer Science (PhD)

Administrative Home Department

Department of Computer Science

Advisor 1

Bo Chen

Committee Member 1

Jean Mayo

Committee Member 2

Zhenlin Wang

Committee Member 3

Weisong Shi


Safeguarding data confidentiality in modern computing devices is of paramount importance. This protection can be streamlined into two directions: 1) ensuring confidentiality of the data present in the storage media (confidentiality during the data lifetime), and 2) ensuring confidentiality of the data having been deleted (confidentiality after the data lifetime).

Local computing devices like desktops, laptops, and mobile devices are widely used to store and process critical data possessed by users. To protect confidentiality during the data lifetime, encryption is often applied to local devices. However, traditional encryption is not able to defend against coercive attackers. To mitigate this problem, plausibly deniable encryption (PDE) can be utilized. Existing PDE frameworks which are designed for mobile devices are either insecure or impractical. CrossPDE is designed to mitigate the aforementioned issues via intercepting major layers (file system layer, block layer, flash translation layer) of a mobile device. CrossPDE is compatible with the storage architecture of mainstream mobile devices, lightweight as well as user-oriented. CrossPDE is specifically designed for mobile devices using flash memory as external storage, but a general PDE framework which can be deployed on any storage medium (flash memory drive and hard disk drive) is still missing. HiPDS, the first storage hardware-independent plausibly deniable storage system, has been designed. HiPDS can be deployed on both hard disk drives and flash memory devices, safeguarding confidentiality of critical data against multi-snapshot attacks in both external storage and internal memory.

To protect confidentiality of the critical data after their lifetime (i.e., they have been removed from the local devices), we typically rely on secure deletion. However, conventional secure deletion designs for flash memory are unable to manage the `remnants' caused by its unique nature, thus compromising the assurance provided by the secure deletion. To mitigate such an issue, RedFlash, a novel secure deletion scheme which can efficiently remove both the data and the corresponding duplicates on flash memory, has been designed.

With the ever-increasing development of cloud computing, a large amount of critical data have been outsourced to the cloud servers as well. Securely disposing of obsolete data in the public clouds is a challenging problem due to the out-of-control nature of the cloud infrastructures. Existing secure deletion schemes for cloud servers are not able to provide the data owner with a fine-grained data access capability. SDT, a deletion scheme which can securely and efficiently dispose of the data outsourced to the public clouds, has been designed for bridging this gap.

Available for download on Thursday, September 12, 2024