Policy-based File Assured Deletion >Each file is associated with a data key and a file access policy >Each policy is associated with a control key >All control keys are maintained by a key manager >When a policy is revoked,its respective control key will be removed from the key manager 16
16 Policy-based File Assured Deletion � Each file is associated with a data key and a file access policy � Each policy is associated with a control key � All control keys are maintained by a key manager � When a policy is revoked, its respective control key will be removed from the key manager
Policy-based File Assured Deletion >Main idea: File protected with data key Data key protected with control key data key control key File is maintained by the key manager 17
17 Policy-based File Assured Deletion �Main idea: • File protected with data key • Data key protected with control key File data key control key is maintained by the key manager
