The IT Law Wiki

Overwrite procedure

32,080pages on
this wiki
Add New Page
Add New Page Talk0

Definitions Edit

An overwrite procedure is

a process that removes or destroys data recorded on a computer storage medium by writing patterns of data over, or on top of, the data stored on the medium.[1]
[a] software process that replaces data previously stored on storage media with a predetermined set of meaningless data or random patterns.[2]
simply means to write patterns of non-sensitive data (usually, simply binary ones and zeros) over the existing data.[3]

An overwrite procedure is "[a] stimulation to change the state of a bit followed by a known pattern."[4]

Data security Edit

"There are overwriting software or hardware products to overwrite storage space on media with non-sensitive data. This process may include overwriting not only the logical storage location of a file(s) (e.g., the file allocation table) but also may include all addressable locations. The security goal of the overwriting process is to replace written data with random data. Overwriting cannot be used for media that are damaged or not writeable. The media type and size may also influence whether overwriting is a suitable sanitization method."[5]

"The method and complexity of the overwriting required may vary depending on the sensitivity of the original data, Typically, this variation takes the form of multiple iterations (or passes) of overwriting, and variations in the patterns of ones and zeros used."[6]

References Edit

  1. This page uses content from the Information Security Guide 2 - Glossary, which is made available under the Creative Commons Attribution License 3.0 Unported.
  2. CNSSI 4009.
  3. Information Technology Data Protection Guideline, at 9.
  4. Department of Defense, National Computer Security Center, Glossary of Computer Security Terms (NCSC-TG-004, Ver. 1) (Oct. 21, 1988).
  5. NIST Special Publication 800-88, at 8.
  6. Information Technology Data Protection Guideline, at 9.

Also on Fandom

Random Wiki