Providing User Guidance on Erasure Process Selection Based on Accumulated Erasure Reports

Description

FIELD OF THE INVENTION

The present invention relates to data security and particularly to providing means for providing user guidance for performing an erasure process on a device.

BACKGROUND

The following background description art may include insights, discoveries, understandings or disclosures, or associations together with disclosures not known to the relevant art prior to the present invention but provided by the present disclosure. Some such contributions disclosed herein may be specifically pointed out below, whereas other such contributions encompassed by the present disclosure the invention will be apparent from their context.

A data erasure process for a mobile device or other computing device cannot typically be performed fully automatically. Instead, manual user input needs to be provided to erasure client software for it to successfully perform the data erasure process. To be able to provide the necessary user input specifying, for example, the data erasure process to be used, the person managing said process is often required to have supporting documentation available, some prior knowledge and/or expertise regarding different available data erasure processes. Even if the user operating the process is knowledgeable of the data erasure process, human error may still easily occur, especially if multiple processes are run in parallel by the user. Therefore, it would be beneficial in terms of speed and accuracy of the overall process if more automated means for providing the user with device-specific information on the data erasure process would be available.

BRIEF DESCRIPTION OF THE INVENTION

According to an aspect, there is provided the subject matter of the independent claims. Embodiments are defined in the dependent claims.

One or more examples of implementations are set forth in more detail in the accompanying drawings and the description below. Other features will be apparent from the description and drawings, and from the claims.

BRIEF DESCRIPTION OF THE DRAWINGS

In the following the invention will be described in greater detail by means of preferred embodiments with reference to the attached drawings, in which

FIG. 1 illustrates a system according to embodiments;

FIGS. 2 to 5 illustrate processes according to embodiments; and

FIGS. 6 and 7 illustrate apparatuses according to embodiments.

DETAILED DESCRIPTION OF EMBODIMENTS

The embodiments to be discussed below seek to facilitate the process of performing data erasure. Data erasure (equally called data sanitization or data wiping) is a software-based process of overwriting and/or obfuscating data which aims to completely destroy and/or render unrecoverable all electronic data residing on a hard disk drive or other digital media. By overwriting the data on all sectors of the storage device and/or changing the encryption key used to encrypt and decrypt the data, the data is rendered unintelligible. Typically, after the data erasure the storage device still remains operable.

Many different government and industry standards and methods have been created for software-based data erasure such as United States Department of Defence (U.S. DoD) 5220.22-M(ECE) and Communications Security Establishment Canada (CSEC) ITSG-06. The different standards (or methods or processes) differ from each other, for example, in the number of times the data is overwritten (e.g., 1-35 passes may be used), the overwrite pattern used and whether a verification that all the data have been removed is required. The overwrite pattern defines which character (e.g., a one, a zero, a pseudo-random character) is used for overwriting in each pass and it may have varying degrees of randomness depending on the method. To give an example of the operation of an erasure process, the CSEC ITSG-06 erasure process performs data erasure in three passes in the following manner:

Pass 1: Overwriting the data with a zero or a one;

Pass 2: Overwriting the data with the complement of the previously written character (e.g., a one if a zero was used in Pass 1); and

Pass 3: Overwriting the data with a pseudo-random character and verifying the (over)write.

In addition to or as an alternative for overwriting, (data) erasure standards may require issuing one or more firmware sanitization commands to the storage device. These commands aim to cause the storage device to perform one or more data erasure functions built into the storage device itself. Available firmware sanitization commands depend on the technology-specific standards, according to which the storage device is designed.

To give an example of a scenario where firmware sanitization commands may be employed, (data) erasure standards may require the encryption key of an encrypting storage devices to be changed (i.e., cryptographic erasure). This may be achieved by issuing one or more specific firmware sanitization command. As a further example, the encryption key of an encrypting storage device designed according to the AT Attachment (ATA) interface standard may be changed by issuing a Crypto Erase EXT command to the encrypting storage device.

Different (data) erasure processes (following a standard or a method) may be most suitable or expedient for different storage devices. For example, a different number of overwrite passes may be required for different storage media to fully ensure that no data can be recovered later. For example, while a single pass may be considered acceptable for some hard disc drives (HDD), for modern flash based storage devices, such as solid state drives (SSD), multiple passes and/or firmware sanitization commands according to the technology-specific standards may often be required to fully ensure that no data can be recovered using forensic analysis. In some cases, multiple acceptable erasure process options may be available, but their properties for a given computing device or storage device may differ, for example, in terms of probability of success and expected duration of the erasure process. For these reasons, it is preferable that a user of an erasure software is given the option to manually select an erasure process from a plurality of different erasure processes and perhaps even to tune some of the erasure process properties associated with selected erasure process. However, making such a selection requires the user to have supporting documentation available and/or to have considerable personal expertise on the different erasure processes and their suitability for different types of storage media. Making a wrong selection may result in wasted time as multiple overwrite passes are conducted when they are not necessary or in the worst case incomplete or insufficient erasure of the data. The embodiments solve or at least alleviate this problem by offering an automated means for providing device-specific information on the erasure processes available to the user (or at least on some of them) to facilitate the decision-making regarding the erasure process selection.

The erasure processes discussed in relation to embodiments may be any known data erasure (or equally sanitization or wiping) processes (following a standard or a method) for erasing data such that it may no longer be recovered by standard data recovery means. For example, the erasure process used may be of one of the following types (the number of passes required given in parentheses, if specified in the corresponding standard or method): Air Force System Security Instruction 5020 (2 passes), U.S. DoD 5220.22-M(ECE) (7 passes), U.S. DoD 5220.22-M(E) (3 passes), U.S. DoE M 205.1-2, German BSI-2011-VS (4 passes), German BSI-GS (1 pass), German BSI-GSE (2 passes), U.K. CESG CPA-Higher Level (3 passes), Blancco Extended Firmware Based Erasure (3 passes), Blancco Firmware Based Erasure (2 passes), HMG Infosec Standard 5, Higher Standard (3 passes), HMG Infosec Standard 5, Lower Standard (1 pass), National Computer Security Center (NCSC-TG-025) (3 passes), Blancco SSD Erasure, Bruce Schneier's algorithm (7 passes), the Gutmann method, British HMG IS5, Canadian RCMP TSSIT OPS-II, Communications Security Establishment Canada ITSG-06, NAVSO-P-5239-26 (3 passes), Russian GOST R 50739-95, U.S. Army AR380-19, U.S. Navy OPNAVINST 5239.1A (3 passes), NIST SP 800-88 Clear or NIST SP 800-88 Purge, NSA 130-1 (3 passes), HMG Infosec Standard 5, Lower Standard (1 pass), HMG Infosec Standard 5, Higher Standard (3 passes), one random pass and 1-pass zero.

An architecture of a communications system to which embodiments of the invention may be applied is illustrated in FIG. 1. FIG. 1 illustrates a simplified system architecture only showing some elements and functional entities, all being logical units whose implementation may differ from what is shown. The connections shown in FIG. 1 are logical connections; the actual physical connections may be different. It is apparent to a person skilled in the art that the systems also comprise other functions and structures.

FIG. 1 illustrates a system 100 comprising a remote computing system 101 which is connected via a communications network 110 to one or more local systems 120, 130. Each local system 120, 130 comprises at least a first computing device 121 connected via a first interface 126 to a second computing device 124 and via a second interface 127 to the communications network 110 (shown in FIG. 1 only for the local system 120 for simplicity). In some embodiments, the first computing device 121 may be connected via first interfaces 126 to two or more second computing devices 124 simultaneously.

The first computing device 121 is a computing device used for performing a data erasure process (following a standard or a method) for erasing (or equally sanitizing or wiping) data stored to the second computing device 124 (or specifically, to the memory 125 of the second computing device 124) in a controlled manner. To be able to perform said data erasure process, the first computing device 121 may be configured, for example, to access information (e.g., device information) stored to the second computing device 124, send information (e.g., device parameters) to the remote computing system 101 via the communications network 110 using the second interface 127, receive information (e.g., expected erasure process properties and/or other process information) from the remote computing system 101 via the communications network 110 using the second interface 127 and erase information stored to the memory 125 of the second computing device 124 using a specific data erasure process. Moreover, the first computing device 121 may comprise at least one user input device 122 which provides a user of the first computing device 121 means for inputting information, for example, in connection with the data erasure process. The at least one user input device 122 may comprise, for example, a keyboard, a touch screen, a mouse and/or a touch pad. The first computing device 121 further comprises a display 123 through which the user may be able to monitor the data erasure process. The first interface 126 may be used, by the first computing device 121, at least for retrieving device information from the second computing device 124 (or specifically from the memory 125) and performing the data erasure process. The first computing device 121 may be connected via the first interface 126 to the second computing device 124 using a wire or a cable such as a USB (Universal Serial Bus)-to-USB cable, a USB-to-mini-USB cable or a USB-to-micro-USB cable, using a docking station or wirelessly (e.g., via WiFi or Bluetooth). The first computing device 121 may be configured to run dedicated erasure client software for guiding a user or an operator of the first computing device 121 through the erasure process for the second computing device 124.

The second computing device 124 is a computing device comprising a memory 125 which is to be erased using the first computing device 121. The second computing device 124 may comprise altogether one or more memories of which at least one is to be erased (fully or partly). While the first computing device 121 may be actively operated by a user or an operator, the second computing device 124 may be assumed to be only receiving inputs via the first computing device 121 (that is, not via any possible user input devices of the second computing devices 124) during the processes according to embodiments to be discussed in the following.

Each of the first and the second computing device 121, 124 refer to a portable or non-portable computing device (equipment, apparatus). Computing devices which may be employed include wireless mobile communication devices operating with or without a subscriber identification module (SIM) in hardware or in software, including, but not limited to, the following types of devices: desktop computer, laptop, touch screen computer, mobile phone, smart phone, personal digital assistant (PDA), handset, e-reading device, tablet, game console, note-book, multimedia device, sensor, actuator, video camera, car, wearable computer, telemetry appliances, and telemonitoring appliances. The first and second computing devices 121, 124 may be computing device of the same type or of a different type. In a typical non-limiting embodiment, the first computing device 121 may be a desktop computer or a laptop and the second computing device 124 may be a mobile device (e.g., a smart phone, a tablet computer or a laptop). In some embodiments, to the second computing device 124 may be a memory or a storage device, such as a HDD or a SSD. In general, the second computing device 124 may be any computing device comprising at least one memory and which may be electrically connected to the first computing device 121. Said at least one memory may comprise at least one internal memory and/or at least one external memory.

In some embodiments, the first computing device 121 and the second computing device 124 may be parts of a single apparatus or the second computing device 124 may be comprised within the first computing device 121. In other words, the first and second computing devices may be fixed together (as opposed to being easily detachable from each other as discussed earlier). For example, the second computing device 124 may correspond to a memory or a storage device of the first computing device 121.

The communications network 110 may comprise one or more wireless networks, wherein a wireless network may be based on any mobile system, such as GSM, GPRS, LTE, 4G, 5G and beyond, and a wireless local area network, such as Wi-Fi. Furthermore, the communications network 110 may comprise one or more fixed networks and/or the Internet.

The remote computing system 101 is a device configured to receive information (e.g., device information, such as one or more device parameters, characterizing the computing device) regarding second computing devices 124 from first computing devices 121 connected to it via the communications network 110, analyze the received information and send analysis results (e.g., expected erasure process properties characterizing an erasure process and/or other erasure guidance information) to the first computing devices 121 via the communications network 110. The analysis may be carried out specifically by an erasure analysis unit or apparatus of the remote computing system (not shown in FIG. 1) and/or may be based on information stored to an erasure report database 103. The erasure report database 103 may comprise at least information on a plurality of erasure reports describing erasure processes carried out by first computing devices on second computing devices (to be described in detail in relation to further embodiments).

The other erasure guidance information sent to the first computing devices 121 by the remote computing system 101 may comprise statistical information on the erasure processes carried out for a plurality of computing devices. For example, the other erasure guidance information may comprise the probability of occurrence of each erasure process among all erasure processes described in the plurality of erasure reports maintained in the erasure report database. According to an embodiment, the other erasure guidance information comprises the probability of occurrence of the most common erasure process described in the plurality of erasure reports. According to another embodiment, the other erasure guidance information comprises the probability of occurrence of a pre-defined number of most common erasure processes (e.g., the probability of occurrence of the two most common erasure processes). This embodiment provides the advantage that the user may make the selection regarding the erasure process guided by the preferences of previous erasure processes.

The remote computing system 101 may be equally called a remote server or a server as the first computing device 121 and the remote computing system may be seen as forming a client-server relationship. Similarly, the first computing device 121 may be equally called a local client or a client.

The remote computing system 101 may be fully or partly cloud-based, that is, the remote computing system 101 may be or comprise at least one computing cloud. Specifically, the erasure analysis unit and/or the database may be cloud-based. FIG. 2 illustrates signaling, according to embodiments for providing a user with information on one or more (device-specific) expected erasure process properties for at least one erasure process for erasing a memory or part thereof of a second computing device and performing the erasing using a first computing device. The illustrated processes may be carried out using a system 101 of FIG. 1. While the illustrated process (and also the following illustrated processes) are discussed for a first computing device acting on a single second computing device, in other embodiments multiple second computing devices may be handled by the first computing device in a similar manner simultaneously (i.e., in parallel).

According to an embodiment, the first computing device 121 is connected to multiple second computing devices 124 via USB (Universal Serial Bus) interface 126 using a USB hub. This embodiment provides the advantage that the number of USB ports in the first computing device may be fewer than the number of second computing devices handled by the first computing device. According to an embodiment, the USB hub is a 10-port USB hub.

Referring to FIG. 2, it is initially assumed that the remote computing system maintains, in block 201, in an erasure report database information on a plurality of erasure reports describing erasure processes carried out for a plurality of computing device. Each erasure report comprises information on the type of erasure process which was used for erasing a memory or part thereof of a computing device, one or more erasure process properties for the completed erasure process and one or more device parameters characterizing (or defining) the computing device for which the erasure process was carried out. The type of the erasure process may be, for example, one of the types listed above. The one or more erasure process properties of an erasure process may specifically be properties of the erasure process recorded during or after the completion of the erasure process. The one or more erasure process properties in a given erasure report may comprise one or more of a duration of the erasure process and an outcome (i.e., success/failure) of the erasure process. The duration of the erasure process may be provided as the total duration and/or the (average) duration per overwrite pass. Moreover, the type of the erasure process may be considered, alternatively or in addition, as one of said one or more erasure process properties. If the erasure process was a failure, the one or more erasure process properties in the associated erasure report may only comprise information on the failure (i.e., not, for example, information on the duration of the erasure process). The one or more device parameters for a given computing device may comprise, for example, one or more of a manufacturer, a model, a year or date of manufacture, International Mobile Equipment Identity (IMEI), a device identifier other than IMEI, hardware information (e.g., component information) and memory usage. A more comprehensive list of possible erasure process properties and device parameters is provided after the discussion on FIG. 2.

The process for guiding a user in selecting an erasure process for erasing a memory or part thereof of a second computing device starts when a first computing device retrieves, in messages 202, one or more device parameters characterizing the second computing device electrically connected to the first computing device from a memory of the second computing device. According to an embodiment, in addition to retrieving one or more device parameters from a memory of the second computing device, the first computing device also retrieves one or more further device parameters from a remote computing system, where these parameters are maintained in a database. According to an embodiment, said further device parameters are maintained in the same remote computing system where erasure reports are maintained in the erasure report database.

The one or more device parameters may be defined as described above in relation to the contents of an erasure report. The retrieving may specifically comprise sending, by the first computing device, a request for device parameters to the second computing device and in response to receiving the request in the second computing device, retrieving, by the second computing device, the one or more device parameters from a memory of the second computing device and sending them from the second computing device to the first computing device. After the retrieving, in messages 202, the first computing device sends, in message 203, all or some of the one or more device parameters characterizing the second computing device via a communications network to a remote computing system. The all or some of the one or more device parameters may be sent within a separate request for expected erasure process properties for the second computing device and for at least one erasure process or as a part of regular reporting operation of the first computing device. In some alternative embodiments, the second computing device may send one or more of its own device parameters (via the communications network) to the remote computing system. In some embodiments, the retrieving in block 202 may be initiated automatically in response to the second computing device being electrically connected to the first computing device.

In response to receiving, in block 204, the all or some of the one or more device parameters characterizing (or defining) the second computing device from the first computing device via the communications network, the remote computing system compares, in block 204, these received one or more device parameters to device parameters comprised in the plurality of erasure reports maintained in the erasure report database. Specifically, the remote computing system may compare a set of the received one or more device parameters to corresponding sets of one or more device parameters in the plurality of erasure reports to find one or more erasure reports relevant for the second computing device. The comparing may comprise, for example, looking for matches for the one or more device parameters of the second computing device from the plurality of erasure reports. The matches may be required to be full matches and/or close or partial matches (e.g., at least some device parameters match the one or more device parameters of the second computing device or a set of device parameters are correlated with the one or more device parameters of the second computing device to certain degree). The erasure reports with matching device parameters are considered relevant (or applicable or pertinent) for the second computing device as they correspond to the same or similar computing devices as the second computing device. As certain device parameters may not be equally important from the point of view of all erasure processes, the comparing may be conducted differently for different erasure processes. For example, different set of device parameters may be compared and/or different weighting for different device parameters may be applied in the comparing so as to find relevant erasure report(s) for different erasure processes. The comparing procedure according to an embodiment is to be described in more detail in connection with FIG. 3.

Based on the comparing in block 204 or more specifically on one or more erasure process properties of the one or more relevant erasure reports, the remote computing system determines, in block 205, one or more expected erasure process properties and/or other erasure guidance information for each of at least one erasure process (preferably, each of a plurality of erasure processes) for erasing the memory or part thereof of the second computing device. Each set of one or more expected process properties may be specific to the second computing device (and to devices of the same type as the second computing device), that is, they may be device-specific as well as erasure process-specific. One or more expected erasure process properties defining a particular erasure process of said at least one erasure process for the second computing device may comprise, for example, a probability of success of the erasure process (when carried out for that particular computing device) and/or an expected duration of the erasure process (for that particular computing device). The determining of the one or more expected erasure process properties may comprise, for example, analyzing set(s) of erasure process properties associated with the set(s) of one or more device parameters deemed relevant based on the comparing (e.g., being full matches or partial matches) using one or more of statistical analysis methods (e.g., correlation analysis), extrapolation, interpolation, averaging and calculating a median or a mode. The determining of the one or more expected erasure process properties may be carried out separately for each erasure process which is applicable for erasing the memory or part thereof of the second computing device and/or for which relevant erasure reports are available in the erasure report database. For example, the probability of success for a particular erasure process may be evaluated by simply comparing the number of successful erasures to the total number of erasure attempts (i.e., successful or failed erasures) and the expected duration of the erasure process may be evaluated by taking an average of the duration of successful runs of the erasure process. Obviously, only erasure reports deemed relevant based on the comparing should be taken into account in these calculations. The one or more expected erasure process properties may, in addition or alternatively, comprise information on whether the erasure process in question is suitable for the second to computing device (and if not, no other information may be provided).

Once the remote computing system has determined the one or more expected erasure process properties for said at least one erasure process, it sends, in message 206, information on the one or more expected erasure process properties for said at least one erasure process to the first computing device via the communications network. In some embodiments, the remote computing system may further send information on each erasure process for which said one or more expected erasure process properties could not be determined. Said information on each erasure process may comprise simply an indication that the determining of the expected erasure process properties failed and possibly a reason for the failure (e.g., the erasure process being not applicable for erasing the memory or part thereof of the second computing device and/or relevant erasure reports being unavailable in the erasure report database).

The first computing device receives, in block 207, at least the information on the one or more expected erasure process properties and/or other erasure guidance information and subsequently (or consequently) displays, in block 207, said information to a user via a display of the first computing device. By providing the one or more expected erasure process properties for said at least one erasure process to the first computing device and displaying them to the user of the first computing device, the decision making regarding which erasure process to perform for erasing the memory or part thereof of the second computing device using the first computing device is facilitated as the user is able to clearly observe the advantages and disadvantages of each erasure process.

In response to receiving a user input confirming a selection of an erasure process (of said at least one erasure process for which device-specific erasure process information was provided) via a user input device of the first computing device, the first computing device performs, in messages 209, the selected erasure process for erasing the memory or part thereof of the second computing device. The first computing device may also record, in messages 209, erasure process properties for the selected erasure process.

The processes according to embodiments provide the advantage that since device and erasure process-specific information on the expected erasure process properties and/or other erasure guidance information are provided to the user of the first computing device, the user of the first computing device is capable of making more informed and expedient decisions regarding the selection of the erasure process since the decision on the erasure process selection does not depend solely on the expertise of the user. The erasing of memories or parts thereof of second computing devices is thus facilitated.

It should further be noted that while an experienced user of the first computing device (or specifically of the erasure client software running in the first computing device) may be able to provide a rudimentary estimate for at least some of the one or more expected erasure process properties (e.g., probability of success) based on his/her expertise, there may be unforeseen factors affecting at least some of the one or more expected erasure process properties which may be difficult to notice by the user but which may be easily detected by the process according to embodiments. Such unforeseen factors could be, for example, undocumented (or unannounced) memory component variations within seemingly similar devices. Switching the flash memory chip type, for example, could affect the speed at which the memory may be read and written, hence affecting the duration of a data erasure process. The flash memory chip type may be, in this case, one of the device parameters.

In some embodiments, the one or more erasure process properties comprised in each erasure report may comprise one or more of the following: a time stamp for the erasure report, a start time for the erasure process, an end time for the erasure process, a duration of the erasure process, name and/or type of the erasure process used, overwriting rounds (i.e., overwriting passes) used, firmware sanitization commands used, firmware sanitization command rounds used, total erasure rounds used, and an outcome of the erasure process.

In some embodiments, the one or more device parameters retrieved by the first computing device and/or comprised in each erasure report may comprise one or more of the following hardware-related information regarding the device in question: a name of the manufacturer, a name, a model, an identifier for the device, IMEI, a serial number, an internal model, chassis type, a rooting (e.g., rooted/not rooted), a (clock) speed of the processor of the computing device, a manufacturer of the processor of the computing device, a model of the processor of the computing device, and information on at least some of one or more memories of the computing device. Said information on at least some of one or more memories of the computing device may comprise, for example, a name for each or some of one or more memories of the device, capacity for each or some of said one or more memories (given, e.g., in megabytes), type of each or some of said one or more memories, a serial number for each or some of said one or more memories and/or a vendor for each or some of said one or more memories. In some embodiments, the one or more to device parameters retrieved by the first computing device and/or comprised in each erasure report may further comprise one or more of the following software-related information regarding the device in question: a name of the operating system, a version of the operating system, a software used for performing the erasure process and a version of said software used for performing the erasure process. In an exemplary non-limiting embodiment, the one or more device parameters retrieved by the first computing device and/or comprised in each erasure report comprise at least information on the clock speed of the processor of the computing device, a type of each or some of said one or more memories of the computing device and a capacity of each or some of said one or more memories of the computing device. In some embodiments, the one or more device parameters retrieved by the first computing device and/or comprised in each erasure report may comprise the age of the computing device or the effective age of the computing device (evaluated, for example, based on capacity deterioration of battery of the computing device).

FIG. 3 illustrates a process performed by a remote computing system according to an embodiment for providing a user with information on one or more (device-specific) expected erasure process properties for at least one erasure process for erasing a memory or part thereof of a second computing device. The illustrated process is an alternative to the process carried out by the remote computing system in blocks 201, 204, 205 and message 206 of FIG. 2. The illustrated process may be carried out by the remote computing system 101 of FIG. 1. Unless otherwise stated, the definitions given in relation previous embodiments may apply also here.

Similar to FIG. 2, it is initially assumed in block 301 that the remote computing system maintains information on a plurality of erasure reports in an erasure report database. The remote computing system receives, in block 302, information on one or more device parameters characterizing a second computing device from a first computing device via a communications network. Blocks 301, 302 may correspond to blocks 201, 204 (“receive” only) of FIG. 2.

In the embodiment illustrated in FIG. 3, the comparing described in relation to block 204 of FIG. 2 is divided into blocks 303 to 308. In a pre-processing phase, the remote computing system identifies, in block 303, a device category of the second computing device based on the one or more device parameters received from the first computing device. The device category may be one of the device parameters or it may be identified based on the one or more device parameters. The available device categories may comprise, for example, a mobile phone (or a smart phone), a tablet computer, a desktop computer, a laptop, a mass media storage, a smart watch, a digital still camera, a digital video camera, a mobile Internet device, a personal digital assistant (PDA), a handheld game console, a calculator and a personal navigation device or any subset of said categories. In one embodiment, the available device categories are a mobile device, a desktop computer and a laptop.

In some embodiments, the device categories may be defined in a more limited manner. For example, the device categories may be specific to a certain manufacturer, that is, a Samsung smart phone and Apple smart phone may be defined to be different device categories. Similar limitation based on some other device parameter (e.g., memory type or operating system) may be applied in other embodiments.

The remote computing system generates, in block 305, a vector based on at least one of the one or more device parameters for each of at least one erasure process. Each element of each vector may have a numerical value corresponding to a particular feature or features of the second computing device. Said at least one of the one or more device parameters based on which the vector is generated may comprise only device parameters which are considered relevant or significant in terms of the operation of that particular erasure process. Different device parameters may not be equally important for all erasure processes. For example, memory type and size may be significant device parameters for erasure processes that use overwriting while operating system may play a bigger role for cryptographic erasure (or crypto erase) processes that do not employ overwriting. Each element of a vector may correspond directly to a device parameter or it may be generated based on one or more device parameters (e.g., if the device parameter does not have a numeric value and/or if multiple device parameters are used for generating the element).

For example, the second computing device may contain according to its device parameters five storage media which have the following capacities: 1 GB, 2 GB, 3 GB, 4 GB, and 5 GB. From these device parameters, the remote computing system may form a three-element vector [15 5 3], where the first element (15) corresponds to the total size in gigabytes, the second element (5) corresponds to the number of storage media and the third element (3) corresponds to the average size of storage media.

For each of said at least one erasure process, the remote computing system compares, in block 306, the vector associated with the second computing device (and with said erasure process) to one or more corresponding vectors which were generated for one or more computing devices of the plurality of computing devices based on device parameters in the plurality of erasure reports. Here, the one or more computing devices may be specifically computing devices of the same device category as the second computing device. The one or more corresponding vectors may be generated after (or simultaneously with) the generation of the vector for the second computing device. Alternatively, each of the one or more corresponding vectors may have been generated earlier, for example, when expected erasure process properties were determined for performing an erasure process for that particular computing device or when an erasure report for that particular computing device was received by the remote computing system. A single vector or multiple vectors may be defined for each computing device depending on whether an erasure process has been carried out for that particular computing device once or multiple times. Similar to the vector(s) of the second computing device, the one or more vectors for which the vector(s) of the second computing device are compared may also be specific to a particular erasure process.

In some embodiments, the comparing in block 306 may specifically comprise calculating, for each vector of the second computing device associated with a particular erasure process, a value of a distance metric quantifying the difference (or distance) between the vector of the second computing device and corresponding one or more vectors of other computing devices (of the same device category). The distance metric may be the Euclidean distance d which may be calculated using the equation

$d = \sqrt{\sum_{i = 1}^{n} {(q_{i} - p_{i})}^{2}},$

where i is the index, n is the number of elements in each vector, q=[q₁q₂. . . q_n] is the vector of one of the one or more computing devices associated with the plurality of erasure reports and p=[p₁p₂. . . p_n] is the vector of the second computing device. Instead of the Euclidean distance, the difference between two vectors may be quantified using another (distance) metric. For example, a weighted Euclidean distance may be employed. The weighted Euclidean distance d_wmay be defined using the equation

$d_{w} = \sqrt{\sum_{i = 1}^{n} {w_{i} (q_{i} - p_{i})}^{2}},$

where w_iare weighting factors which may be defined independently for each vector element (i.e., for each index i). Different set of weighting factors may be used to for different erasure processes. To give another example, standardized Euclidean distance may also be employed.

Based on the comparing in block 306, the remote computing system determines, in block 307, whether one or more of the one or more vectors associated with the same device category as the second computing device match the vector of the second computing device according to pre-defined criteria. Specifically, the pre-defined criteria may define that a value of the distance metric between the vector of the second computing device and the matching vector should be below a predefined (upper) threshold.

If no matches are found in block 307, the remote computing system may send, in block 311, information on the failure to determine expected erasure process properties to the first computing device via the communications network. In some embodiments, block 311 may be omitted.

If one or more matches according to pre-defined criteria is found (for any erasure process) in block 307, the remote computing system selects, for each of at least one erasure process, one or more erasure reports associated with said one or more matching vectors (matching the vector of the second computing device) as a classification cluster for the second computing device. The classification cluster may be defined separately for each erasure process. The classification cluster for a particular erasure process represents a set of erasure reports whose relevant device parameters match the corresponding device parameters of the second computing device to a sufficiently high degree for that particular erasure process. The classification cluster(s) may correspond to the one or more relevant erasure reports as discussed in relation to block 204 of FIG. 2.

The remote computing system determines, in block 309, one or more expected erasure process properties and/or other erasure guidance information for at least one erasure process (preferably, a plurality of erasure processes) for erasing the memory or part thereof of the second computing device based on erasure process properties described in the one or more erasure reports in the classification cluster. The one or more expected erasure process properties and how they are derived from the erasure process properties in the erasure report database may be defined similar to as described in relation to FIG. 2. In this case however, the determination in block 309 is limited to the classification cluster and may be based on, alternative or in addition to the one or more erasure process properties comprised in each relevant erasure report, to vectors associated with the classification cluster (which were derived based on said one or more erasure process properties).

In some embodiments, the comparing described in relation to blocks 303 to 308 (and/or block 204 of FIG. 2) may be insensitive to different erasure processes. According to such embodiments, the determination of one or more expected erasure process properties described in relation to block 309 (and block 205 of FIG. 2) comprises one or more calculation steps following the comparison. First, the remote computing system may generate a single general vector based on at least one of the one or more device parameters (received from the first computing device) without taking into account each of at least one erasure processes separately as described in relation to block 305. Second, similar to as described in relation to block 306, the general vector may then be compared to one or more corresponding vectors generated for one or more computing devices. Third, similar to as described in relation to block 307, the remote computing system may then select one or more erasure reports associated with matching vectors as a classification cluster for the second computing device. Finally, said calculation step following the comparison may comprise averaging and/or other type of scalar operations (as opposed to vector operations) of the one or more erasure process properties comprised in each relevant erasure report, for example. This embodiment provides the advantage that fewer vectors will have to be generated to determine the one or more expected erasure process properties for each of said at least one erasure process.

Also similar to the embodiment of FIG. 2, once the remote computing system has determined the one or more expected erasure process properties for said at least one erasure process, it sends, in message 310, information on the one or more expected erasure process properties for said at least one erasure process to the first computing device via the communications network.

In some embodiments, the pre-processing described in relation to block 303 (i.e., identifying the device category) may be omitted. Subsequent analysis in blocks 306 to 309 may, in those cases, be carried out irrespective of the device categories associated with the second computing device and the plurality of erasure reports. In other words, instead of analyzing only erasure reports corresponding to the same device category (e.g., a smart phone) as the second computing device, all of the plurality of erasure reports (and corresponding vectors) may be involved in blocks 306 to 309.

FIG. 4 illustrates a process performed by a first computing device according to an embodiment for erasing a memory or part thereof of a second computing device electrically connected to the first computing device guided by information on one or more (device-specific) expected erasure process properties for at least one erasure process provided by a remote computing device. The illustrated process is an alternative to the process carried out by the first computing device in messages 202, 203, 209 and blocks 207, 208 of FIG. 2. The illustrated process may be carried out by the first computing device 121 of FIG. 1. Unless otherwise stated, the definitions given in relation previous embodiments may apply also here.

Referring to FIG. 4, the illustrated process corresponds in many aspects to the processes performed by the first computing device in FIG. 1. Actions pertaining to blocks 401, 402 may be carried out as described in relation to messages 201, 202 of FIG. 2. In response to receiving one or more expected erasure process properties and/or other erasure guidance information for at least one erasure process for erasing the memory or part thereof of the second computing device from the remote computing system via the communications network in block 403, the first computing device displays, in block 410, information on the one or more expected erasure process properties and/or other erasure guidance information for each of said at least one erasure process to a user via a display of the first computing device. The information on the one or more expected erasure process properties for said at least one erasure process may also be stored to a database connected to or comprised in the first computing device. The one or more expected erasure process properties may be defined as described in relation to FIG. 1. In response to failing to receive any expected erasure process properties from the remote computing system in block 403 but receiving information on a failure to determine any expected erasure process properties in block 404, the first computing device displays, in block 405, information on the failure to the user via the display of the first computing device. If neither information is received in blocks 403, 404 (e.g., within a pre-defined time limit), the process may proceed directly to block 406 skipping block 405/410 (i.e., the displaying).

In response to receiving a user input confirming a selection of an erasure process via a user input device of the first computing device in block 406, the first computing device performs, in block 407, the selected erasure process for erasing the memory or part thereof of the second computing device. The first computing device may also record, in block 407, erasure process properties for the selected erasure process. In the ideal case, the user may make the selection regarding the erasure process guided by the one or more expected erasure process properties provided for at least one erasure process. However, if no expected erasure process properties and/or other erasure guidance information were received in block 403, the user may have to make the selection based purely on his/her own expertise. The user may also be allowed to make the selection of the erasure process and initiate the erasure process without having to wait for any (possible) expected erasure process properties to be received.

In response to the selected erasure process concluding, the first computing device generates, in block 408, an erasure report for the erasure process which was carried out for the second computing device. The erasure report may be defined as described above in relation to FIG. 2, that is, it may comprise at least the one or more device parameters of the second computing device and one or more erasure process properties pertaining to the completed erasure process (i.e., recorded for the selected erasure process when it was carried out for the second computing device). The one or more erasure process properties may comprise at least information on the outcome (i.e., a success or a failure) of the erasure process. If the selected erasure process was successful, the first computing device may include in the erasure report, in addition to the information on the outcome of the erasure process, one or more further erasure process properties. The one or more further erasure process properties may comprise at least a duration of the erasure process (e.g., given as total duration of the erasure process and/or duration of the erasure process per pass). In some embodiments, the one or more further erasure process properties may comprise one or more of the erasure process properties listed in relation to FIG. 2. If the outcome of the erasure process was negative, the user may be prompted to repeat the erasure of the memory or part thereof of the second computing device, possibly using another erasure process.

Finally, the first computing device sends, in block 409, the generated erasure report for the completed erasure process to the remote computing system via the communications network.

FIG. 5 illustrates a simple process for maintaining the erasure report database using the remote computing system. The remote computing system may be the remote computing system 101 of FIG. 1 and the erasure report database may the erasure report database 103 of FIG. 1. The illustrated process may be carried out in parallel with the processes of FIGS. 2 and/or 4 pertaining to the remote computing system or a part of said processes.

Similar to previous embodiments, it is initially assumed in block 501 the remote computing system maintains information on a plurality of erasure reports in an erasure report database. In response to receiving an erasure report for an erasure process performed for a second computing device from a first computing device via a communications network in block 502, the remote computing system stores, in block 503, the received erasure report to the erasure report database. In some embodiments, the remote computing system may also send an acknowledgment acknowledging the successful reception of the erasure report.

As the erasure report database is constantly being updated with new erasure reports, the accuracy of the one or more expected erasure process properties provided by the remote computing system to the first computing device (e.g., in message 206 of FIG. 2) increases over time. Therefore, the one or more expected erasure process properties determined for a second computing device (e.g., in block 205 of FIG. 2) may be different depending on when the determining of the one or more expected erasure process properties is performed (that is, depending on how many relevant erasure reports exist in the erasure report database at that time). This way also a release of an updated version (i.e., a hardware revision) of a particular second computing device and dynamic changes in existing second computing devices such as updating to a new version of an operating system (or to a completely new operating system) for a particular second computing device may be taken into account automatically over time. While initially the one or more expected erasure process properties may be determined based on the erasure reports for the previous version of that particular second computing device or of the operating system, once erasure reports concerning the new version of that particular second computing device or of the operating system start being accumulated possible changes in any expected erasure process properties are quickly taken into account in the determining of the expected erasure process properties by the remote computing system.

In some embodiments, the first computing device may be configured to perform any of the processes described in relation to FIGS. 2 to 5 simultaneously for multiple second computing devices electrically connected to the first computing device (that is, the same first computing device).

In the following, an exemplary use case for the embodiments from the point of view of an operator of a first computing device is discussed.

1. Paavo, erasure technician operating a first computing device according to embodiments, receives a batch of mobile phones (i.e., second computing devices according to embodiments) which need to be erased in accordance with an erasure process that fulfils “NIST Purge” level requirements as defined by NIST SP 800-88 R1, Guidelines for Media Sanitization. He sees that the shipment contains dozens of phones with different models from various manufacturers.

2. Paavo moves the shipment of mobile device next to his erasure station (i.e., the first computing device) with erasure client software providing intelligent guidance using a cloud service (i.e., using a remote computing system being specifically a cloud-based system).

3. Paavo starts to plug in devices and sees how the devices show up in the graphical user interface of the erasure station. In the background, a remote cloud service starts to process the devices' data (i.e., the one or more device parameters for each device) to provide him with guidance information that helps him to better schedule his work. He sees that each of the connected mobile phones goes into a pre-processing state (i.e., a device category is identified).

4. After a short time, Paavo sees in the graphical user interface that the expected erasure process properties for the mobile phones are being received from the cloud service. He sees the predicted success rate and estimated erasure time for the different erasure processes (or at least for one or more available erasure processes fulfilling “NIST Purge” level requirements).

5. The estimates provided by the cloud service (i.e., the remote computing system) look promising, except for one mobile phone. The expected erasure process properties for that mobile phone show that the expected erasure duration is unexpectedly long and the predicted success rate is poor.

6. Paavo takes a closer look at the phone's details (e.g., its device parameters) and because of his expertise he instantly notices that it is a part of a known bad patch of phones from a specific manufacturer. He decides that it is not worth handling the phone and discards it from the process.

7. The rest of the batch of mobile phones is good to go, so Paavo starts an erasure process fulfilling the “NIST Purge” level requirements, notes down the estimated completion time and carries on with his other work.

8. When the time is close to the estimated completion time, Paavo returns to the erasure station and sees that every device has finished with a successful completion of the erasure process.

FIG. 6 illustrates an apparatus 601 configured to perform the functions described above in connection with a remote computing system such as remote computing system 101 shown in FIG. 1. The apparatus may be an electronic device comprising electronic circuitries. The apparatus may be a separate network entity or a plurality of separate entities. The apparatus may comprise a control circuitry 620, such as at least one processor, and at least one memory 630 including a computer program code (software) 631 wherein the at least one memory and the computer program code (software) are configured, with the at least one processor, to cause the apparatus to perform any one of the embodiments of the remote computing system described above. The apparatus may comprise at least one database 632 which may comprise at least the erasure report database as described in relation to above embodiments.

The memory 630 may comprise a database 632 which may correspond to the erasure report database, as described in previous embodiments. The memory 630 may also comprise other databases which may or may not be related to the described erasure process estimation functionalities according to embodiments.

Referring to FIG. 6, the control circuitry 620 may comprise at least erasure profiler circuitry 621. The erasure profiler circuitry 621 may be configured, for example, to perform at least some of blocks 201, 204, 205 and message 206 of FIG. 2, blocks 301 to 311 of FIG. 3 and blocks 501 to 503 of FIG. 5.

FIG. 7 illustrates an apparatus 701 configured to perform the functions described above in connection with a first computing device, such as the first computing device 121 of FIG. 1. The apparatus may be an electronic device comprising electronic circuitries. The apparatus may be a separate network entity or a plurality of separate entities. The apparatus may comprise a control circuitry 720 such as at least one processor, and at least one memory 730 including a computer program code (software) 731 wherein the at least one memory and the computer program code (software) are configured, with the at least one processor, to cause the apparatus to perform any one of the embodiments of the first computing device described above. The apparatus 701 may comprise, similar to the first computing device 121 of FIG. 1, a user input device and/or a display (not shown in FIG. 7).

The memory 730 may comprise a database 732 which may comprise, for example, information on one or more device parameters of one or more (second) computing devices electrically connected to the apparatus 701, expected erasure process properties for one or more different combinations of a computing to device (targeted for erasure) and an erasure process and/or one or more erasure reports generated by the apparatus. The memory 730 may also comprise other databases which may or may not be related to the functionalities of the first computing device according to any of presented embodiments.

Referring to FIG. 7, the control circuitry 720 may comprise erasure analysis circuitry 721 configured to provide the first computing device functionalities for retrieving the device parameter(s) of the (second) computing device targeted for erasure and providing analysis results regarding erasure processes for erasing a memory or part thereof of the second computing device to a user based on communication with a remote computing system and generating and sending to the remote computing system erasure reports according to any of presented embodiments. The control circuitry may further comprise erasure circuitry 722 configured to perform the selected erasure process. For example, the erasure analysis circuitry 721 may be configured to perform at least some of messages 202, 203 and/or blocks 207, 208 of FIG. 2 and/or blocks 401 to 406, 408 to 410 of FIG. 4. Moreover, the erasure circuitry 722 may be configured to perform at least messages 209 of FIG. 2 and/or block 407 of FIG. 4. In some other embodiments, the control circuitry 720 may be divided into three or more or only a single individual circuitry.

The apparatuses 601, 701 described in relation to FIGS. 6 and 7 may further comprise (communication) interfaces 610, 710 comprising hardware and/or software for realizing communication connectivity according to one or more communication protocols. The communication interface may provide the apparatuses with communication capabilities to communicate via a communications network and enable communication, for example, in the case of the apparatus 601 of FIG. 6 with one or more (first) computing devices and in the case of the apparatus 701 of FIG. 7 with a remote computing system. In the case of the apparatus 701 of FIG. 7, the communication interfaces 710 may provide a connection to one or more second computing devices, for example, using any means discussed in relation to FIG. 1.

The communication interfaces 610, 710 may comprise standard well-known components such as an amplifier, filter, frequency-converter, (de)modulator, and encoder/decoder circuitries and one or more antennas.

The memories 630, 730 of the apparatuses 601, 701 described in relation to FIGS. 6 and 7 may be implemented using any suitable data storage technology, such as semiconductor-based memory devices, flash memory, magnetic memory devices and systems, optical memory devices and systems, fixed memory and removable memory.

As used in this application, the term “circuitry” may refer to one or more or all of the following: (a) hardware-only circuit implementations (such as implementations in only analog and/or digital circuitry) and (b) combinations of hardware circuits and software, such as (as applicable): (i) a combination of analog and/or digital hardware circuit(s) with software/firmware and (ii) any portions of hardware processor(s) with software (including digital signal processor(s)), software, and memory(ies) that work together to cause an apparatus, such as a mobile phone or server, to perform various functions) and (c) hardware circuit(s) and or processor(s), such as a microprocessor(s) or a portion of a microprocessor(s), that requires software (e.g., firmware) for operation, but the software may not be present when it is not needed for operation.

This definition of circuitry applies to all uses of this term in this application, including in any claims. As a further example, as used in this application, the term circuitry also covers an implementation of merely a hardware circuit or processor (or multiple processors) or portion of a hardware circuit or processor and its (or their) accompanying software and/or firmware. The term circuitry also covers, for example and if applicable to the particular claim element, a base-band integrated circuit or processor integrated circuit for a mobile device or a similar integrated circuit in server, a cellular network device, or other computing or network device.

In an embodiment, at least some of the processes described in connection with FIGS. 2 to 5 may be carried out by an apparatus comprising corresponding means for performing at least some of the described processes. Some example means for performing the processes may include at least one of the following: detector, processor (including dual-core and multiple-core processors), digital signal processor, controller, receiver, transmitter, encoder, decoder, memory, RAM, ROM, software, firmware, display, user interface, display circuitry, user interface circuitry, user interface software, display software, circuit, antenna, antenna circuitry, and circuitry. In an embodiment, the at least one processor, the memory, and the computer program code form (processing) means or comprises one or more computer program code portions for performing one or more operations according to any one of the embodiments of FIGS. 2 to 5 or operations thereof.

The techniques and methods described herein may be implemented by to various means. For example, these techniques may be implemented in hardware (one or more devices), firmware (one or more devices), software (one or more modules), or combinations thereof. For a hardware implementation, the apparatus(es) of embodiments may be implemented within one or more application-specific integrated circuits (ASICs), digital signal processors (DSPs), digital signal processing devices (DSPDs), programmable logic devices (PLDs), field programmable gate arrays (FPGAs), processors, controllers, micro-controllers, microprocessors, other electronic units designed to perform the functions described herein, or a combination thereof. For firmware or software, the implementation can be carried out through modules of at least one chipset (procedures, functions, and so on) that perform the functions described herein. The software codes may be stored in a memory unit and executed by processors. The memory unit may be implemented within the processor or externally to the processor. In the latter case, it can be communicatively coupled to the processor via various means, as is known in the art. Additionally, the components of the systems described herein may be rearranged and/or complemented by additional components in order to facilitate the achievements of the various aspects, etc., described with regard thereto, and they are not limited to the precise configurations set forth in the given figures, as will be appreciated by one skilled in the art.

Embodiments as described may also be carried out in the form of a computer process defined by a computer program or portions thereof. Embodiments of the methods described in connection with 2 to 5 may be carried out by executing at least one portion of a computer program comprising corresponding instructions. The computer program may be in source code form, object code form, or in some intermediate form, and it may be stored in some sort of carrier, which may be any entity or device capable of carrying the program. For example, the computer program may be stored on a computer program distribution medium readable by a computer or a processor. The computer program medium may be, for example but not limited to, a record medium, computer memory, read-only memory, electrical carrier signal, telecommunications signal, and software distribution package, for example. The computer program medium may be a non-transitory medium. Coding of software for performing the embodiments as shown and described is well within the scope of a person of ordinary skill in the art.

Even though the invention has been described above with reference to to an example according to the accompanying drawings, it is clear that the invention is not restricted thereto but can be modified in several ways within the scope of the appended claims. Therefore, all words and expressions should be interpreted broadly and they are intended to illustrate, not to restrict, the embodiment. It will be obvious to a person skilled in the art that, as technology advances, the inventive concept can be implemented in various ways. Further, it is clear to a person skilled in the art that the described embodiments may, but are not required to, be combined with other embodiments in various ways.

It will be obvious to a person skilled in the art that, as the technology advances, the inventive concept can be implemented in various ways. The invention and its embodiments are not limited to the examples described above but may vary within the scope of the claims.

Claims

1. A method comprising: maintaining, in an erasure report database, information on a plurality of erasure reports describing erasure processes carried out for a plurality of computing devices, wherein each erasure report comprises one or more erasure process properties for an erasure process used for erasing a memory or part thereof of a computing device and one or more device parameters characterizing the computing device for which the erasure process was performed;receiving, in a remote computing system, all or some of the one or more device parameters characterizing a second computing device via a communications network from a first computing device;comparing, by the remote computing system, in response to the receiving, the all or some of the one or more device parameters characterizing the second computing device to device parameters maintained in the erasure report database to find one or more erasure reports relevant for the second computing device;determining, by the remote computing system, one or more expected erasure process properties for each of at least one erasure process for erasing a memory or part thereof of the second computing device based on one or more erasure process properties of the one or more relevant erasure reports;sending, by the remote computing system, the one or more expected erasure process properties for said at least one erasure process to the first computing device via the communications network for facilitating decision-making of a user of the first computing device in regards to selecting a suitable erasure process for erasing the memory or part thereof of the second computing device; andstoring, by the remote computing system, in response to receiving an erasure report for an erasure process carried out for the second computing device from the first computing device via the communications network, the erasure report to the erasure report database, wherein the erasure report for the second computing device comprises at least the one or more device parameters characterizing the second computing device and one or more erasure process properties for the erasure process.
2. The method of claim 1, wherein the comparing of the one or more device parameters to device parameters maintained in the erasure report database comprises: generating, for each available erasure process, a vector based on at least one of the one or more device parameters, wherein each element of each vector has a numerical value representing a particular feature of the second computing device defined by a particular device parameter or multiple device parameters; andcomparing, for each available erasure process, the vector associated with the second computing device to one or more corresponding vectors generated for one or more computing devices of the plurality of computing devices based on the device parameters in the plurality of erasure reports.
3. The method of claim 2, wherein the comparing of the one or more device parameters to device parameters maintained in the erasure report database further comprises: identifying a device category of the second computing device based on the one or more device parameters received from the first computing device, wherein the one or more corresponding vectors generated for the one or more computing devices of the plurality of computing devices are selected to be of the same device category as the second computing device.
4. The method of claim 3, wherein the comparing of the one or more device parameters to the device parameters maintained in the erasure report database further comprises: determining, for each available erasure process, whether one or more of the one or more vectors associated with the same device category as the second computing device match the vector of the second computing device according to pre-defined criteria; andin response to one or more matches according to the pre-defined criteria being found, selecting, for each of said at least one erasure process, one or more erasure reports associated with said one or more matching vectors as a classification cluster for the second computing device, wherein the method further comprises:performing, in response to the selecting of the classification cluster, the determining of the one or more expected erasure process properties for each of said at least one erasure process based on erasure reports associated with the classification cluster.
5. The method of claim 4, wherein the comparing of the vector to the one or more corresponding vectors comprises calculating, for each vector of the second computing device associated with a particular erasure process, a value of a distance metric quantifying a difference between the vector of the second computing device and the one or more corresponding vectors and the pre-defined criteria comprise a pre-defined upper threshold for the distance metric.
6. The method according to claim 4, further comprising: in response to determining that none of the one or more vectors associated with the same device category as the second computing device match the vector of the second computing device according to pre-defined criteria for any erasure process, sending, by the remote computing system, information on a failure of determining the one or more expected erasure process properties from the remote computing system to the first computing device via the communications network.
7. The method according to claim 1, wherein the one or more expected erasure process properties for the erasure of the memory or part thereof of the second computing device are determined using one or more of statistical analysis methods, extrapolation, interpolation, averaging and calculating a median or a mode.
8. The method according to claim 1, wherein the first computing device is one of a laptop and a desktop computer and each of the second computing device and the plurality of computing devices is a mobile device.
9. The method according to claim 1, wherein the one or more erasure process properties for the erasure process in each erasure report comprise at least one of: one or more of an outcome of the erasure process and a duration of the erasure process, or the one or more expected erasure process properties for said at least one erasure process comprise, for each of said at least one erasure process, one or more of a probability of success of the erasure process and an expected duration of the erasure process.
10. The method according to claim 1, wherein the one or more device parameters retrieved by at least one of: the first computing device, or the one or more device parameters comprised in each erasure report comprise at least information on a clock speed of a processor of a corresponding computing device, a type of each or some of one or more memories of the corresponding computing device and a capacity of each or some of said one or more memories of the corresponding computing device.
11. A remote computing system comprising means for performing a method according to claim 1.
12. The remote computing system of claim 11, wherein at least one of: the remote computing system is a cloud-based system, or the erasure report database is a cloud-based database.
13. A non-transitory computer readable media having stored thereon instructions that, when executed by a computing device, cause the computing device to perform a method according to claim 1.
14. A method comprising: retrieving, by a first computing device, one or more device parameters characterizing a second computing device electrically connected to the first computing device from a memory of the second computing device;sending, by the first computing device, the one or more device parameters via a communications network to a remote computing system;displaying, by the first computing device, in response to receiving one or more expected erasure process properties for at least one erasure process for erasing the memory or part thereof of the second computing device from the remote computing system via the communications network, information on the one or more expected erasure process properties for said at least one erasure process to a user via a display of the first computing device;performing, by the first computing device, in response to receiving a user input confirming a selection of an erasure process of said at least one erasure process via a user input device of the first computing device, the selected erasure process for erasing the memory or part thereof of the second computing device;generating, by the first computing device, in response to the selected erasure process concluding, an erasure report for the erasure process, wherein the erasure report for the erasure process comprises at least the one or more device parameters of the second computing device and one or more erasure process properties comprising at least an outcome of the erasure process; andsending, by the first computing device, the erasure report to the remote computing system via the communications network.
15. The method of claim 14, wherein the one or more expected erasure process properties for said at least one erasure process comprise, for each of said at least one erasure process, at least one of: one or more of an outcome of the erasure process and a duration of the erasure process, or one or more of a probability of success of the erasure process and an expected duration of the erasure process.
16. A first computing device comprising means for performing a method according to claim 14.
17. The first computing device according to claim 16, wherein at least one of the first computing device is one of a laptop or a desktop computer, or the second computing device electrically connected to the first computing device is a mobile device.
18. A non-transitory computer readable media having stored thereon instructions that, when executed by a computing device, cause the computing device to perform a method according to claim 14.
19. A system comprising: a remote computing system according to claim 11; andone or more first computing devices according to claim 16.
20. The system of claim 19, further comprising: one or more second computing devices, wherein each second computing device comprises at least one memory and is connected electrically to one of the one or more first computing devices.

Priority Claims (1)

Number	Date	Country	Kind
20195138	Feb 2019	FI	national

PCT Information

Filing Document	Filing Date	Country	Kind
PCT/FI2020/050050	1/29/2020	WO	00

Providing User Guidance on Erasure Process Selection Based on Accumulated Erasure Reports

Information

Publication Number

Date Filed

Date Published

Inventors

Original Assignees

CPC

International Classifications

Abstract

Description

Claims

Priority Claims (1)

PCT Information