Implementing Erasure Policies Using Taint Analysis
Security or privacy-critical applications often require access to sensitive information in order to function. But in accordance with the principle of least privilege - or perhaps simply for legal compliance - such applications should not retain said information once it has served its purpose. In such scenarios, the timely disposal of data is known as an information erasure policy. This paper studies software-level information erasure policies for the data manipulated by programs. The paper presents a new approach to the enforcement of such policies. The authors adapt ideas from dynamic taint analysis to track how sensitive data sources propagate through a program and erase them on demand.