Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

A  |  B  |  C  |  D  |  E  |  F  |  G  |  H  |  I  |  J  |  K  |  L  |  M  |  N  |  O  |  P  |  Q  |  R  |  S  |  T  |  U  |  V  |  W  |  X  |  Y  |  Z

SANITIZE Command

Abbreviation(s) and Synonym(s):

None

Definition(s):

  A command in the ATA and SCSI standards that leverages a firmware-based process to perform a Sanitization action. If a device supports the sanitize command, the device must support at least one of three options: overwrite, block erase (usually for flash memory-based media), or crypto scramble (Cryptographic Erase). These commands typically execute substantially faster than attempting to rewrite through the native read and write interface. The ATA standard clearly identifies that the Sanitization operations must address user data areas, user data areas not currently allocated (including “previously allocated areas and physical sectors that have become inaccessible”), and user data caches. The resulting media contents vary based on the command used. The overwrite command allows the user to specify the data pattern applied to the media, so that pattern (or the inverse of that pattern, if chosen) will be written to the media (although the actual contents of the media may vary due to encoding). The result of the block erase command is vendor unique, but will likely be 0s or 1s. The result of the crypto scramble command is vendor unique, but will likely be cryptographically scrambled data (except for areas that were not encrypted, which are set to the value the vendor defines).
Source(s):
NIST SP 800-88 Rev. 1