usenix conference policies
Encrypting Virtual Memory
Abstract:
In modern operating systems, cryptographic file systems can protect confidential data from unauthorized access. However, once an authorized process has accessed data from a cryptographic file system, the data can appear as plaintext in the unprotected virtual memory backing store, even after system shutdown. The solution described in this paper uses swap encryption for processes in possession of confidential data. Volatile encryption keys are chosen randomly, and remain valid only for short time periods. Invalid encryption keys are deleted, effectively erasing all data that was encrypted with them. The swap encryption system has been implemented for the UVM virtual memory system and its performance is acceptable.
BibTeX
@inproceedings {271282,
author = {Niels Provos},
title = {Encrypting Virtual Memory},
booktitle = {9th USENIX Security Symposium (USENIX Security 00)},
year = {2000},
address = {Denver, CO},
url = {https://www.usenix.org/conference/9th-usenix-security-symposium/encrypting-virtual-memory},
publisher = {USENIX Association},
month = aug
}
author = {Niels Provos},
title = {Encrypting Virtual Memory},
booktitle = {9th USENIX Security Symposium (USENIX Security 00)},
year = {2000},
address = {Denver, CO},
url = {https://www.usenix.org/conference/9th-usenix-security-symposium/encrypting-virtual-memory},
publisher = {USENIX Association},
month = aug
}
connect with us