Writing Secure Code
Software Security: Building Security In
Software Security: Building Security In
Understanding data lifetime via whole system simulation
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Shredding your garbage: reducing data lifetime through secure deallocation
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
Hi-index | 0.00 |
The possibility of unauthorized data exposure caused by memory deallocation flaws in various software products has been accentuated by some IT-security experts several years ago [1, 2, 3, 4]. However, no feasible and universal strategies have been proposed so far to reduce that risk. In this paper we discuss possible approaches to reducing the chances of undesirable exposure of sensible information caused by unreasonably long data lifetime in main memory. We offer several directions of how current development platforms and runtime environments could be improved to minimize the lifetime of confidential data on the software design stage.