Efficient Security-Aware Virtual Memory Management

Author

Amirsoufi, Rahmatollah ; Taghiloo, Majid ; Ahmadi, Armin

Author_Institution

South Tehran Branch, Islamic Azad Univ., Tehran, Iran

fYear

2009

fDate

4-7 Dec. 2009

Firstpage

208

Lastpage

211

Abstract

Virtual memory was developed to automate the movement of program code and data between main memory and secondary storage to give the appearance of a single. This technique greatly simplified the programmer´s job, particularly when program code and data exceeded the main memory´s size. In modern operating system, secure file system can protect confidential data from unauthorized access. However, once an authorized process has accessed data from a cryptographic file system, the data can appear as plaintext in the unprotected virtual memory backing store, even after system shutdown. This paper proposes new approach for adding multilevel security capability to virtual memory management. It uses partial swap encryption based on process´s security policy. Volatile encryption keys are chosen randomly, and remain valid only for short time periods. Performance comparison shows the total overhead of proposed method.

Keywords

cryptography; storage management; virtual reality; authorized process; cryptographic file system; modern operating system; partial swap encryption; program code; security aware virtual memory management; volatile encryption keys; Cryptography; Data security; File systems; Image storage; Insurance; Management training; Memory management; Operating systems; Protection; Secure storage; Cryptography; Memory Management; Security; Security policy; Swap file; Virtual Memory;

fLanguage

English

Publisher

ieee

Conference_Titel

Soft Computing and Pattern Recognition, 2009. SOCPAR '09. International Conference of

Conference_Location

Malacca

Print_ISBN

978-1-4244-5330-6

Electronic_ISBN

978-0-7695-3879-2

Type

conf

DOI

10.1109/SoCPaR.2009.50

Filename

5370014