The patent's inventors are Van Riel,
This patent was filed on
From the background information supplied by the inventors, news correspondents obtained the following quote: "Memory management is one of the most fundamental issues of modern computer systems. Typically, a computer system will include a hierarchy of memory that ranges from a small, fast cache of main memory that is placed in front of a larger, but slower, auxiliary memory. The cache is generally implemented using a physical memory, such as RAM, while the auxiliary memory is implemented using a storage device, such as a disk drive or hard disk. Both memories are usually managed in uniformly sized units known as pages.
"In order to improve performance, many computers and operating systems today implement virtual memory for the applications running on the computer. Virtual memory is where the computer system emulates that it has more memory than the computer system actually physically possesses. For example, most computer systems utilize 32-bit processors. Hence, a computer system is theoretically capable of providing a virtual memory of approximately 2.sup.32 bits or approximately 4 Gigabytes, even though the physical memory is usually much smaller.
"In order to provide a virtual memory of this size, the computer system runs the application or process in a memory address space that is virtual, i.e., not tied to the physical memory. The computer system will then swap pages in and out of a cache in its physical memory in order to emulate the virtual memory. During operation, an application or process will continually requests pages using virtual memory addresses. In response, the computer system will translate the virtual memory address into a physical memory address and determine if the page is present in the cache (i.e., the page is resident). When a requested page is not present in the cache, it is called a cache 'miss' (or page fault), and the requested page must be retrieved from storage. However, when the cache is full, before a new page can be brought into the cache, another page (known as the victim page) must be evicted to storage.
"Many applications running on a computer system utilizes confidential or sensitive data, such as encryption keys, passwords, account numbers, and the like. Unfortunately, as noted above, an application is provided a virtual memory and portions of that virtual memory are actually swapped in/out of storage, which is generally unprotected from tampering. Any data read by a process that was originally encrypted can be found as plain text in swap storage, if the process used data that was swapped out to storage. Moreover, it is possible for passwords and the confidential data to reside in storage for long periods of time, even after rebooting the system. This is contrary to what most users expect, i.e., that all confidential data vanishes with process termination. If the integrity of the system is compromised, an untrusted party may gain access to the confidential data that has been swapped out and retained in storage.
"Accordingly, it would be desirable to provide methods and systems for designating and handling confidential data."
Supplementing the background information on this patent, VerticalNews reporters also obtained the inventors' summary information for this patent: "In accordance with one embodiment of the invention, a method of protecting confidential data is provided. When a request to allocate space in a virtual memory for confidential data is received, a portion of the virtual memory is marked as confidential. It is determined if a portion of a physical memory has been assigned for the confidential portion of the virtual memory. The portion of the physical memory that has been assigned for the confidential portion of the virtual memory is then marked as having confidential data.
"In accordance with another embodiment of the invention, a method of protecting data allocated to a confidential area of virtual memory that is stored in physical memory is provided. When contents of the physical memory are being written to another location, contents of the physical memory that correspond to data allocated to the confidential area of the virtual memory are identified. The identified contents of the physical memory are then protected.
"Additional embodiments of the present invention will be set forth in part in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention. It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the invention, as claimed."
For the URL and additional information on this patent, see: Van Riel,
Keywords for this news article include:
Our reports deliver fact-based news of research and discoveries from around the world. Copyright 2014, NewsRx LLC
Most Popular Stories
- Dmytro Firtash, Ukrainian Billionaire, Arrested in Vienna
- Obama, Ukraine Discuss Russian Incursion in Crimea
- Koch Brothers Step up Anti-Obamacare Campaign
- FDIC Sues Big Banks Over Rate Manipulation
- Obama's Overtime Initiative Praised, Condemned
- Liberty Media Drops Sirius Bid
- Republicans Warn Obama on Immigration
- West Readies Harsh Sanctions Against Russia
- Calumet Photo Files for Bankruptcy
- Uli Hoeness, Bayern Munich President, Gets Prison for Tax Evasion