2014 | OriginalPaper | Buchkapitel
DEICS: Data Erasure in Concurrent Software
verfasst von : Kalpana Gondi, A. Prasad Sistla, V. N. Venkatakrishnan
Erschienen in: Secure IT Systems
Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.
Wählen Sie Textabschnitte aus um mit Künstlicher Intelligenz passenden Patente zu finden. powered by
Markieren Sie Textabschnitte, um KI-gestützt weitere passende Inhalte zu finden. powered by
A well known tenet for ensuring unauthorized leaks of sensitive data such as passwords and cryptographic keys is to erase (“zeroize”) them after their intended use in any program. Prior work on minimizing sensitive data lifetimes has focused exclusively on sequential programs. In this work, we address the problem of data lifetime minimization for concurrent programs. We develop a new algorithm that precisely anticipates when to introduce these erasures, and develop an implementation of this algorithm in a tool called DEICS. Through an experimental evaluation, we show that DEICS is able to reduce lifetimes of shared sensitive data in several concurrent applications (over 100k lines of code combined) with minimal performance overheads.