Data lifetime is a systems problem

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

Data lifetime is a systems problem

Full text

Pdf (195 KB)

Source

ACM SIGOPS European Workshop archive
Proceedings of the 11th workshop on ACM SIGOPS European workshop table of contents

Leuven, Belgium

SESSION: Security table of contents

Article No. 10

Year of Publication: 2004

Authors

Tal Garfinkel	Stanford University
Ben Pfaff	Stanford University
Jim Chow	Stanford University
Mendel Rosenblum	Stanford University

Sponsor

SIGOPS: ACM Special Interest Group on Operating Systems

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 4, Downloads (12 Months): 21, Citation Count: 6

Additional Information:

abstract references cited by collaborative colleagues

Tools and Actions:	Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/1133572.1133599 What is a DOI?

ABSTRACT

As sensitive data lifetime (i.e. propagation and duration in memory) increases, so does the risk of exposure. Unfortunately, this issue has been largely overlooked in the design of most of today's operating systems, libraries, languages, etc. As a result, applications are likely to leave the sensitive data they handle (passwords, financial and military information, etc.) scattered widely over memory, leaked to disk, etc. and left there for an indeterminate period of time. This greatly increases the impact of a system compromise.Dealing with data lifetime issues is currently left to application developers, who largely overlook them. Security-aware developers who attempt to address them (e.g. cryptographic library writers) are stymied by the limitations of the operating systems, languages, etc. they rely on. We argue that data lifetime is a systems issue which must be recognized and addressed at all layers of the software stack.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	P. Broadwell, M. Harren, and N. Sastry. Scrash: A system for generating secure crash information. In Proceedings of the 11th USENIX Security Symposium, August 2003.
	2	J. Chow, B. Pfaff, T. Garfinkel, K. Christopher, and M. Rosenblum. Understanding data lifetime via whole system simulation. In Proceedings of the 12th USENIX Security Symposium, 2004.
	3	Simson L. Garfinkel , Abhi Shelat, Remembrance of Data Passed: A Study of Disk Sanitization Practices, IEEE Security and Privacy, v.1 n.1, p.17-27, January 2003 [doi>10.1109/MSECP.2003.1176992]
	4	P. Gutmann. Secure deletion of data from magnetic and solid-state memory. In Proceedings of the 6th USENIX Security Symposium, July 1996.
	5	P. Gutmann. Software leaves encryption keys, passwords lying around in memory. http://www.securityfocus.com/archive/82/297827/2002-10-27/2002-11-02/2, October 2002.
	6	T. Hamilton. 'Error' sends bank files to eBay. Toronto Star, Sep. 15, 2003.
	7	M. Howard. Some bad news and some good news. http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dncode%/html/secure10102002.asp, October 2002.
	8	Microsoft Corporation. Address windowing extensions API. http://msdn.microsoft.com, February 2000.
	9	Microsoft Corporation. VirtualLock. http://msdn.microsoft.com, January 2004.
	10	Open Group. The single UNIX specification version 3, IEEE standard 1003.1-2001. WWW, 2001. http://www.unix-systems.org/single_unix_specification/.
	11	N. Provos. Encrypting virtual memory. In Proceedings of the 10th USENIX Security Symposium, pages 35--44, August 2000.
	12	R. Rogers. Exploiting the ftp pasv vulnerability. http://www.securityhorizon.com/whitepapers/hacking/PASV.html, October 1999.
	13	U. Shankar, K. Talwar, J. S. Foster, and D. Wagner. Detecting format string vulnerabilities with type qualifiers. In Proc. 10th USENIX Security Symposium, August 2001.
	14	David A. Solomon , Mark Russinovich, Inside Microsoft Windows 2000, Microsoft Press, Redmond, WA, 2000
	15	US Department of Energy Computer Incident Advisory Capability. Office XP Error Reporting May Send Sensitive Documents to Microsoft. http://www.ciac.org/ciac/bulletins/m-005.shtml.

CITED BY 6

	Tal Garfinkel , Mendel Rosenblum, When virtual is harder than real: security challenges in virtual machine based computing environments, Proceedings of the 10th conference on Hot Topics in Operating Systems, p.20-20, June 12-15, 2005, Santa Fe, NM
	Jim Chow , Ben Pfaff , Tal Garfinkel , Mendel Rosenblum, Shredding your garbage: reducing data lifetime through secure deallocation, Proceedings of the 14th conference on USENIX Security Symposium, p.22-22, July 31-August 05, 2005, Baltimore, MD
	Patrick Stahlberg , Gerome Miklau , Brian Neil Levine, Threats to privacy in the forensic analysis of database systems, Proceedings of the 2007 ACM SIGMOD international conference on Management of data, June 11-14, 2007, Beijing, China
	Jason Franklin , Mark Luk , Jonathan M. McCune , Arvind Seshadri , Adrian Perrig , Leendert van Doorn, Remote detection of virtual machine monitors with fuzzy benchmarking, ACM SIGOPS Operating Systems Review, v.42 n.3, April 2008
	David Boutcher , Abhishek Chandra, Practical techniques for purging deleted data using liveness information, ACM SIGOPS Operating Systems Review, v.42 n.5, p.85-94, July 2008
	Sarah M. Diesburg , Christopher R. Meyers , David M. Lary , An-I Andy Wang, When cryptography meets storage, Proceedings of the 4th ACM international workshop on Storage security and survivability, October 31-31, 2008, Alexandria, Virginia, USA

Collaborative Colleagues:

Tal Garfinkel: colleagues

Ben Pfaff: colleagues

Jim Chow: colleagues

Mendel Rosenblum: colleagues

Adobe Acrobat

QuickTime

Windows Media Player

Real Player