文档介绍:: .
SWIPE: Eager Erasure of Senso introduce erase instructions in the original program. The velopers think about these issues, while many developers are sim-
ply unaware of these issues. This state of practice has led to pro-
programs transformed using SWIPE enjoy several additional bene-
fits: minimization of leaks that arise due to data dependencies; era- longed sensitive data lifetimes opening the door to sensitive data
sure of sensitive data with minimal developer guidance; and negli- disclosure attacks. As shown further (Section 2), there is a dire
gible performance overheads. need to retrofit applications to minimize sensitive data lifetimes.
The problem is exacerbated in a type-unsafe language such as
C. Due to the lack of memory safety, developers receive no assis-
Categories and Subject Descriptors tance to protect data variables from exposures, resulting in leakage
[Security and Protection]: Verification; [Security of sensitive data. An interesting SecurityFocus discussion [19] ex-
and Protection]: Unauthorized access amined problems faced by developers in writing code that handles
sensitive data in C programs. Chow et al., [13] performed a whole
General Terms system simulation study with virtual machines to analyze the exe-
cution of several system applications such as browsers and authen-
Languages, Security, Confidentiality, Verification ticators that handle sensitive data. Using this s