The use of mobile data processing devices has increased significantly in recent years. In addition to so called “laptop” and “tablet” computers, there is a growing popularity in handheld mobile data processing devices, sometimes called “personal digital assistants” or “PDAs” as well as smart phones. These mobile data processing devices are capable of storing a significant amount of user data, including calendar, address book, tasks and numerous other types of data for business and personal use. Most handheld data processing devices have the ability to connect to a personal computer for data exchange, and many are equipped for wireless communications using, for example, conventional email messaging systems. Depending upon the user's needs much of this data can be highly sensitive in nature, for example, where the device is used in government, the military or a commercial enterprise.
Because of their mobile nature, such devices may be lost or stolen with the consequential risk that data on the devices will be accessed by unauthorized individuals. For this reason, mobile data processing systems are typically password protected. However, such protection may be insufficiently secure if the data stored on the device is not encrypted. Accordingly, data stored in persistent memory on a handheld device is typically encrypted using an: encryption key. For the data to be accessed by an application executing on the device, a decrypted copy of the encrypted data, or plain text data, is made available for use by the application. The plain text data may be used in processing carried out by the application, may be displayed on the device for viewing by the user, or may be sent to other users through email or other delivery means. Since the plain text data is by definition not encrypted, an unauthorized user of the device may be able to view, copy or transmit an unencrypted copy of the data if such a user gains access to the device. Thus, it is advantageous to be able to place the system in a secure state where no plain text data is available in the memory of the device, leaving only secure, encrypted data stored on the device.
However, in a typical handheld data processing device, applications executing on the device are able to copy, modify or move plain text data in the device memory. Although application execution may be designed so as to clear plain text data from memory at certain defined points in the application operation, applications may have programming errors such that they fail to actually clear all plain text data from memory. Consequently, when it is time to secure the device, relying on application operation will not ensure that all the plain text data stored in device memory has been cleared.
It is therefore desirable for a mobile data processing device, supporting storage of encrypted data, to be provided with a memory management mechanism to facilitate confirmation that the device has been successfully placed in a secure state.