1. Field of the Invention
The present invention relates to a method, system, and program for encrypting files in a computer system.
2. Description of the Related Art
Many operating systems, such as the Microsoft Corporation Windows 95/98/2000/NT operating systems and Unix based operating systems (e.g., the Sun Microsystems, Inc. Solaris Operating system), utilize swap files.** The operating system uses a volatile memory, such as a random access memory (RAM), to store data being processed. When the utilization of the volatile memory reaches a certain threshold, data from the RAM is swapped to a hard disk drive as part of a virtual memory addressing system. The data swapped to hard disk drive storage has a virtual address in memory, such that if a program or process attempts to access that virtual address in memory, the data is then swapped back into memory from the swap file on the hard disk drive. The use of swap files makes the hard disk drive storage space available as additional virtual memory to supplement the volatile memory device, which is typically of a limited size and substantially more expensive than the non-volatile hard disk drive space.
A swap file can range in size from 20 million bytes to over 200 million bytes and the potential exists for these huge files to contain remnants of word processing files, E-Mail messages, Internet browsing activity, database entries and almost any other data that may have been generated during past work sessions. Swap files pose a significant security threat because the data remains transparently stored within the swap file without the knowledge of the computer user. This can occur even if the work product was stored on a computer network server. In fact, computer forensics specialists and law enforcement agencies are able to reconstruct user activity by parsing and analyzing the swap files with forensic software tools known in the art.
Moreover, some programs are capable of parsing the swap file to identify fragments of word processing communications, E-mail communications, Internet chat room communications, Internet news group posts, encryption passwords, network passwords, network logons, database entries, credit card numbers, social security numbers and the first and last names of individuals that have been listed in communications involving the subject computer. Needless to say, having such information fall into the “wrong hands” could prove disastrous to an organization or individual.
Some programs have been developed that overwrite the swap file after a session completes or in response to a user hitting a panic button. Notwithstanding, such utilities may not protect the system in the event the system is accessed before the utility can be invoked to destroy the swap file.
For these reasons there is a need in the art for improved techniques for protecting information on a computer system against unauthorized access and analysis.