1. Technical Field
The present invention relates generally to memory protection in a data processing system. Specifically, the present invention is directed to a method of generating cryptographic secrets that may be used to protect persistent data.
2. Description of the Related Art
Many, if not most, modern operating systems and the hardware platforms that support them provide some form of facility for “memory protection.” Each application is allocated memory by the operating system and must access only those addresses in memory allocated to it. If a process attempts to access memory that is outside of the memory regions allocated to it, the illegal access attempt is detected by the operating system as an error (often called a “protection fault” or “segmentation fault”) and the offending process is terminated before disaster occurs. Memory protection can prevent many system crashes or other destructive behavior caused by software errors or malicious code (“malware”). Another important reason for restricting access to certain memory locations is to prevent proprietary or security-sensitive data or code from being examined by user-level processes, so as to prevent the creation of malware or the reverse engineering or unauthorized copying of proprietary information.
Conventional memory protection can protect one application's data or code from being read by another application, but only while the first application is running. Conventional memory protection does nothing to protect data stored persistently—i.e., data that remains in memory between invocations of an application. Indeed, conventional memory protection schemes generally do not allow for persistent memory storage of this kind: when an application terminates, the application's protected memory is either reclaimed by the operating system or it becomes completely inaccessible to other applications. For that reason, most applications designed to run in such environments rely on secondary storage (e.g., disk, tape, etc.) to store data persistently between application sessions.
What is needed, therefore, is a method of protecting sensitive data and code from unauthorized reads and writes while allowing data stored persistently in memory between application sessions to be re-accessed by an authorized application. The present invention provides a solution to this and other problems, and offers other advantages over previous solutions.