Modern computer systems typically provide a virtual memory facility in order to make available memory capacity beyond the size of the physical random access memory (RAM). Virtual memory systems provide a virtual address space, which may be larger than the physical address space. In order to keep the virtual memory from overflowing the contents of the physical address space, pages are copied out of the physical memory when more space in the physical memory is needed, and into the physical memory when a program needs to access those pages. When a page is copied out of the physical memory, the contents of the page is stored on disk in a file called a “paging file.”
A problem with storing images of memory pages on disk—even temporarily—is that it is difficult to protect the contents of those pages from unauthorized observation. The physical memory is generally a volatile memory that will lose its contents if power to the system is removed. Therefore, there is assurance that any secret data stored in the volatile memory cannot be recovered by an unauthorized observer if the system is turned off, crashes, or is rebooted. However, if data from the volatile has been copied to the paging file, then this data can be observed by anyone with access to the disk, and this data will still exist on disk following a power-off event, crash, or reboot. This potential presents a security risk if the data is secret, or otherwise sensitive, since an attacker could obtain this data from the disk.
In view of the foregoing, there is for a mechanism to protect a paging file that overcomes the drawbacks of the prior art.