2017 Volume 14 Issue 10 Pages 20170309
Many applications compute on sensitive data, such as confidential user information. Even if these applications are terminated, sensitive data often persist in the main memory indefinitely until the deallocated pages are overwritten by OS. The conventional software-only solution of zeroing pages at deallocation generates a significant amount of bursty memory traffic to slow down other processes running concurrently. To address this, we propose Secure DRAM, a novel DRAM architecture that enables low-cost, secure deallocation of physical page frames. By preventing access to unallocated DRAM pages and not refreshing them, Secure DRAM effectively closes the window of vulnerability with minimal performance overhead.