Results 1 to 5 of 5
  1. #1
    jonnytabpni is offline Member
    Join Date
    Nov 2009
    Posts
    8
    Rep Power
    0

    Default Page/Swap File and in-memory security considerations

    Hi Folks,

    I'm developing a client/server solution based on the cajo framework (Which uses RMI).

    My java client will be receiving hashmaps from the server, which will contain confidential information. The results can be large and I've seen the JVM process memory size in windows task manager raise by 10 - 20MB (There's a lot of data!).

    Should I be concerned about the way windows deals with virtual memory/paging on the client machine? Or am I just being overly paranoid? Would this potential paging issue also happen in applications that are web based?

    Any advice is very much appreciated.

    Thanks

    Jonny

  2. #2
    AndreB's Avatar
    AndreB is offline Senior Member
    Join Date
    Dec 2009
    Location
    Stuttgart, Germany
    Posts
    114
    Rep Power
    0

    Default

    Aehm, sorry, what is your concern again?

    Are you afraid of how the client OS handling the memory? And that your confidential data is written to the swap ?

  3. #3
    jonnytabpni is offline Member
    Join Date
    Nov 2009
    Posts
    8
    Rep Power
    0

    Default

    Hi AndreB,

    Yes, that pretty much sums up my concerns.

    Thanks

  4. #4
    AndreB's Avatar
    AndreB is offline Senior Member
    Join Date
    Dec 2009
    Location
    Stuttgart, Germany
    Posts
    114
    Rep Power
    0

    Default

    You cant control how the os handling the memory. So there is a propability that it will write some data to the swap.

    But why dont you encrypt your data ? Just "store" the encrypted data in memory and if you require access then decrpyt the needed part on the fly.

  5. #5
    jonnytabpni is offline Member
    Join Date
    Nov 2009
    Posts
    8
    Rep Power
    0

    Default

    Encryption isn't an issue really.

    When you encrypt something, then it gets "decrypted-on-the-fly", the unencrypted data goes into memory.

    I'm just trying to figure out if in industry, memory and/or paging issues are taken seriously. This is my first major project I am doing, and I just want to do it right.

    Take a bank for example, their employees will access private data on their computer screens, which will go into their desktop PC's RAM/pagefile. Does bank IT admin guys do anything about this?

    And, are java applications more "at-risk", due to their large memory footprint, compared to a web page for example.

    Thanks

Similar Threads

  1. How to swap to images on clicks
    By ntagrafix in forum AWT / Swing
    Replies: 2
    Last Post: 12-03-2009, 09:13 PM
  2. swap two frames on user click
    By marodia in forum AWT / Swing
    Replies: 1
    Last Post: 08-25-2009, 10:11 AM
  3. Memory-Mapped File-(MappedByteBuffer )
    By lenah in forum Advanced Java
    Replies: 3
    Last Post: 12-22-2008, 08:00 PM
  4. Question about CAS (compare and swap) method
    By illidian in forum Advanced Java
    Replies: 1
    Last Post: 04-04-2008, 09:49 PM
  5. how to swap 2 numbers
    By mary in forum Advanced Java
    Replies: 1
    Last Post: 08-02-2007, 06:32 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •