菜单
工具

MemGuard

NOT ON THE CURRENT EDITION
This blip is not on the current edition of the radar. If it was on one of the last few editions it is likely that it is still relevant. If the blip is older it might no longer be relevant and our assessment might be different today. Unfortunately, we simply don't have the bandwidth to continuously review blips from previous editions of the radarUnderstand more
Nov 2019
评估?

如果应用程序将敏感信息(例如加密密钥)以纯文本的形式存储在内存中,很可能会被人利用成为攻击媒介而导致信息泄露。大多数基于云的解决方案通常使用HSM(hardware security modules,硬件安全模块)以避免受到此类攻击。但如果是自托管服务且无法使用HSM时,仍然希望避免这类攻击,MemGuard就非常有用了。MemGuard可以作为软件安全区,在内存中存储敏感信息。尽管MemGuard不能替代HSM,但它也实现了许多安全策略,如防止冷启动攻击,避免垃圾收集的干扰,并使用防护分页技术加固以减少泄露敏感数据的可能性。