* Dynamic RAM (DRAM): Must be continuously refreshed to retain contents * Static RAM (SRAM): - Doesn't need to be refreshed - Resulting in faster access times * Synchronous DRAM (SDRAM): Synchronizes itself with the CPU clock to make communication faster * Extended data out DRAM (EDO DRAM): EDO DRAM can 'look ahead' and fetch the next data block at the same time * Burst EDO DRAM (BEDO RAM): Can send 4 blocks in a 'burst' * Double data rate SDRAM (DDR SDRAM): Can execute two read instructions per clock cycle. Template rsyslogd. * Programmable Read-Only Memory (PROM): Can be reprogrammed a single time * Erasable Programmable Read-Only Memory (EPROM): Can be reprogrammed any number of times by using a UV light to erase the previous contents * Electrically Erasable Programmable Read-Only Memory (EEPROM): - Replaced EPROM - Allows for erasing electrically, but only a single byte at a time * Flash Memory - Solid-state device: It doesn't have moving parts - Smaller, lighter and faster than most other non-volatile storage media but is also more expensive. * Major attack vector today * CPU Normal operation - A process can invoke another process and pass variables to it (parameters) - The CPU handles this by storing a pointer to the first process at the bottom of the stack - The CPU will then store each parameter on top of the previous on the same stack - The second process can modify the parameters passed in and complete its execution - At this point the CPU will retrieve the pointer to the first process from the bottom of the stack and allow it to continue. * Relocation: Swap memory contents from RAM to the hard drive and hide this from the process * Protection: Make sure processes can only access their memory segments * Sharing: - Ensure CIA with shared memory - Allow different levels of access to interact with the same memory * Local organization - Segment memory types - Provide an addressing scheme - Allow multiple processes to access the same shared DLL * Physical organization: Segment the physical memory for use by the applications and OS processes. * Price * Optimized resource usage * Running legacy applications * Running untrusted applications in a secure environment (sandboxes) * Creating systems with limited or guaranteed resources * Provide the illusion of hardware that does not actually exist * Hot standbys (running until needed) * Allows for production debugging * Ability to inject faults to study application behavior * Software migration * Package applications together and running as instances * Ability to save and restore state * Create arbitrary test scenarios for QA. Sabon lt std roman. * Introduction - Noninterference: Assurance that actions taking place at a higher security level do not interfere with actions at a lower security level - Deals with what a subject knows about the state of the system * Covert Channel - Definition: Any way to send or receive information in an unauthorized manner - Types * Covert storage channel - Communicating through a shared storage system - It could simply be the presence or absence of some system feature * Covert timing channel - Communicating through the presence or absence of a system resource in a timed fashion. * Adam is writing a report for a company's shareholders, which must reflect very accurate and reliable information * Eve is writing a report for the same company's internal project, and is intentionally based on her opinions, which may or may not reflect reality * Suppose that neither is allowed to discuss on their respective reports, but both have access to a shared network drive * If Adam leaves Eve a message in a text file about his report, this would be an example of communicating through covert channels.