A security and privacy aware checkpointing mechanism that enables users to selectively exclude processes and terminal applications that contain sensitive data
About
This invention presents the design and implementation of SPARC , a security and privacy aware checkpointing mechanism. SPARC enables users to selectively exclude processes and terminal applications that contain sensitive data from being checkpointed. Selective exclusion is performed by the hypervisor by sanitizing those memory pages in the checkpoint file that belong to the excluded applications. We describe the design challenges in effectively tracking and excluding process-specific memory contents from the checkpoint file in a VM running the commodity Linux operating system. Our preliminary results show that SPARC poses only 1:02% - 5:29% of overhead if most pages are dirty before checkpointing is performed