Manualshelf

Specifications

ManualsBrandsBlackberry ManualsComputer equipmentENTERPRISE SOLUTION SECURITY - SECURITY FOR DEVICES WITH BLUETOOTH WIRELESS TECHNOLOGY - TECHNICAL
111112113114115116117118119120
Security mechanism Description
Robust heap implementations The heap implementation includes a defense mechanism against the deliberate
corruption of the heap area of memory. The mechanism is designed to detect or
mitigate the overwriting of in-band heap data structures so that a program can
fail in a secure manner. The mechanism helps prevent attackers from executing
arbitrary code via heap corruption.
Address space layout randomization
(ASLR)
By default, the memory positions of all areas of a program are randomly
arranged in the address space of a process. This mechanism makes it more
difficult for an attacker to perform an attack that involves predicting target
addresses to execute arbitrary code.
Compiler-level source fortification The compiler GCC uses the FORTIFY_SOURCE option to replace insecure code
constructs where possible. For example, it might replace an unbounded
memory copy with its bounded equivalent.
Guard pages If a process attempts to access a memory page, the guard page raises a one-
time exception and causes the process to fail. These guard pages are placed
strategically between memory used for different purposes, such as the standard
program heap and the object heap. This mechanism helps prevent an attacker
from causing a heap buffer overflow and changing the behavior of a process or
executing arbitrary code with the permissions of the compromised process.
Security Technical Overview The BlackBerry 10 OS
111