Manualshelf

Specifications

ManualsBrandsBlackberry ManualsComputer equipmentENTERPRISE SOLUTION SECURITY - SECURITY FOR DEVICES WITH BLUETOOTH WIRELESS TECHNOLOGY - TECHNICAL
111112113114115116117118119120
Security mechanism Description
Stack cookies Stack cookies are a form of buffer overflow protection that helps prevent
attackers from executing arbitrary code.
Robust heap implementations The heap implementation includes a defense mechanism against the deliberate
corruption of the heap area of memory. The mechanism detects or mitigates the
overwriting of in-band heap data structures so that a program can fail in a
secure manner. The mechanism helps prevent attackers from executing
arbitrary code via heap corruption.
Address space layout randomization
(ASLR)
By default, the memory positions of all areas of a program are randomly
arranged in the address space of a process. This mechanism makes it more
difficult for an attacker to perform an attack that involves predicting target
addresses to execute arbitrary code.
Compiler-level source fortification The compiler GCC uses the FORTIFY_SOURCE option to replace insecure code
constructs where possible. For example, it might replace an unbounded
memory copy with its bounded equivalent.
Guard pages If a process attempts to access a memory page, the guard page raises a one-
time exception and causes the process to fail. These guard pages are placed
strategically between memory used for different purposes, such as the standard
program heap and the object heap. This mechanism helps prevent an attacker
from causing a heap buffer overflow and changing the behavior of a process or
executing arbitrary code with the permissions of the compromised process.
Security Technical Overview The BlackBerry PlayBook OS
116