TPRIVEXEC: Private Execution in Virtual Memory

Private Browsing Mode has become a popular feature in modern browsers. However, despite its prevalence, a similar privacy enhancing technology has not been replicated in other user applications. PRivExEc is an operating system service that provides an application-agnostic, system-wide private execution mode [15]. We present TPRIVExEC, a novel approach to system-level privacy support that affords faster application execution over PRivExEc. TPRIVExEC uses memory as its principal backing store but falls back to system swap on high memory pressure. Upon swapping, it encrypts and decrypts private application data as it transits into and out of disk. By doing away with much of persistent disk as primary storage, TPRIVExEC provides stronger privacy guarantees and faster application runtime. As shown by our evaluation, TPRIVExEC application performance is indistinguishable from a vanilla system and compared to PrtivExEc, it is up to 30 times faster in writes and 38 times faster in reads for I/O bound tasks.