Security basics for computer architects /

other_versions_link

Design for security is an essential aspect of the design of future computers. However, security is not well understood by the computer architecture community. Many important security aspects have evolved over the last several decades in the cryptography, operating systems, and networking communities...

Full description

Bibliographic Details
Main Author: Lee, Ruby B. (Author)
Format: eBook
Language:English
Published: San Rafael, California (1537 Fourth Street, San Rafael, CA 94901 USA) : Morgan & Claypool, 2013.
Series:Synthesis digital library of engineering and computer science.
Synthesis lectures in computer architecture ; # 25.
Subjects:
Computer security.
access control
computer security
confidentiality and integrity
cryptography
hardware security
secure processors
secure protocols
security policies
trustworthy computing
Online Access:Abstract with links to full text
Table of Contents:
  • 1. Threat-based design
  • 1.1 Security properties
  • 1.1.1 Cornerstone security properties
  • 1.1.2 Access control
  • 1.1.3 Trustworthy versus trusted
  • 1.2 Threats and attacks
  • 1.3 Countermeasures and defenses
  • 1.4 Threat model
  • 1.5 Security architecture design methodology
  • 2. Security policy models
  • 2.1 Multi-level security policies
  • 2.1.1 Bell La Padula (BLP) for confidentiality
  • 2.1.2 Biba for integrity
  • 2.1.3 Examples
  • 2.1.4 MLS security levels and privilege levels
  • 2.2 Multi-lateral security policies
  • 2.2.1 Chinese wall
  • 2.2.2 Clark-Wilson
  • 2.2.3 BLP with codewords
  • 2.2.4 Electronic medical records
  • 3. Access control
  • 3.1 Authentication
  • 3.1.1 Passwords and passphrases
  • 3.1.2 Biometrics
  • 3.1.3 Private keys and security tokens
  • 3.1.4 False negatives and false positives
  • 3.2 Authorization
  • 4. Cryptography for confidentiality and integrity
  • 4.1 Symmetric key ciphers
  • 4.1.1 Substitution and permutation ciphers
  • 4.1.2 One time pad
  • 4.1.3 Stream ciphers
  • 4.1.4 Block ciphers
  • 4.1.5 Processor enhancements for crypto
  • 4.1.6 Cipher modes of operation
  • 4.1.7 Importance of key management
  • 4.1.8 Computer architecture example: SP
  • 4.2 Cryptographic hash functions
  • 4.2.1 Properties of cryptographic hash functions
  • 4.2.2 Collision resistance and the birthday paradox
  • 4.2.3 Hash functions for integrity
  • 4.2.4 Keyed-hash or MAC
  • 4.2.5 Hash trees
  • 4.2.6 Use of block ciphers as hash functions
  • 4.2.7 Examples of use
  • 4.2.8 Computer architecture examples
  • 4.3 More on the birthday paradox (optional)
  • 5. Public-key cryptography
  • 5.1 Digital signature
  • 5.2 Non-repudiation
  • 5.3 Public-private key-pairs
  • 5.4 Public-key ciphers
  • 5.4.1 RSA
  • 5.4.2 Other public-key cryptography algorithms
  • 5.5 Uses of public-key cryptography
  • 5.6 Public-key infrastructure (PKI)
  • 5.6.1 Public-key certificates and certificate authorities
  • 5.6.2 Types of public-key infrastructures
  • 5.6.3 Web of trust
  • 5.7 Efficient use of public-key and symmetric-key crypto
  • 5.8 Example: secure sockets layer
  • 5.9 Computer architecture example: bastion
  • 5.10 Misunderstanding public-key crypto
  • 6. Security protocols
  • 6.1 Protocol notation
  • 6.2 Challenge-response protocols
  • 6.3 Protocol attacks
  • 6.4 Real-world protocols
  • 6.5 Verifying security protocols
  • 7. Summary
  • 7.1 Security applications
  • 7.2 Research topics in hardware security
  • 7.3 The road ahead
  • Bibliography
  • Appendix: further readings
  • A.1. Dynamic information flow tracking (DIFT) papers
  • A.2. Secure processor papers
  • A.3. Memory integrity tree papers
  • Author's biography.

Similar Items