大葉大學圖書館 |

Principles of secure processor architecture design /

紀錄類型:	書目-電子資源 : Monograph/item
杜威分類號:	004.22
書名/作者:	Principles of secure processor architecture design // Jakub Szefer.
作者:	Szefer, Jakub,
面頁冊數:	1 PDF (xxi, 151 pages) : : illustrations.
附註:	Part of: Synthesis digital library of engineering and computer science.
標題:	Computer architecture.
標題:	Computer security.
ISBN:	9781681730028
書目註:	Includes bibliographical references (pages 125-148).
內容註:	Bibliography -- Online resources -- Author's biography.
摘要、提要註:	With growing interest in computer security and the protection of the code and data which execute on commodity computers, the amount of hardware security features in today's processors has increased significantly over the recent years. No longer of just academic interest, security features inside processors have been embraced by industry as well, with a number of commercial secure processor architectures available today. This book aims to give readers insights into the principles behind the design of academic and commercial secure processor architectures. Secure processor architecture research is concerned with exploring and designing hardware features inside computer processors, features which can help protect confidentiality and integrity of the code and data executing on the processor. Unlike traditional processor architecture research that focuses on performance, efficiency, and energy as the first-order design objectives, secure processor architecture design has security as the first-order design objective (while still keeping the others as important design aspects that need to be considered). This book aims to present the different challenges of secure processor architecture design to graduate students interested in research on architecture and hardware security and computer architects working in industry interested in adding security features to their designs. It aims to educate readers about how the different challenges have been solved in the past and what are the best practices, i.e., the principles, for design of new secure processor architectures. Based on the careful review of past work by many computer architects and security researchers, readers also will come to know the five basic principles needed for secure processor architecture design. The book also presents existing research challenges and potential new research directions. Finally, this book presents numerous design suggestions, as well as discusses pitfalls and fallacies that designers should avoid.
電子資源:	https://ieeexplore.ieee.org/servlet/opac?bknumber=8502017

Principles of secure processor architecture design /
Szefer, Jakub,

Principles of secure processor architecture design /Jakub Szefer. - 1 PDF (xxi, 151 pages) :illustrations. - Synthesis lectures on computer architecture,# 451935-3243 ;. - Synthesis digital library of engineering and computer science..

Part of: Synthesis digital library of engineering and computer science.

Includes bibliographical references (pages 125-148).

Bibliography -- Online resources -- Author's biography.

Abstract freely available; full-text restricted to subscribers or individual document purchasers.

Compendex

With growing interest in computer security and the protection of the code and data which execute on commodity computers, the amount of hardware security features in today's processors has increased significantly over the recent years. No longer of just academic interest, security features inside processors have been embraced by industry as well, with a number of commercial secure processor architectures available today. This book aims to give readers insights into the principles behind the design of academic and commercial secure processor architectures. Secure processor architecture research is concerned with exploring and designing hardware features inside computer processors, features which can help protect confidentiality and integrity of the code and data executing on the processor. Unlike traditional processor architecture research that focuses on performance, efficiency, and energy as the first-order design objectives, secure processor architecture design has security as the first-order design objective (while still keeping the others as important design aspects that need to be considered). This book aims to present the different challenges of secure processor architecture design to graduate students interested in research on architecture and hardware security and computer architects working in industry interested in adding security features to their designs. It aims to educate readers about how the different challenges have been solved in the past and what are the best practices, i.e., the principles, for design of new secure processor architectures. Based on the careful review of past work by many computer architects and security researchers, readers also will come to know the five basic principles needed for secure processor architecture design. The book also presents existing research challenges and potential new research directions. Finally, this book presents numerous design suggestions, as well as discusses pitfalls and fallacies that designers should avoid.

Mode of access: World Wide Web.

ISBN: 9781681730028

Standard No.: 10.2200/S00864ED1V01Y201807CAC045doiSubjects--Topical Terms:

172048
Computer architecture.
Subjects--Index Terms:

secure processor design

LC Class. No.: QA76.9.A73 / S946 2019

Dewey Class. No.: 004.22

Principles of secure processor architecture design /
LDR:11746nmm 2200649 i 4500 001 509148
003 IEEE
005 20181101130616.0
006 m eo d
007 cr cn |||m|||a
008 210514s2019 caua foab 000 0 eng d
020 $a 9781681730028 $q ebook
020 $z 9781681734040 $q hardcover
020 $z 9781681730011 $q paperback
024 7 $a 10.2200/S00864ED1V01Y201807CAC045 $2 doi
035 $a (CaBNVSL)swl000408760
035 $a (OCoLC)1060574854
035 $a 8502017
040 $a CaBNVSL $b eng $e rda $c CaBNVSL $d CaBNVSL
050 4 $a QA76.9.A73 $b S946 2019
082 0 4 $a 004.22 $2 23
100 1 $a Szefer, Jakub, $e author. $3 729007
245 1 0 $a Principles of secure processor architecture design / $c Jakub Szefer.
264 1 $a [San Rafael, California] : $b Morgan & Claypool, $c 2019.
300 $a 1 PDF (xxi, 151 pages) : $b illustrations.
336 $a text $2 rdacontent
337 $a electronic $2 isbdmedia
338 $a online resource $2 rdacarrier
490 1 $a Synthesis lectures on computer architecture, $x 1935-3243 ; $v # 45
500 $a Part of: Synthesis digital library of engineering and computer science.
504 $a Includes bibliographical references (pages 125-148).
505 8 $a Bibliography -- Online resources -- Author's biography.
505 0 $a 1. Introduction -- 1.1 Need for secure processor architectures -- 1.2 Book organization --
505 8 $a 2. Basic computer security concepts -- 2.1 Trusted computing base -- 2.1.1 Kerckhoffs's principle: avoid security through obscurity -- 2.2 Security threats to a system -- 2.2.1 The attack surface -- 2.2.2 Passive and active attacks -- 2.2.3 Man-in-the-middle attacks -- 2.2.4 Side and covert channels and attacks -- 2.2.5 Information flows and attack bandwidths -- 2.2.6 The threat model -- 2.2.7 Threats to hardware after the design phase -- 2.3 Basic security concepts -- 2.3.1 Confidentiality, integrity, and availability -- 2.3.2 Authentication -- 2.3.3 Freshness and nonces -- 2.3.4 Security vs. reliability -- 2.4 Symmetric-key cryptography -- 2.4.1 Symmetric-key algorithms: block ciphers -- 2.4.2 Symmetric-key algorithms: stream ciphers -- 2.4.3 Standard symmetric: key algorithms -- 2.5 Public-key cryptography -- 2.5.1 Key encapsulation mechanisms -- 2.5.2 Standard public-key algorithms -- 2.5.3 Post-quantum cryptography -- 2.6 Random number generation -- 2.7 Secure hashing -- 2.7.1 Use of hashes in message authentication codes -- 2.7.2 Use of hashes in digital signatures -- 2.7.3 Use of hashes in hash trees -- 2.7.4 Application of hashes in key derivation function -- 2.7.5 Standard secure hash algorithms -- 2.8 Public key infrastructure -- 2.8.1 Digital certificates -- 2.8.2 Diffie-Hellman key exchange -- 2.8.3 Application of PKI in secure processor architectures -- 2.9 Physically unclonable functions --
505 8 $a 3. Secure processor architectures -- 3.1 Real-world attacks -- 3.1.1 Coldboot -- 3.1.2 Rowhammer -- 3.1.3 Meltdown -- 3.1.4 Spectre -- 3.1.5 Other bugs and vulnerabilities -- 3.2 General-purpose processor architectures -- 3.2.1 Typical software levels (rings 3 to -1) -- 3.2.2 Typical hardware components -- 3.3 Secure processor architectures -- 3.3.1 Extending vertical privilege levels -- 3.3.2 Horizontal privilege level separation -- 3.3.3 Breaking linear hierarchy of protection levels -- 3.3.4 Capability-based protections -- 3.3.5 Architectures for different software threats -- 3.3.6 Architectures for different hardware threats -- 3.3.7 Hardware TCB as circuits or processors -- 3.4 Examples of secure processor architectures -- 3.4.1 Academic architectures -- 3.4.2 Commercial architectures -- 3.5 Secure processor architecture assumptions -- 3.5.1 Trusted processor chip assumption -- 3.5.2 Small TCB assumption -- 3.5.3 Open TCB assumption -- 3.6 Limitations of secure architectures -- 3.6.1 Physical realization threats -- 3.6.2 Supply chain threats -- 3.6.3 IP protection and reverse engineering -- 3.6.4 Side- and covert-channel threats -- 3.6.5 What secure processor architectures are not -- 3.6.6 Alternatives to hardware-based protections: homomorphic encryption --
505 8 $a 4. Trusted execution environments -- 4.1 Protecting software within trusted execution environments -- 4.1.1 Protections offered by the TCB to the TEEs -- 4.1.2 Enforcing confidentiality through encryption -- 4.1.3 Enforcing confidentiality through isolation -- 4.1.4 Enforcing confidentiality through state flushing -- 4.1.5 Enforcing integrity through cryptographic hashing -- 4.2 Examples of architectures and TEEs -- 4.2.1 Academic architectures for protecting TSMs or enclaves -- 4.2.2 Commercial architectures for protecting TSMs or enclaves -- 4.2.3 Academic and commercial architectures for protecting whole OSes or VMs -- 4.3 TCB and TEE assumptions -- 4.3.1 No side effects assumption -- 4.3.2 Bug-free protected software assumption -- 4.3.3 Trustworthy TCB execution assumption -- 4.4 Limitations of TCBs and TEEs -- 4.4.1 Vulnerabilities in the TCB -- 4.4.2 Opaque TCB execution -- 4.4.3 TEE-based attacks -- 4.4.4 TEE code bloat --
505 8 $a 5. Hardware root of trust -- 5.1 The root of trust -- 5.1.1 Root of trust and the processor key -- 5.1.2 PKI and secure processors -- 5.1.3 Access to the root of trust -- 5.2 Chain of trust and measurements -- 5.2.1 Trusted and authenticated boot -- 5.2.2 Measurement validation -- 5.2.3 Remote attestation -- 5.2.4 Sealing -- 5.2.5 Time-of-check to time-of-use attacks -- 5.3 Runtime attestation and continuous monitoring of TCB and TEEs -- 5.3.1 Limitations of continuous monitoring -- 5.4 PUFs and root of trust -- 5.4.1 Hardware-software binding -- 5.5 Limiting execution to only authorized code -- 5.5.1 Lock-in and privacy concerns -- 5.6 Root of trust assumptions -- 5.6.1 Unique of root of trust key assumption -- 5.6.2 Protected root of trust assumption -- 5.6.3 Fresh measurement assumption --
505 8 $a 6. Memory protections -- 6.1 Threats against main memory -- 6.1.1 Sources of attacks on memory -- 6.1.2 Passive attacks -- 6.1.3 Active attacks -- 6.2 Main memory protection mechanisms -- 6.2.1 Confidentiality protection with encryption -- 6.2.2 Integrity protection with hashing -- 6.2.3 Access pattern protection -- 6.3 Memory protections assumption -- 6.3.1 Encrypted, hashed, and oblivious access memory assumption --
505 8 $a 7. Multiprocessor and many-core protections -- 7.1 Security challenges of multiprocessors and many-core systems -- 7.2 Multiprocessor security -- 7.2.1 SMP and DSM threat model -- 7.2.2 Symmetric memory multiprocessor security -- 7.2.3 Distributed shared memory security -- 7.2.4 SMP and DSM tradeoffs -- 7.3 Many-core processors and multi-processor system-on-a-chip -- 7.3.1 Many-core and MPSoC threat model -- 7.3.2 Communication protection mechanisms -- 7.3.3 3D integration considerations -- 7.4 Multiprocessor and many-core protections assumption -- 7.4.1 Protected inter-processor communication assumption --
505 8 $a 8. Side-channel threats and protections -- 8.1 Side and covert channels -- 8.1.1 Covert channel review -- 8.1.2 Side channel review -- 8.1.3 Side and covert channels in processors -- 8.2 Processor features and information leaks -- 8.2.1 Variable instruction execution timing -- 8.2.2 Functional unit contention -- 8.2.3 Stateful functional units -- 8.2.4 Memory hierarchy -- 8.2.5 Physical emanations -- 8.3 Side and covert channel classification -- 8.4 Estimates of existing attack bandwidths -- 8.4.1 Attack bandwidth analysis -- 8.5 Defending side and covert channels -- 8.5.1 Hardware-based defenses overview -- 8.5.2 Secure cache designs -- 8.5.3 Software-based defenses -- 8.5.4 Combining defenses overview -- 8.6 Side channels as attack detectors -- 8.7 Side-channel threats assumption -- 8.7.1 Side-channel free tee assumption --
505 8 $a 9. Security verification of processor architectures -- 9.1 Motivation for formal security verification -- 9.2 Security verification across different levels of abstraction -- 9.3 Security verification approaches -- 9.3.1 System representation -- 9.3.2 Security properties -- 9.3.3 Formal verification -- 9.4 Discussion of hardware-software security verification projects -- 9.5 Security verification assumption -- 9.5.1 Verified TCB assumption -- 9.5.2 Verified TEE software assumption --
505 8 $a 10. Principles of secure processor architecture design -- 10.1 The principles -- 10.1.1 Protect off-chip communication and memory -- 10.1.2 Isolate processor state between TEE execution -- 10.1.3 Measure and continuously monitor TCB and TEE -- 10.1.4 Allow TCB introspection -- 10.1.5 Minimize the TCB -- 10.2 Impact of secure design principles on the processor architecture principles -- 10.3 Limitations of the secure processor assumptions -- 10.4 Pitfalls and fallacies -- 10.5 Challenges in secure processor design -- 10.6 Future trends in secure processor designs -- 10.7 Art and science of secure processor design --
506 $a Abstract freely available; full-text restricted to subscribers or individual document purchasers.
510 0 $a Compendex
510 0 $a INSPEC
510 0 $a Google scholar
510 0 $a Google book search
520 3 $a With growing interest in computer security and the protection of the code and data which execute on commodity computers, the amount of hardware security features in today's processors has increased significantly over the recent years. No longer of just academic interest, security features inside processors have been embraced by industry as well, with a number of commercial secure processor architectures available today. This book aims to give readers insights into the principles behind the design of academic and commercial secure processor architectures. Secure processor architecture research is concerned with exploring and designing hardware features inside computer processors, features which can help protect confidentiality and integrity of the code and data executing on the processor. Unlike traditional processor architecture research that focuses on performance, efficiency, and energy as the first-order design objectives, secure processor architecture design has security as the first-order design objective (while still keeping the others as important design aspects that need to be considered). This book aims to present the different challenges of secure processor architecture design to graduate students interested in research on architecture and hardware security and computer architects working in industry interested in adding security features to their designs. It aims to educate readers about how the different challenges have been solved in the past and what are the best practices, i.e., the principles, for design of new secure processor architectures. Based on the careful review of past work by many computer architects and security researchers, readers also will come to know the five basic principles needed for secure processor architecture design. The book also presents existing research challenges and potential new research directions. Finally, this book presents numerous design suggestions, as well as discusses pitfalls and fallacies that designers should avoid.
530 $a Also available in print.
538 $a Mode of access: World Wide Web.
538 $a System requirements: Adobe Acrobat Reader.
588 $a Title from PDF title page (viewed on November 1, 2018).
650 0 $a Computer architecture. $3 172048
650 0 $a Computer security. $3 338952
653 $a secure processor design
653 $a processor architecture
653 $a computer security
653 $a trustworthy computing
653 $a computer hardware security
776 0 8 $i Print version: $z 9781681730011 $z 9781681734040
830 0 $a Synthesis digital library of engineering and computer science. $3 461208
830 0 $a Synthesis lectures in computer architecture ; $v #13. $3 628438
856 4 2 $3 Abstract with links to resource $u https://ieeexplore.ieee.org/servlet/opac?bknumber=8502017