Security should be intertwined with every part of system; the hardware is no exception. The interaction between hardware and software must be carefully planned. In doing so, the security of the entire system is strengthened.
Trusted Computing
Systems rely on Operating Systems and hardware. This collection of components comprises the core of the Trusted Computing Base (TCB). Systems fundamentally trust all actions that take place within the TCB. As Operating Systems become increasingly more complex, they are prone to faults and vulnerabilities. Hence, researchers seek to shrink the TCB.Recently, a consortium gathered to create an open trusted framework. The Trusted Computing Group'sTrusted Platform Module (TPM) has received much attention. While vendors such as Dell have announced the deployment of TPMs, privacy concerns remain. Such concerns must be addressed before wide-spread acceptance occurs. (TCG)
Our current research efforts aim to discover novel uses for the TPM while maintaining the privacy of users.
Securing Non-Volatile Main Memory
We propose a Memory Encryption Control Unit (MECU) to address the vulnerabilities introduced by non-volatile memories. The MECU encrypts all memory transfers between the level 2 cache and main memory. The keys used to encrypt memory blocks are derived from secret information present on removable authentication tokens, e.g., smart card, or other similar secure storage devices. This provides protection against physical attacks in absence of the token.
We evaluated a MECU-enhanced architecture using the SimpleScalar hardware simulation framework on several hardware benchmarks. The performance analysis shows that we can secure non-volatile memories with minimal overhead---the majority of memory accesses are delayed by less than 1 ns, with limited degradation subsiding within 67 us of a system resume. In effect, we provide zero-cost steady state confidentiality for main memory
0 comments:
Post a Comment