Cover Image

Security basics for computer architects /

Bibliographic Details
Main Author: Lee, Ruby B. (Author)
Format: eBook
Language:English
Published: San Rafael, California (1537 Fourth Street, San Rafael, CA 94901 USA) : Morgan & Claypool, 2013.
Series:Synthesis lectures in computer architecture ; # 25.
Subjects:
Computer security.
access control
computer security
confidentiality and integrity
cryptography
hardware security
secure processors
secure protocols
security policies
trustworthy computing
Electronic books.
Online Access:Connect to the full text of this electronic book
Table of Contents:
  • 1. Threat-based design
  • 1.1 Security properties
  • 1.1.1 Cornerstone security properties
  • 1.1.2 Access control
  • 1.1.3 Trustworthy versus trusted
  • 1.2 Threats and attacks
  • 1.3 Countermeasures and defenses
  • 1.4 Threat model
  • 1.5 Security architecture design methodology
  • 2. Security policy models
  • 2.1 Multi-level security policies
  • 2.1.1 Bell La Padula (BLP) for confidentiality
  • 2.1.2 Biba for integrity
  • 2.1.3 Examples
  • 2.1.4 MLS security levels and privilege levels
  • 2.2 Multi-lateral security policies
  • 2.2.1 Chinese wall
  • 2.2.2 Clark-Wilson
  • 2.2.3 BLP with codewords
  • 2.2.4 Electronic medical records
  • 3. Access control
  • 3.1 Authentication
  • 3.1.1 Passwords and passphrases
  • 3.1.2 Biometrics
  • 3.1.3 Private keys and security tokens
  • 3.1.4 False negatives and false positives
  • 3.2 Authorization
  • 4. Cryptography for confidentiality and integrity
  • 4.1 Symmetric key ciphers
  • 4.1.1 Substitution and permutation ciphers
  • 4.1.2 One time pad
  • 4.1.3 Stream ciphers
  • 4.1.4 Block ciphers
  • 4.1.5 Processor enhancements for crypto
  • 4.1.6 Cipher modes of operation
  • 4.1.7 Importance of key management
  • 4.1.8 Computer architecture example: SP
  • 4.2 Cryptographic hash functions
  • 4.2.1 Properties of cryptographic hash functions
  • 4.2.2 Collision resistance and the birthday paradox
  • 4.2.3 Hash functions for integrity
  • 4.2.4 Keyed-hash or MAC
  • 4.2.5 Hash trees
  • 4.2.6 Use of block ciphers as hash functions
  • 4.2.7 Examples of use
  • 4.2.8 Computer architecture examples
  • 4.3 More on the birthday paradox (optional)
  • 5. Public-key cryptography
  • 5.1 Digital signature
  • 5.2 Non-repudiation
  • 5.3 Public-private key-pairs
  • 5.4 Public-key ciphers
  • 5.4.1 RSA
  • 5.4.2 Other public-key cryptography algorithms
  • 5.5 Uses of public-key cryptography
  • 5.6 Public-key infrastructure (PKI)
  • 5.6.1 Public-key certificates and certificate authorities
  • 5.6.2 Types of public-key infrastructures
  • 5.6.3 Web of trust
  • 5.7 Efficient use of public-key and symmetric-key crypto
  • 5.8 Example: secure sockets layer
  • 5.9 Computer architecture example: bastion
  • 5.10 Misunderstanding public-key crypto
  • 6. Security protocols
  • 6.1 Protocol notation
  • 6.2 Challenge-response protocols
  • 6.3 Protocol attacks
  • 6.4 Real-world protocols
  • 6.5 Verifying security protocols
  • 7. Summary
  • 7.1 Security applications
  • 7.2 Research topics in hardware security
  • 7.3 The road ahead
  • Bibliography
  • Appendix: further readings
  • A.1. Dynamic information flow tracking (DIFT) papers
  • A.2. Secure processor papers
  • A.3. Memory integrity tree papers
  • Author's biography.