Challenges in the Design of Security-Aware Processors

2015 IEEE 26th International Conference on Application-specific Systems, Architectures and Processors (ASAP) Pub Date : 2003-06-26 DOI:10.1109/ASAP.2003.1212824

R. Lee

{"title":"Challenges in the Design of Security-Aware Processors","authors":"R. Lee","doi":"10.1109/ASAP.2003.1212824","DOIUrl":null,"url":null,"abstract":"Summary form only given. Approaches to cyber security have focused on reactive measures, perimeter security and software implementations. In contrast, we propose a proactive approach to cyber security, where every component, hardware, software or networking, has secure or trustworthy operation as a primary design goal. Architecture for cyber security must be defined at many levels. At the foundational level, if we want core hardware and software to be more responsible for cyber security, what architectural features must be included? How do we translate business and personal security needs, in addition to military and national security needs, into scalable technology features? In this talk, we focus on processors as the engines of the Information Age upon which all software runs. What does it mean for a processor to be security-aware? We illustrate with a few examples. In the area of e-commerce and e-business, we discuss how the processor can make cyber transactions more trustworthy. Can cryptography algorithms, and security protocols, be radically accelerated to provide needed confidentiality, data integrity, digital signatures and user authentication, in an automatic and painless way? In the area of service availability, we discuss whether the processor can provide defenses against misuse of computers by malicious third parties. Are there ways processor architecture can be enhanced to detect, prevent or mitigate potentially disastrous Distributed Denial of Service attacks? What are the processor and software vendors�� responsibilities in providing best-effort security features? What are the technical, policy and social challenges in digital rights management (DRM) with regard to built-in anti-piracy mechanisms? Many of these issues have legal, economic, social and ethical aspects, in addition to technological possibilities and limitations. We propose that it is time to consider how technology in general, and processor architecture in particular, can be designed to facilitate greater security and trust in cyberspace transactions and services.","PeriodicalId":6642,"journal":{"name":"2015 IEEE 26th International Conference on Application-specific Systems, Architectures and Processors (ASAP)","volume":"37 1","pages":"2-"},"PeriodicalIF":0.0000,"publicationDate":"2003-06-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 IEEE 26th International Conference on Application-specific Systems, Architectures and Processors (ASAP)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ASAP.2003.1212824","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 5

Abstract

Summary form only given. Approaches to cyber security have focused on reactive measures, perimeter security and software implementations. In contrast, we propose a proactive approach to cyber security, where every component, hardware, software or networking, has secure or trustworthy operation as a primary design goal. Architecture for cyber security must be defined at many levels. At the foundational level, if we want core hardware and software to be more responsible for cyber security, what architectural features must be included? How do we translate business and personal security needs, in addition to military and national security needs, into scalable technology features? In this talk, we focus on processors as the engines of the Information Age upon which all software runs. What does it mean for a processor to be security-aware? We illustrate with a few examples. In the area of e-commerce and e-business, we discuss how the processor can make cyber transactions more trustworthy. Can cryptography algorithms, and security protocols, be radically accelerated to provide needed confidentiality, data integrity, digital signatures and user authentication, in an automatic and painless way? In the area of service availability, we discuss whether the processor can provide defenses against misuse of computers by malicious third parties. Are there ways processor architecture can be enhanced to detect, prevent or mitigate potentially disastrous Distributed Denial of Service attacks? What are the processor and software vendors�� responsibilities in providing best-effort security features? What are the technical, policy and social challenges in digital rights management (DRM) with regard to built-in anti-piracy mechanisms? Many of these issues have legal, economic, social and ethical aspects, in addition to technological possibilities and limitations. We propose that it is time to consider how technology in general, and processor architecture in particular, can be designed to facilitate greater security and trust in cyberspace transactions and services.

查看原文本刊更多论文

安全感知处理器设计中的挑战

只提供摘要形式。网络安全的方法主要集中在被动措施、外围安全和软件实施上。相比之下，我们提出了一种积极主动的网络安全方法，其中每个组件，硬件，软件或网络，都将安全或可信赖的操作作为主要设计目标。网络安全架构必须在多个层面进行定义。在基础层面上，如果我们希望核心硬件和软件对网络安全承担更多责任，那么必须包括哪些架构特征?除了军事和国家安全需求外，我们如何将商业和个人安全需求转化为可扩展的技术功能?在这次演讲中，我们将把重点放在作为信息时代引擎的处理器上，所有的软件都是在处理器上运行的。处理器具有安全意识意味着什么?我们用几个例子来说明。在电子商务和电子商务领域，我们讨论处理器如何使网络交易更加可信。密码学算法和安全协议能否以自动和无痛的方式从根本上加速，以提供所需的机密性、数据完整性、数字签名和用户身份验证?在服务可用性方面，我们讨论处理器是否能够提供防御，防止恶意第三方滥用计算机。是否有方法可以增强处理器架构来检测、防止或减轻潜在的灾难性分布式拒绝服务攻击?处理器和软件供应商在提供最佳安全特性方面的责任是什么?就内置的反盗版机制而言，数字版权管理(DRM)的技术、政策和社会挑战是什么?除了技术上的可能性和局限性外，其中许多问题还涉及法律、经济、社会和伦理方面。我们建议，现在是时候考虑如何设计一般技术，特别是处理器架构，以促进网络空间交易和服务的安全性和信任度。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2015 IEEE 26th International Conference on Application-specific Systems, Architectures and Processors (ASAP)

自引率

0.00%

发文量