Jump to content

Hardware security: Difference between revisions

From Wikipedia, the free encyclopedia
Content deleted Content added
Citation bot (talk | contribs)
m Removed URL that duplicated unique identifier. | You can use this bot yourself. Report bugs here.| Activated by User:Nemo bis | via #UCB_webform
AnnaBSP (talk | contribs)
No edit summary
 
(14 intermediate revisions by 14 users not shown)
Line 1: Line 1:
{{Short description|Security architecture implemented in hardware}}
'''Hardware security''' as a discipline originated out of cryptographic engineering and involves [[hardware design]], [[access control]], [[secure multi-party computation]], secure key storage, ensuring code authenticity, measures to ensure that the supply chain that built the product is secure among other things.<ref name=":0">{{cite book|last1=Mukhopadhyay|first1=Debdeep|last2=Chakraborty|first2=Rajat Subhra|title=Hardware Security: Design, Threats, and Safeguards|date=2014|publisher=CRC Press|isbn=9781439895849|url=https://books.google.de/books?id=22TNBQAAQBAJ|accessdate=3 June 2017|language=en}}</ref><ref>{{cite web|title=Hardware security in the IoT - Embedded Computing Design|url=http://embedded-computing.com/articles/hardware-security-in-the-iot/|website=embedded-computing.com|accessdate=3 June 2017|language=en}}</ref><ref name=":1">{{Cite journal|last=Rostami|first=M.|last2=Koushanfar|first2=F.|last3=Karri|first3=R.|date=August 2014|title=A Primer on Hardware Security: Models, Methods, and Metrics|journal=Proceedings of the IEEE|volume=102|issue=8|pages=1283–1295|doi=10.1109/jproc.2014.2335155|issn=0018-9219}}</ref><ref>{{Cite journal|last=Rajendran|first=J.|last2=Sinanoglu|first2=O.|last3=Karri|first3=R.|date=August 2014|title=Regaining Trust in VLSI Design: Design-for-Trust Techniques|journal=Proceedings of the IEEE|volume=102|issue=8|pages=1266–1282|doi=10.1109/jproc.2014.2332154|issn=0018-9219}}</ref>
'''Hardware security''' is a discipline originated from the cryptographic engineering and involves [[hardware design]], [[access control]], [[secure multi-party computation]], secure key storage, ensuring code authenticity, measures to ensure that the supply chain that built the product is secure among other things.<ref name=":0">{{cite book|last1=Mukhopadhyay|first1=Debdeep|last2=Chakraborty|first2=Rajat Subhra|title=Hardware Security: Design, Threats, and Safeguards|date=2014|publisher=CRC Press|isbn=9781439895849|url=https://books.google.com/books?id=22TNBQAAQBAJ|accessdate=3 June 2017|language=en}}</ref><ref>{{cite web|title=Hardware security in the IoT - Embedded Computing Design|url=http://embedded-computing.com/articles/hardware-security-in-the-iot/|website=embedded-computing.com|accessdate=3 June 2017|language=en}}</ref><ref name=":1">{{Cite journal|last1=Rostami|first1=M.|last2=Koushanfar|first2=F.|last3=Karri|first3=R.|date=August 2014|title=A Primer on Hardware Security: Models, Methods, and Metrics|journal=Proceedings of the IEEE|volume=102|issue=8|pages=1283–1295|doi=10.1109/jproc.2014.2335155|s2cid=16430074|issn=0018-9219}}</ref><ref>{{Cite journal|last1=Rajendran|first1=J.|last2=Sinanoglu|first2=O.|last3=Karri|first3=R.|date=August 2014|title=Regaining Trust in VLSI Design: Design-for-Trust Techniques|journal=Proceedings of the IEEE|volume=102|issue=8|pages=1266–1282|doi=10.1109/jproc.2014.2332154|issn=0018-9219|doi-access=free}}</ref>


A [[hardware security module]] (HSM) is a physical computing device that safeguards and manages [[digital keys]] for [[strong authentication]] and provides [[Secure cryptoprocessor|cryptoprocessing]]. These modules traditionally come in the form of a plug-in card or an external device that attaches directly to a [[computer]] or [[Server (computing)|network server]].
A [[hardware security module]] (HSM) is a physical computing device that safeguards and manages [[digital keys]] for [[strong authentication]] and provides [[Secure cryptoprocessor|cryptoprocessing]]. These modules traditionally come in the form of a plug-in card or an external device that attaches directly to a [[computer]] or [[Server (computing)|network server]].
Line 5: Line 6:
Some providers in this discipline consider that the key difference between hardware security and [[Computer security|software security]] is that hardware security is implemented using "non-[[Turing machine|Turing-machine]]" logic (raw [[Combinational logic|combinatorial logic]] or [[Finite-state machine|simple state machines]]). One approach, referred to as "hardsec", uses [[Field-programmable gate array|FPGAs]] to implement non-Turing-machine security controls as a way of combining the security of hardware with the flexibility of software.<ref>{{Cite news|url=https://www.telegraph.co.uk/technology/2019/06/22/british-start-ups-race-ahead-us-rivals-develop-new-ultra-secure/|title=British start-ups race ahead of US rivals to develop new ultra-secure computer chips to defeat hackers|last=Cook|first=James|date=2019-06-22|work=The Telegraph|access-date=2019-08-27|language=en-GB|issn=0307-1235}}</ref>
Some providers in this discipline consider that the key difference between hardware security and [[Computer security|software security]] is that hardware security is implemented using "non-[[Turing machine|Turing-machine]]" logic (raw [[Combinational logic|combinatorial logic]] or [[Finite-state machine|simple state machines]]). One approach, referred to as "hardsec", uses [[Field-programmable gate array|FPGAs]] to implement non-Turing-machine security controls as a way of combining the security of hardware with the flexibility of software.<ref>{{Cite news|url=https://www.telegraph.co.uk/technology/2019/06/22/british-start-ups-race-ahead-us-rivals-develop-new-ultra-secure/|title=British start-ups race ahead of US rivals to develop new ultra-secure computer chips to defeat hackers|last=Cook|first=James|date=2019-06-22|work=The Telegraph|access-date=2019-08-27|language=en-GB|issn=0307-1235}}</ref>


[[Hardware backdoor]]s are [[Backdoor (computing)|backdoors]] in [[Computer hardware|hardware]]. Conceptionally related, a [[hardware Trojan]] (HT) is a malicious modification an [[electronic system]], particularly in the context an [[integrated circuit]].<ref name=":0" /><ref name=":1" />
[[Hardware backdoor]]s are [[Backdoor (computing)|backdoors]] in [[Computer hardware|hardware]]. Conceptionally related, a [[hardware Trojan]] (HT) is a malicious modification of [[electronic system]], particularly in the context of [[integrated circuit]].<ref name=":0" /><ref name=":1" />


A [[physical unclonable function]] (PUF)<ref>{{cite book|last1=Sadeghi|first1=Ahmad-Reza|last2=Naccache|first2=David|title=Towards Hardware-Intrinsic Security: Foundations and Practice|date=2010|publisher=Springer Science & Business Media|isbn=9783642144523|url=https://books.google.de/books?id=pZbRLSUp4B0C|accessdate=3 June 2017|language=en}}</ref><ref>{{cite web|title=Hardware Security - Fraunhofer AISEC|url=https://www.aisec.fraunhofer.de/de/fields-of-expertise/hardware-security.html|website=Fraunhofer-Institut für Angewandte und Integrierte Sicherheit|accessdate=3 June 2017|language=de}}</ref> is a physical entity that is embodied in a physical structure and is easy to evaluate but hard to predict. Further, an individual PUF device must be easy to make but practically impossible to duplicate, even given the exact manufacturing process that produced it. In this respect it is the hardware analog of a [[one-way function]]. The name "physical unclonable function" might be a little misleading as some PUFs are clonable, and most PUFs are noisy and therefore do not achieve the requirements for a [[Function (mathematics)|function]]. Today, PUFs are usually implemented in [[integrated circuits]] and are typically used in applications with high security requirements.
A [[physical unclonable function]] (PUF)<ref>{{cite book|last1=Sadeghi|first1=Ahmad-Reza|last2=Naccache|first2=David|title=Towards Hardware-Intrinsic Security: Foundations and Practice|date=2010|publisher=Springer Science & Business Media|isbn=9783642144523|url=https://books.google.com/books?id=pZbRLSUp4B0C|accessdate=3 June 2017|language=en}}</ref><ref>{{cite web|title=Hardware Security - Fraunhofer AISEC|url=https://www.aisec.fraunhofer.de/de/fields-of-expertise/hardware-security.html|website=Fraunhofer-Institut für Angewandte und Integrierte Sicherheit|accessdate=3 June 2017|language=de}}</ref> is a physical entity that is embodied in a physical structure and is easy to evaluate but hard to predict. Further, an individual PUF device must be easy to make but practically impossible to duplicate, even given the exact manufacturing process that produced it. In this respect it is the hardware analog of a [[one-way function]]. The name "physical unclonable function" might be a little misleading as some PUFs are clonable, and most PUFs are noisy and therefore do not achieve the requirements for a [[Function (mathematics)|function]]. Today, PUFs are usually implemented in [[integrated circuits]] and are typically used in applications with high security requirements.


Many attacks on sensitive data and resources reported by organizations occur from within the organization itself.<ref>{{cite web|title=Hardware Security|url=http://web.mit.edu/rhel-doc/4/RH-DOCS/rhel-sg-en-4/s1-netprot-hardware.html|website=web.mit.edu|accessdate=3 June 2017}}</ref>
Many attacks on sensitive data and resources reported by organizations occur from within the organization itself.<ref>{{cite web|title=Hardware Security|url=http://web.mit.edu/rhel-doc/4/RH-DOCS/rhel-sg-en-4/s1-netprot-hardware.html|website=web.mit.edu|accessdate=3 June 2017|archive-date=22 May 2017|archive-url=https://web.archive.org/web/20170522154747/http://web.mit.edu/rhel-doc/4/RH-DOCS/rhel-sg-en-4/s1-netprot-hardware.html|url-status=dead}}</ref>


==See also==
==See also==
* [[Computer security#U.S. NRC, 10 CFR 73.54 Cybersecurity| U.S. NRC, 10 CFR 73.54 Cybersecurity - Protection of digital computer and communication systems and networks]]
* [[Computer security#NEI 08-09: Cybersecurity Plan for Nuclear Power Plants| NEI 08-09: Cybersecurity Plan for Nuclear Power Plants]]
* [[Computer security compromised by hardware failure]]
* [[Computer compatibility]]
* [[Computer compatibility]]
** [[Proprietary software]]
** [[Proprietary software]]
** [[Free and open-source software]]
** [[Free and open-source software]]
*** [[Comparison of open-source operating systems]]
*** [[Comparison of open-source operating systems]]
*** {{sectionlink|Unified Extensible Firmware Interface|Secure boot criticism}}
*** {{sectionlink|Unified Extensible Firmware Interface|Secure Boot criticism}}
* [[Trusted Computing]]
* [[Trusted Computing]]
* [[Computational trust]]
* [[Computational trust]]
Line 30: Line 34:
* [[Security switch]]
* [[Security switch]]
*[[Vulnerability (computing)]]
*[[Vulnerability (computing)]]
*[[Defense strategy (computing)]]
*[[Turing completeness]]
*[[Turing completeness]]
*[[Universal Turing machine]]
*[[Universal Turing machine]]
Line 40: Line 45:
== External links ==
== External links ==


* [https://www.hardsec.org "Hardsec" concept outline]
*Hardsec: practical non-Turing-machine security for threat elimination [https://www.hardsec.org "Hardsec" concept outline] {{Webarchive|url=https://web.archive.org/web/20201111230524/https://www.hardsec.org/ |date=2020-11-11 }}


<!--https://books.google.de/books?id=bNiw9448FeIC-->
<!--https://books.google.de/books?id=bNiw9448FeIC-->
<!--https://books.google.de/books?id=AWDsjwEACAAJ-->
<!--https://books.google.de/books?id=AWDsjwEACAAJ-->


{{Computer science}}
[[Category:Computer hardware]]
[[Category:Computer hardware]]
[[Category:Computer security]]
[[Category:Cyberwarfare]]
[[Category:Cyberwarfare]]
[[Category:Product design]]
[[Category:Product design]]
[[Category:Cybersecurity engineering]]

Latest revision as of 14:02, 21 November 2024

Hardware security is a discipline originated from the cryptographic engineering and involves hardware design, access control, secure multi-party computation, secure key storage, ensuring code authenticity, measures to ensure that the supply chain that built the product is secure among other things.[1][2][3][4]

A hardware security module (HSM) is a physical computing device that safeguards and manages digital keys for strong authentication and provides cryptoprocessing. These modules traditionally come in the form of a plug-in card or an external device that attaches directly to a computer or network server.

Some providers in this discipline consider that the key difference between hardware security and software security is that hardware security is implemented using "non-Turing-machine" logic (raw combinatorial logic or simple state machines). One approach, referred to as "hardsec", uses FPGAs to implement non-Turing-machine security controls as a way of combining the security of hardware with the flexibility of software.[5]

Hardware backdoors are backdoors in hardware. Conceptionally related, a hardware Trojan (HT) is a malicious modification of electronic system, particularly in the context of integrated circuit.[1][3]

A physical unclonable function (PUF)[6][7] is a physical entity that is embodied in a physical structure and is easy to evaluate but hard to predict. Further, an individual PUF device must be easy to make but practically impossible to duplicate, even given the exact manufacturing process that produced it. In this respect it is the hardware analog of a one-way function. The name "physical unclonable function" might be a little misleading as some PUFs are clonable, and most PUFs are noisy and therefore do not achieve the requirements for a function. Today, PUFs are usually implemented in integrated circuits and are typically used in applications with high security requirements.

Many attacks on sensitive data and resources reported by organizations occur from within the organization itself.[8]

See also

[edit]

References

[edit]
  1. ^ a b Mukhopadhyay, Debdeep; Chakraborty, Rajat Subhra (2014). Hardware Security: Design, Threats, and Safeguards. CRC Press. ISBN 9781439895849. Retrieved 3 June 2017.
  2. ^ "Hardware security in the IoT - Embedded Computing Design". embedded-computing.com. Retrieved 3 June 2017.
  3. ^ a b Rostami, M.; Koushanfar, F.; Karri, R. (August 2014). "A Primer on Hardware Security: Models, Methods, and Metrics". Proceedings of the IEEE. 102 (8): 1283–1295. doi:10.1109/jproc.2014.2335155. ISSN 0018-9219. S2CID 16430074.
  4. ^ Rajendran, J.; Sinanoglu, O.; Karri, R. (August 2014). "Regaining Trust in VLSI Design: Design-for-Trust Techniques". Proceedings of the IEEE. 102 (8): 1266–1282. doi:10.1109/jproc.2014.2332154. ISSN 0018-9219.
  5. ^ Cook, James (2019-06-22). "British start-ups race ahead of US rivals to develop new ultra-secure computer chips to defeat hackers". The Telegraph. ISSN 0307-1235. Retrieved 2019-08-27.
  6. ^ Sadeghi, Ahmad-Reza; Naccache, David (2010). Towards Hardware-Intrinsic Security: Foundations and Practice. Springer Science & Business Media. ISBN 9783642144523. Retrieved 3 June 2017.
  7. ^ "Hardware Security - Fraunhofer AISEC". Fraunhofer-Institut für Angewandte und Integrierte Sicherheit (in German). Retrieved 3 June 2017.
  8. ^ "Hardware Security". web.mit.edu. Archived from the original on 22 May 2017. Retrieved 3 June 2017.
[edit]