Building the IBM 4758 secure coprocessor

Meeting the challenge of building a user-configurable secure coprocessor provided several lessons in hardware and software development and continues to spur further research. In developing the 4758, we met our major research security goals and provided the following features: (1) a lifetime-secure tamper-responding device, rather than one that is secure only between resets that deployment-specific security officers perform; (2) a secure booting process in which each layer progressively validates the next less-trusted layer, with hardware restricting access to its secrets before passing control to that layer; (3) an actual manufacturable product - a nontrivial accomplishment considering that we designed the device so that it does not have a personality until configured in the field; (4) the first FIPS 140-1 Level 4 validation, arguably the only general-purpose computational platform validated at this level so far; and (5) a multipurpose programmable device based on a 99-MHz 486 CPU internal environment, with a real operating system, a C language development environment and relatively high-speed cryptography     

Implementation of a secure TLS coprocessor on an FPGA

In this paper we present a secure implementation architecture of a coprocessor for the TLSv1.2 protocol, on an FPGA. Techniques were used that increase the resistance of the design to side channel attacks, and also protect the private key data from software based attacks. The processor was implemented with a secure true random number generator which incorporates failure detection and thorough post-processing of the random bitstream. The design also includes hardware for signature generation and verification; based on elliptic curve algorithms. The algorithms used for performing the elliptic curve arithmetic were chosen to provide resistance against SPA and DPA attacks. Implementations of the AES and SHA256 algorithms are also included in order to provide full hardware acceleration for a specific suite of the TLSv1.2 protocol. The design is analysed for area and speed on a Virtex 5 FPGA.     

高效能ESCA协处理器验证技术研究

处理器结构的日益复杂使得对处理器功能进行有效验证变得越来越重要和关键。基于一款高效能计算协处理器ESCA,讨论了边界值验证、等价类验证和决策表验证等三类验证方法在ESCA处理器功能验证中的具体实现,并针对ESCA处理器中不同功能模块的基本特性提出了一种综合验证方法。实验结果表明,采用综合验证方法进行的ESCA处理器功能验证,不仅高效保证了验证案例集的生成,而且以较少的验证工作量实现了100%功能覆盖率,有效减少了ESCA处理器功能验证时间,提高了验证效率。     

Outbound authentication for programmable secure coprocessors

A programmable secure coprocessor platform can help solve many security problems in distributed computing, particularly if coprocessor applications can participate as full-fledged parties in distributed cryptographic protocols. Thus, a generic platform must not only provide programmability, maintenance, and configuration in the hostile field, it must also provide outbound authentication for the entities that result. This paper offers our experiences in solving this problem for a high-end secure coprocessor product. This work required synthesis of a number of techniques, so that parties with different and dynamic views of trust can draw sound and complete conclusions about remote coprocessor applications.     

Exploring the speedups of embedded microprocessor systems utilizing a high-performance coprocessor data-path

The speedups achieved in a generic microprocessor system by employing a high-performance data-path are presented. The data-path acts as a coprocessor that accelerates time critical code segments, called kernels, thereby increasing the overall performance. The data-path has been previously introduced by the authors and it is composed by Flexible Computational Components (FCCs) that can realize any two-level template of primitive operations. A design flow, integrating the automated coprocessor synthesis method, for executing applications on the system is presented. For evaluating the effectiveness of our coprocessor approach, analytical exploration in respect to the type of the custom data-path and to the microprocessor architecture is performed. The kernel and the overall application speedups of six real-life applications, relative to the software execution on the microprocessor, are estimated using the design flow. Kernel speedups up to 155 are achieved that result in an average overall improvement of 2.78 with a small overhead in circuit area. The design flow achieved the acceleration of the applications near to theoretical bounds. A comparison with another high-performance data-path showed that the proposed coprocessor achieves better performance while having smaller area-time products for the generated data-paths.

基于安全协处理器保护软件可信运行框架

软件可信运行是许多应用领域的基础,但恶意主机问题使得很难保证一个软件可信运行.在传统的基于硬件加密平台保护软件可信运行机制中,运行于安全硬件中的代码和运行于主机中的代码不在同一个执行上下文中,因此难以给用户提供完善的保护策略.为此,提出了一种新的基于安全协处理器保护软件可信运行的框架,在该框架下,软件设计者可以根据待保护软件特点和自身要求定制更加完善和灵活的保护.     

MUTABOR, a coprocessor supporting memory management in anobject-oriented architecture

The author describes MUTABOR, a micro-programmable coprocessor that works with a 68020 CPU to control and update a 4096-entry address translation cache that achieves an excellent hit rate. He defines the requirements for an object-oriented memory-management unit, and outlines the architecture of MUTABOR and the object-addressing mechanism. He also discusses the design decisions concerning the address translation cache, which were based on simulation results     

Window环境下搭建基于OpenSSL的安全Apache服务

Internet上的Web服务越来越多,网络安全的形势日益严峻,如何在一个可靠的WEB服务器上搭建安全的信息通道的问题显得越来越突出,Apache由于其开源、高效、稳定、免费等优势,在Web服务器中所占的份额越来越大,对此,本文介绍了一种在Apache中通过OpenSSL来增加Web安全的方法。     

Elliptic Curve Cryptography hardware accelerator for high-performance secure servers

The Journal of Supercomputing - Security threats affecting electronics communications in the current world make necessary the encryption and authentication of every transaction. The increasing...     

A secure and high-performance multi-controller architecture for software-defined networking

Controllers play a critical role in software-defined networking (SDN). However, existing single-controller SDN architectures are vulnerable to single-point failures, where a controller’s capacity can be saturated by flooded flow requests. In addition, due to the complicated interactions between applications and controllers, the flow setup latency is relatively large. To address the above security and performance issues of current SDN controllers, we propose distributed rule store (DRS), a new multi-controller architecture for SDNs. In DRS, the controller caches the flow rules calculated by applications, and distributes these rules to multiple controller instances. Each controller instance holds only a subset of all rules, and periodically checks the consistency of flow rules with each other. Requests from switches are distributed among multiple controllers, in order to mitigate controller capacity saturation attack. At the same time, when rules at one controller are maliciously modified, they can be detected and recovered in time. We implement DRS based on Floodlight and evaluate it with extensive emulation. The results show that DRS can effectively maintain a consistently distributed rule store, and at the same time can achieve a shorter flow setup time and a higher processing throughput, compared with ONOS and Floodlight.     

构筑安全可靠的Web数据库应用系统

Web技术和数据库技术的结合是WWW信息服务技术发展的大势所趋 ,由此产生了一系列的安全性问题 ,本文就如何构筑安全可靠的Web数据库应用系统 ,对从工作环境到程序应用的安全性问题进行了研究。     

Dynamic hardware plugins: exploiting reconfigurable hardware for high-performance programmable routers

This paper presents the dynamic hardware plugins (DHP) architecture for implementing multiple networking applications in hardware at programmable routers. By enabling multiple applications to be dynamically loaded into a single hardware device, the DHP architecture provides a scalable mechanism for implementing high-performance programmable routers. The DHP architecture is presented within the context of a programmable router architecture which processes flows in both software and hardware. Implementation options are described as well as the prototype testbed at Washington University in Saint Louis which utilizes the partial reconfiguration capability of modern field programmable gate arrays.     

Building secure Web-based environments: understanding research interrelationships through a construction metaphor

Researchers are attempting to take the Internet to the next level of importance in people's lives. We can think of this as creating Web-based environments - communities of interest centered around a specific sphere of activity, where participants interact exclusively (or at least primarily) via the Web. These environments include all the buzz words that fill the media today, such as e-business, e-government, e-banking, e-law, e-learning, and e-health. Web surfing requires some minimal level of security, and online shopping requires a somewhat higher level of security. But participation in a Web-based environment can demand unprecedented levels of both security and privacy. This is why so much research activity currently exists in this area. Moreover, Web-based environments are complex and multifaceted; consequently, research into securing them is also complex and multifaceted. Thus, we might step back and put together a bigger picture of how this research is organized and interconnected     

Building more secure software with improved development processes

The author draws on experiences gained as a member of Microsoft's central security team to outline some basic best practices for the software development process. These practices benefitted Microsoft products released since the inception of its Trustworthy Computing initiative in 2002. The points are a subset of the security development lifecycle process implemented at Microsoft.     

Building secure software: better than protecting bad software

Software is the biggest problem in computer security today. Most organizations invest in security by buying and maintaining a firewall, but they go on to let anybody access multiple Internet-enabled applications through that firewall. These applications are often remotely exploitable, rendering the firewall impotent (not to mention the fact that the firewall is often a piece of fallible software itself). Real attackers exploit software.