An Analysis of the Intel 80x86 Security Architecture and Implementations
نویسندگان
چکیده
| An in-depth analysis of the 80x86 processor families identi es architectural properties that may have unexpected, and undesirable, results in secure computer systems. In addition, reported implementation errors in some processor versions render them undesirable for secure systems because of potential security and reliability problems. In this paper, we discuss the imbalance in scrutiny for hardware protection mechanisms relative to software, and why this imbalance is increasingly di cult to justify as hardware complexity increases. We illustrate this di culty with examples of architectural subtleties and reported implementation errors. Keywords|Hardware security architecture, hardware implementation error, microprocessor, computer security, penetration testing, covert channels.
منابع مشابه
The Intel 80×86 processor architecture: pitfalls for secure systems
An in-depth analysis of the 80x86 processor families identi es architectural properties that may have unexpected, and undesirable, results in secure computer systems. In addition, reported implementation errors in some processor versions render them undesirable for secure systems because of potential security and reliability problems. In this paper, we discuss the imbalance in scrutiny for hard...
متن کاملA Multi-Threading Architecture for Multilevel Secure Transaction Processing
A TCB and security kernel architecture for supporting multi-threaded, queue-driven transaction processing applications in a multilevel secure environment is presented. Our design exploits hardware security features of the Intel 80x86 processor family. Intel’s CPU architecture provides hardware with two distinct descriptor tables. We use one of these in the usual way for process isolation. For e...
متن کاملState Caching in the EROS Kernel Implementing Efficient Orthogonal Persistence in a Pure Capability System
EROS, the Extremely Reliable Operating System, addresses the issues of reliability and security by combining two ideas from earlier systems: capabilities and a persistent single-level store. Capabilities unify object naming with access control. Persistence extends this naming and access control uniformly across the memory hierarchy; main memory is viewed simply as a cache of the single-level st...
متن کاملSecurity testing of session initiation protocol implementations
The mechanisms which enable the vast majority of computer attacks are based on design and programming errors in networked applications. The growing use of voice over IP (VOIP) phone technology makes these phone applications potential targets. We present a tool to perform security testing of VOIP applications to identify security vulnerabilities which can be exploited by an attacker. Session Ini...
متن کاملEfficient implementation of low time complexity and pipelined bit-parallel polynomial basis multiplier over binary finite fields
This paper presents two efficient implementations of fast and pipelined bit-parallel polynomial basis multipliers over GF (2m) by irreducible pentanomials and trinomials. The architecture of the first multiplier is based on a parallel and independent computation of powers of the polynomial variable. In the second structure only even powers of the polynomial variable are used. The par...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IEEE Trans. Software Eng.
دوره 22 شماره
صفحات -
تاریخ انتشار 1996