| 000 | 07771nam a22004213i 4500 | ||
|---|---|---|---|
| 001 | EBC6422807 | ||
| 003 | MiAaPQ | ||
| 005 | 20240122001308.0 | ||
| 006 | m o d | | ||
| 007 | cr cnu|||||||| | ||
| 008 | 231124s2014 xx o ||||0 eng d | ||
| 020 |
_a9781430265726 _q(electronic bk.) |
||
| 020 | _z9781430265719 | ||
| 035 | _a(MiAaPQ)EBC6422807 | ||
| 035 | _a(Au-PeEL)EBL6422807 | ||
| 035 | _a(OCoLC)890133382 | ||
| 040 |
_aMiAaPQ _beng _erda _epn _cMiAaPQ _dMiAaPQ |
||
| 050 | 4 | _aQA76.9.A25 | |
| 100 | 1 | _aRuan, Xiaoyu. | |
| 245 | 1 | 0 |
_aPlatform Embedded Security Technology Revealed : _bSafeguarding the Future of Computing with Intel Embedded Security and Management Engine. |
| 250 | _a1st ed. | ||
| 264 | 1 |
_aBerkeley, CA : _bApress L. P., _c2014. |
|
| 264 | 4 | _c�2014. | |
| 300 | _a1 online resource (263 pages) | ||
| 336 |
_atext _btxt _2rdacontent |
||
| 337 |
_acomputer _bc _2rdamedia |
||
| 338 |
_aonline resource _bcr _2rdacarrier |
||
| 505 | 0 | _aIntro -- Contents at a Glance -- Contents -- About the Author -- About the Technical Reviewer -- Acknowledgments -- Introduction -- Chapter 1: Cyber Security in the Mobile Age -- Three Pillars of Mobile Computing -- Power Efficiency -- Internet Connectivity -- Security -- BYOD -- Incident Case Study -- eBay Data Breach -- Target Data Breach -- OpenSSL Heartbleed -- Key Takeaways -- Strong Authentication -- Network Management -- Boot Integrity -- Hardware-Based Protection -- Open-Source Software Best Practice -- Third-Party Software Best Practice -- Security Development Lifecycle -- Assessment -- Architecture -- Design -- Implementation -- Deployment -- Interface Testing -- Penetration Testing -- CVSS -- Limitations -- References -- Chapter 2: Intel's Embedded Solutions: from Management to Security -- Management Engine vs. Intel AMT -- Intel AMT vs. Intel vPro Technology -- Management Engine Overview -- Hardware -- Overlapped I/O -- Firmware -- Software -- Platform and System Management -- Software Solutions -- Hardware Solutions -- In-Band Solutions -- Out-of-Band Solutions -- Intel AMT Overview -- BIOS Extension -- Local Management Service and Tray Icon -- Remote Management -- The Engine's Evolvement: from Management to Security -- Embedded System as Security Solution -- Security Applications at a Glance -- EPID -- PAVP -- IPT -- Boot Guard -- Virtual Security Core: ARM TrustZone -- Secure Mode and Nonsecure Mode -- Memory Isolation -- Bus Isolation -- Physical Isolation vs. Virtual Isolation -- References -- Chapter 3: Building Blocks of the Security and Management Engine -- Random Number Generation -- Message Authentication -- Hash with Multiple Calls -- Symmetric-Key Encryption -- AES -- DES/3DES -- Asymmetric-Key Encryption: RSA -- Key Pair Generation and Validation -- Encryption and Decryption -- Digital Signature -- RSA -- ECDSA. | |
| 505 | 8 | _aKey Pair Generation and Validation -- Scalar Multiplication -- Window Method -- Dual Scalar Multiplication -- Hardware Acceleration -- Other Cryptography Functions -- Secure Storage -- Debugging -- Debug Messaging -- Special Production-Signed Firmware Based on Unique Part ID -- Secure Timer -- Host-Embedded Communication Interface -- Direct Memory Access to Host Memory -- References -- Chapter 4: The Engine: Safeguarding Itself before Safeguarding Others -- Access to Host Memory -- Communication with the CPU -- Triggering Power Flow -- Security Requirements -- Confidentiality -- Integrity -- Availability -- Threat Analysis and Mitigation -- Load Integrity -- Memory Integrity -- Memory Encryption -- Task Isolation -- Asset Protection -- Memory Manager -- Thread Manager -- Memory Protection Control -- Loader -- Inter-Task Call Management -- Exception Handler -- Nonprivileged Tasks -- Firmware Update and Downgrade -- Published Attacks -- "Introducing Ring -3 Rootkits " -- References -- Chapter 5: Privacy at the Next Level: Intel's Enhanced Privacy Identification (EPID) Technology -- Redefining Privacy for the Mobile Age -- Passive Anonymity -- Active Anonymity -- Processor Serial Number -- EPID -- Key Structures and Provisioning -- Revocation -- Private Key-Based Revocation -- Signature-Based Revocation -- Group-Based Revocation -- Signature Generation and Verification -- Signature Generation -- Base Name -- Signature Verification -- SIGMA -- Verifier's Certificate -- Messages Breakdown -- Implementation of EPID -- Key Recovery -- Attack Mitigation -- Applications of EPID -- Next Generation of EPID -- Two-way EPID -- Optimization -- References -- Chapter 6: Boot with Integrity, or Don't Boot -- Boot Attack -- Evil Maid -- BIOS and UEFI -- BIOS Alteration -- Software Replacement -- Jailbreaking -- Trusted Platform Module (TPM). | |
| 505 | 8 | _aPlatform Configuration Register -- Field Programmable Fuses -- Field Programmable Fuses vs. Flash Storage -- Field Programmable Fuse Task -- Intel Boot Guard -- Operating System Requirements for Boot Integrity -- OEM Configuration -- Measured Boot -- Verified Boot -- Manifests -- Verification Flow -- References -- Chapter 7: Trust Computing, Backed by the Intel Platform Trust Technology -- TPM Overview -- Cryptography Subsystem -- Storage -- Endorsement Key -- Attestation -- Binding and Sealing -- Intel Platform Trust Technology -- Cryptography Algorithms -- Endorsement Key Storage -- Endorsement Key Revocation -- Endorsement Certificate -- Supporting Security Firmware Applications -- Integrated vs. Discrete TPM -- References -- Chapter 8: Unleashing Premium Entertainment with Hardware-Based Content Protection Technology -- Rights Protection -- DRM Schemes -- Device Key Management -- Rights Management -- Playback -- UltraViolet -- End-to-End Content Protection -- Content Server -- License Server -- Software Stack -- External Display -- Weak Points -- Intel's Hardware-Based Content Protection -- Protected Audio and Video Path (PAVP) -- Device Key Provisioning -- Rights Management -- Intel Wireless Display -- Authentication and Key Exchange -- Content Protection on TrustZone -- References -- Chapter 9: Breaking the Boundaries with Dynamically Loaded Applications -- Closed-Door Model -- DAL Overview -- DAL Architecture -- Loading an Applet -- Secure Timer -- Host Storage Protection -- Security Considerations -- Reviewing and Signing Process -- References -- Chapter 10: Intel Identity Protection Technology: the Robust, Convenient, and Cost-Effective Way to Deter Identity Theft -- One-Time Password -- HOTP -- TOTP -- Transaction Signing -- OTP Tokens -- Embedded OTP and OCRA -- Token Installation -- TOTP and OCRA Generation -- Highlights and Lowlights. | |
| 505 | 8 | _aProtected Transaction Display -- Drawing a Sprite -- Gathering the User's PIN Input -- Firmware Architecture -- Embedded PKI and NFC -- References -- Chapter 11: Looking Ahead: Tomorrow's Innovations Built on Today's Foundation -- Isolated Computing Environment -- Security-Hardening Measures -- Basic Utilities -- Anonymous Authentication and Secure Session Establishment -- Protected Input and Output -- Dynamic Application Loader -- Summary of Firmware Ingredients -- Software Guard Extensions -- More Excitement to Come -- References -- Index. | |
| 588 | _aDescription based on publisher supplied metadata and other sources. | ||
| 590 | _aElectronic reproduction. Ann Arbor, Michigan : ProQuest Ebook Central, 2023. Available via World Wide Web. Access may be limited to ProQuest Ebook Central affiliated libraries. | ||
| 655 | 4 | _aElectronic books. | |
| 776 | 0 | 8 |
_iPrint version: _aRuan, Xiaoyu _tPlatform Embedded Security Technology Revealed _dBerkeley, CA : Apress L. P.,c2014 _z9781430265719 |
| 797 | 2 | _aProQuest (Firm) | |
| 856 | 4 | 0 |
_uhttps://ebookcentral.proquest.com/lib/bacm-ebooks/detail.action?docID=6422807 _zClick to View |
| 999 |
_c306692 _d306692 |
||