Platform Embedded Security Technology Revealed : : Safeguarding the Future of Computing with Intel Embedded Security and Management Engine.
Saved in:
| : | |
|---|---|
| Place / Publishing House: | Berkeley, CA : : Apress L. P.,, 2014. Ã2014. |
| Year of Publication: | 2014 |
| Edition: | 1st ed. |
| Language: | English |
| Online Access: | |
| Physical Description: | 1 online resource (263 pages) |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| id |
5006422807 |
|---|---|
| ctrlnum |
(MiAaPQ)5006422807 (Au-PeEL)EBL6422807 (OCoLC)890133382 |
| collection |
bib_alma |
| record_format |
marc |
| spelling |
Ruan, Xiaoyu. Platform Embedded Security Technology Revealed : Safeguarding the Future of Computing with Intel Embedded Security and Management Engine. 1st ed. Berkeley, CA : Apress L. P., 2014. Ã2014. 1 online resource (263 pages) text txt rdacontent computer c rdamedia online resource cr rdacarrier Intro -- Contents at a Glance -- Contents -- About the Author -- About the Technical Reviewer -- Acknowledgments -- Introduction -- Chapter 1: Cyber Security in the Mobile Age -- Three Pillars of Mobile Computing -- Power Efficiency -- Internet Connectivity -- Security -- BYOD -- Incident Case Study -- eBay Data Breach -- Target Data Breach -- OpenSSL Heartbleed -- Key Takeaways -- Strong Authentication -- Network Management -- Boot Integrity -- Hardware-Based Protection -- Open-Source Software Best Practice -- Third-Party Software Best Practice -- Security Development Lifecycle -- Assessment -- Architecture -- Design -- Implementation -- Deployment -- Interface Testing -- Penetration Testing -- CVSS -- Limitations -- References -- Chapter 2: Intel's Embedded Solutions: from Management to Security -- Management Engine vs. Intel AMT -- Intel AMT vs. Intel vPro Technology -- Management Engine Overview -- Hardware -- Overlapped I/O -- Firmware -- Software -- Platform and System Management -- Software Solutions -- Hardware Solutions -- In-Band Solutions -- Out-of-Band Solutions -- Intel AMT Overview -- BIOS Extension -- Local Management Service and Tray Icon -- Remote Management -- The Engine's Evolvement: from Management to Security -- Embedded System as Security Solution -- Security Applications at a Glance -- EPID -- PAVP -- IPT -- Boot Guard -- Virtual Security Core: ARM TrustZone -- Secure Mode and Nonsecure Mode -- Memory Isolation -- Bus Isolation -- Physical Isolation vs. Virtual Isolation -- References -- Chapter 3: Building Blocks of the Security and Management Engine -- Random Number Generation -- Message Authentication -- Hash with Multiple Calls -- Symmetric-Key Encryption -- AES -- DES/3DES -- Asymmetric-Key Encryption: RSA -- Key Pair Generation and Validation -- Encryption and Decryption -- Digital Signature -- RSA -- ECDSA. Key Pair Generation and Validation -- Scalar Multiplication -- Window Method -- Dual Scalar Multiplication -- Hardware Acceleration -- Other Cryptography Functions -- Secure Storage -- Debugging -- Debug Messaging -- Special Production-Signed Firmware Based on Unique Part ID -- Secure Timer -- Host-Embedded Communication Interface -- Direct Memory Access to Host Memory -- References -- Chapter 4: The Engine: Safeguarding Itself before Safeguarding Others -- Access to Host Memory -- Communication with the CPU -- Triggering Power Flow -- Security Requirements -- Confidentiality -- Integrity -- Availability -- Threat Analysis and Mitigation -- Load Integrity -- Memory Integrity -- Memory Encryption -- Task Isolation -- Asset Protection -- Memory Manager -- Thread Manager -- Memory Protection Control -- Loader -- Inter-Task Call Management -- Exception Handler -- Nonprivileged Tasks -- Firmware Update and Downgrade -- Published Attacks -- "Introducing Ring -3 Rootkits " -- References -- Chapter 5: Privacy at the Next Level: Intel's Enhanced Privacy Identification (EPID) Technology -- Redefining Privacy for the Mobile Age -- Passive Anonymity -- Active Anonymity -- Processor Serial Number -- EPID -- Key Structures and Provisioning -- Revocation -- Private Key-Based Revocation -- Signature-Based Revocation -- Group-Based Revocation -- Signature Generation and Verification -- Signature Generation -- Base Name -- Signature Verification -- SIGMA -- Verifier's Certificate -- Messages Breakdown -- Implementation of EPID -- Key Recovery -- Attack Mitigation -- Applications of EPID -- Next Generation of EPID -- Two-way EPID -- Optimization -- References -- Chapter 6: Boot with Integrity, or Don't Boot -- Boot Attack -- Evil Maid -- BIOS and UEFI -- BIOS Alteration -- Software Replacement -- Jailbreaking -- Trusted Platform Module (TPM). Platform Configuration Register -- Field Programmable Fuses -- Field Programmable Fuses vs. Flash Storage -- Field Programmable Fuse Task -- Intel Boot Guard -- Operating System Requirements for Boot Integrity -- OEM Configuration -- Measured Boot -- Verified Boot -- Manifests -- Verification Flow -- References -- Chapter 7: Trust Computing, Backed by the Intel Platform Trust Technology -- TPM Overview -- Cryptography Subsystem -- Storage -- Endorsement Key -- Attestation -- Binding and Sealing -- Intel Platform Trust Technology -- Cryptography Algorithms -- Endorsement Key Storage -- Endorsement Key Revocation -- Endorsement Certificate -- Supporting Security Firmware Applications -- Integrated vs. Discrete TPM -- References -- Chapter 8: Unleashing Premium Entertainment with Hardware-Based Content Protection Technology -- Rights Protection -- DRM Schemes -- Device Key Management -- Rights Management -- Playback -- UltraViolet -- End-to-End Content Protection -- Content Server -- License Server -- Software Stack -- External Display -- Weak Points -- Intel's Hardware-Based Content Protection -- Protected Audio and Video Path (PAVP) -- Device Key Provisioning -- Rights Management -- Intel Wireless Display -- Authentication and Key Exchange -- Content Protection on TrustZone -- References -- Chapter 9: Breaking the Boundaries with Dynamically Loaded Applications -- Closed-Door Model -- DAL Overview -- DAL Architecture -- Loading an Applet -- Secure Timer -- Host Storage Protection -- Security Considerations -- Reviewing and Signing Process -- References -- Chapter 10: Intel Identity Protection Technology: the Robust, Convenient, and Cost-Effective Way to Deter Identity Theft -- One-Time Password -- HOTP -- TOTP -- Transaction Signing -- OTP Tokens -- Embedded OTP and OCRA -- Token Installation -- TOTP and OCRA Generation -- Highlights and Lowlights. Protected Transaction Display -- Drawing a Sprite -- Gathering the User's PIN Input -- Firmware Architecture -- Embedded PKI and NFC -- References -- Chapter 11: Looking Ahead: Tomorrow's Innovations Built on Today's Foundation -- Isolated Computing Environment -- Security-Hardening Measures -- Basic Utilities -- Anonymous Authentication and Secure Session Establishment -- Protected Input and Output -- Dynamic Application Loader -- Summary of Firmware Ingredients -- Software Guard Extensions -- More Excitement to Come -- References -- Index. Description based on publisher supplied metadata and other sources. Electronic reproduction. Ann Arbor, Michigan : ProQuest Ebook Central, 2024. Available via World Wide Web. Access may be limited to ProQuest Ebook Central affiliated libraries. Electronic books. Print version: Ruan, Xiaoyu Platform Embedded Security Technology Revealed Berkeley, CA : Apress L. P.,c2014 9781430265719 ProQuest (Firm) https://ebookcentral.proquest.com/lib/oeawat/detail.action?docID=6422807 Click to View |
| language |
English |
| format |
eBook |
| author |
Ruan, Xiaoyu. |
| spellingShingle |
Ruan, Xiaoyu. Platform Embedded Security Technology Revealed : Safeguarding the Future of Computing with Intel Embedded Security and Management Engine. Intro -- Contents at a Glance -- Contents -- About the Author -- About the Technical Reviewer -- Acknowledgments -- Introduction -- Chapter 1: Cyber Security in the Mobile Age -- Three Pillars of Mobile Computing -- Power Efficiency -- Internet Connectivity -- Security -- BYOD -- Incident Case Study -- eBay Data Breach -- Target Data Breach -- OpenSSL Heartbleed -- Key Takeaways -- Strong Authentication -- Network Management -- Boot Integrity -- Hardware-Based Protection -- Open-Source Software Best Practice -- Third-Party Software Best Practice -- Security Development Lifecycle -- Assessment -- Architecture -- Design -- Implementation -- Deployment -- Interface Testing -- Penetration Testing -- CVSS -- Limitations -- References -- Chapter 2: Intel's Embedded Solutions: from Management to Security -- Management Engine vs. Intel AMT -- Intel AMT vs. Intel vPro Technology -- Management Engine Overview -- Hardware -- Overlapped I/O -- Firmware -- Software -- Platform and System Management -- Software Solutions -- Hardware Solutions -- In-Band Solutions -- Out-of-Band Solutions -- Intel AMT Overview -- BIOS Extension -- Local Management Service and Tray Icon -- Remote Management -- The Engine's Evolvement: from Management to Security -- Embedded System as Security Solution -- Security Applications at a Glance -- EPID -- PAVP -- IPT -- Boot Guard -- Virtual Security Core: ARM TrustZone -- Secure Mode and Nonsecure Mode -- Memory Isolation -- Bus Isolation -- Physical Isolation vs. Virtual Isolation -- References -- Chapter 3: Building Blocks of the Security and Management Engine -- Random Number Generation -- Message Authentication -- Hash with Multiple Calls -- Symmetric-Key Encryption -- AES -- DES/3DES -- Asymmetric-Key Encryption: RSA -- Key Pair Generation and Validation -- Encryption and Decryption -- Digital Signature -- RSA -- ECDSA. Key Pair Generation and Validation -- Scalar Multiplication -- Window Method -- Dual Scalar Multiplication -- Hardware Acceleration -- Other Cryptography Functions -- Secure Storage -- Debugging -- Debug Messaging -- Special Production-Signed Firmware Based on Unique Part ID -- Secure Timer -- Host-Embedded Communication Interface -- Direct Memory Access to Host Memory -- References -- Chapter 4: The Engine: Safeguarding Itself before Safeguarding Others -- Access to Host Memory -- Communication with the CPU -- Triggering Power Flow -- Security Requirements -- Confidentiality -- Integrity -- Availability -- Threat Analysis and Mitigation -- Load Integrity -- Memory Integrity -- Memory Encryption -- Task Isolation -- Asset Protection -- Memory Manager -- Thread Manager -- Memory Protection Control -- Loader -- Inter-Task Call Management -- Exception Handler -- Nonprivileged Tasks -- Firmware Update and Downgrade -- Published Attacks -- "Introducing Ring -3 Rootkits " -- References -- Chapter 5: Privacy at the Next Level: Intel's Enhanced Privacy Identification (EPID) Technology -- Redefining Privacy for the Mobile Age -- Passive Anonymity -- Active Anonymity -- Processor Serial Number -- EPID -- Key Structures and Provisioning -- Revocation -- Private Key-Based Revocation -- Signature-Based Revocation -- Group-Based Revocation -- Signature Generation and Verification -- Signature Generation -- Base Name -- Signature Verification -- SIGMA -- Verifier's Certificate -- Messages Breakdown -- Implementation of EPID -- Key Recovery -- Attack Mitigation -- Applications of EPID -- Next Generation of EPID -- Two-way EPID -- Optimization -- References -- Chapter 6: Boot with Integrity, or Don't Boot -- Boot Attack -- Evil Maid -- BIOS and UEFI -- BIOS Alteration -- Software Replacement -- Jailbreaking -- Trusted Platform Module (TPM). Platform Configuration Register -- Field Programmable Fuses -- Field Programmable Fuses vs. Flash Storage -- Field Programmable Fuse Task -- Intel Boot Guard -- Operating System Requirements for Boot Integrity -- OEM Configuration -- Measured Boot -- Verified Boot -- Manifests -- Verification Flow -- References -- Chapter 7: Trust Computing, Backed by the Intel Platform Trust Technology -- TPM Overview -- Cryptography Subsystem -- Storage -- Endorsement Key -- Attestation -- Binding and Sealing -- Intel Platform Trust Technology -- Cryptography Algorithms -- Endorsement Key Storage -- Endorsement Key Revocation -- Endorsement Certificate -- Supporting Security Firmware Applications -- Integrated vs. Discrete TPM -- References -- Chapter 8: Unleashing Premium Entertainment with Hardware-Based Content Protection Technology -- Rights Protection -- DRM Schemes -- Device Key Management -- Rights Management -- Playback -- UltraViolet -- End-to-End Content Protection -- Content Server -- License Server -- Software Stack -- External Display -- Weak Points -- Intel's Hardware-Based Content Protection -- Protected Audio and Video Path (PAVP) -- Device Key Provisioning -- Rights Management -- Intel Wireless Display -- Authentication and Key Exchange -- Content Protection on TrustZone -- References -- Chapter 9: Breaking the Boundaries with Dynamically Loaded Applications -- Closed-Door Model -- DAL Overview -- DAL Architecture -- Loading an Applet -- Secure Timer -- Host Storage Protection -- Security Considerations -- Reviewing and Signing Process -- References -- Chapter 10: Intel Identity Protection Technology: the Robust, Convenient, and Cost-Effective Way to Deter Identity Theft -- One-Time Password -- HOTP -- TOTP -- Transaction Signing -- OTP Tokens -- Embedded OTP and OCRA -- Token Installation -- TOTP and OCRA Generation -- Highlights and Lowlights. Protected Transaction Display -- Drawing a Sprite -- Gathering the User's PIN Input -- Firmware Architecture -- Embedded PKI and NFC -- References -- Chapter 11: Looking Ahead: Tomorrow's Innovations Built on Today's Foundation -- Isolated Computing Environment -- Security-Hardening Measures -- Basic Utilities -- Anonymous Authentication and Secure Session Establishment -- Protected Input and Output -- Dynamic Application Loader -- Summary of Firmware Ingredients -- Software Guard Extensions -- More Excitement to Come -- References -- Index. |
| author_facet |
Ruan, Xiaoyu. |
| author_variant |
x r xr |
| author_sort |
Ruan, Xiaoyu. |
| title |
Platform Embedded Security Technology Revealed : Safeguarding the Future of Computing with Intel Embedded Security and Management Engine. |
| title_sub |
Safeguarding the Future of Computing with Intel Embedded Security and Management Engine. |
| title_full |
Platform Embedded Security Technology Revealed : Safeguarding the Future of Computing with Intel Embedded Security and Management Engine. |
| title_fullStr |
Platform Embedded Security Technology Revealed : Safeguarding the Future of Computing with Intel Embedded Security and Management Engine. |
| title_full_unstemmed |
Platform Embedded Security Technology Revealed : Safeguarding the Future of Computing with Intel Embedded Security and Management Engine. |
| title_auth |
Platform Embedded Security Technology Revealed : Safeguarding the Future of Computing with Intel Embedded Security and Management Engine. |
| title_new |
Platform Embedded Security Technology Revealed : |
| title_sort |
platform embedded security technology revealed : safeguarding the future of computing with intel embedded security and management engine. |
| publisher |
Apress L. P., |
| publishDate |
2014 |
| physical |
1 online resource (263 pages) |
| edition |
1st ed. |
| contents |
Intro -- Contents at a Glance -- Contents -- About the Author -- About the Technical Reviewer -- Acknowledgments -- Introduction -- Chapter 1: Cyber Security in the Mobile Age -- Three Pillars of Mobile Computing -- Power Efficiency -- Internet Connectivity -- Security -- BYOD -- Incident Case Study -- eBay Data Breach -- Target Data Breach -- OpenSSL Heartbleed -- Key Takeaways -- Strong Authentication -- Network Management -- Boot Integrity -- Hardware-Based Protection -- Open-Source Software Best Practice -- Third-Party Software Best Practice -- Security Development Lifecycle -- Assessment -- Architecture -- Design -- Implementation -- Deployment -- Interface Testing -- Penetration Testing -- CVSS -- Limitations -- References -- Chapter 2: Intel's Embedded Solutions: from Management to Security -- Management Engine vs. Intel AMT -- Intel AMT vs. Intel vPro Technology -- Management Engine Overview -- Hardware -- Overlapped I/O -- Firmware -- Software -- Platform and System Management -- Software Solutions -- Hardware Solutions -- In-Band Solutions -- Out-of-Band Solutions -- Intel AMT Overview -- BIOS Extension -- Local Management Service and Tray Icon -- Remote Management -- The Engine's Evolvement: from Management to Security -- Embedded System as Security Solution -- Security Applications at a Glance -- EPID -- PAVP -- IPT -- Boot Guard -- Virtual Security Core: ARM TrustZone -- Secure Mode and Nonsecure Mode -- Memory Isolation -- Bus Isolation -- Physical Isolation vs. Virtual Isolation -- References -- Chapter 3: Building Blocks of the Security and Management Engine -- Random Number Generation -- Message Authentication -- Hash with Multiple Calls -- Symmetric-Key Encryption -- AES -- DES/3DES -- Asymmetric-Key Encryption: RSA -- Key Pair Generation and Validation -- Encryption and Decryption -- Digital Signature -- RSA -- ECDSA. Key Pair Generation and Validation -- Scalar Multiplication -- Window Method -- Dual Scalar Multiplication -- Hardware Acceleration -- Other Cryptography Functions -- Secure Storage -- Debugging -- Debug Messaging -- Special Production-Signed Firmware Based on Unique Part ID -- Secure Timer -- Host-Embedded Communication Interface -- Direct Memory Access to Host Memory -- References -- Chapter 4: The Engine: Safeguarding Itself before Safeguarding Others -- Access to Host Memory -- Communication with the CPU -- Triggering Power Flow -- Security Requirements -- Confidentiality -- Integrity -- Availability -- Threat Analysis and Mitigation -- Load Integrity -- Memory Integrity -- Memory Encryption -- Task Isolation -- Asset Protection -- Memory Manager -- Thread Manager -- Memory Protection Control -- Loader -- Inter-Task Call Management -- Exception Handler -- Nonprivileged Tasks -- Firmware Update and Downgrade -- Published Attacks -- "Introducing Ring -3 Rootkits " -- References -- Chapter 5: Privacy at the Next Level: Intel's Enhanced Privacy Identification (EPID) Technology -- Redefining Privacy for the Mobile Age -- Passive Anonymity -- Active Anonymity -- Processor Serial Number -- EPID -- Key Structures and Provisioning -- Revocation -- Private Key-Based Revocation -- Signature-Based Revocation -- Group-Based Revocation -- Signature Generation and Verification -- Signature Generation -- Base Name -- Signature Verification -- SIGMA -- Verifier's Certificate -- Messages Breakdown -- Implementation of EPID -- Key Recovery -- Attack Mitigation -- Applications of EPID -- Next Generation of EPID -- Two-way EPID -- Optimization -- References -- Chapter 6: Boot with Integrity, or Don't Boot -- Boot Attack -- Evil Maid -- BIOS and UEFI -- BIOS Alteration -- Software Replacement -- Jailbreaking -- Trusted Platform Module (TPM). Platform Configuration Register -- Field Programmable Fuses -- Field Programmable Fuses vs. Flash Storage -- Field Programmable Fuse Task -- Intel Boot Guard -- Operating System Requirements for Boot Integrity -- OEM Configuration -- Measured Boot -- Verified Boot -- Manifests -- Verification Flow -- References -- Chapter 7: Trust Computing, Backed by the Intel Platform Trust Technology -- TPM Overview -- Cryptography Subsystem -- Storage -- Endorsement Key -- Attestation -- Binding and Sealing -- Intel Platform Trust Technology -- Cryptography Algorithms -- Endorsement Key Storage -- Endorsement Key Revocation -- Endorsement Certificate -- Supporting Security Firmware Applications -- Integrated vs. Discrete TPM -- References -- Chapter 8: Unleashing Premium Entertainment with Hardware-Based Content Protection Technology -- Rights Protection -- DRM Schemes -- Device Key Management -- Rights Management -- Playback -- UltraViolet -- End-to-End Content Protection -- Content Server -- License Server -- Software Stack -- External Display -- Weak Points -- Intel's Hardware-Based Content Protection -- Protected Audio and Video Path (PAVP) -- Device Key Provisioning -- Rights Management -- Intel Wireless Display -- Authentication and Key Exchange -- Content Protection on TrustZone -- References -- Chapter 9: Breaking the Boundaries with Dynamically Loaded Applications -- Closed-Door Model -- DAL Overview -- DAL Architecture -- Loading an Applet -- Secure Timer -- Host Storage Protection -- Security Considerations -- Reviewing and Signing Process -- References -- Chapter 10: Intel Identity Protection Technology: the Robust, Convenient, and Cost-Effective Way to Deter Identity Theft -- One-Time Password -- HOTP -- TOTP -- Transaction Signing -- OTP Tokens -- Embedded OTP and OCRA -- Token Installation -- TOTP and OCRA Generation -- Highlights and Lowlights. Protected Transaction Display -- Drawing a Sprite -- Gathering the User's PIN Input -- Firmware Architecture -- Embedded PKI and NFC -- References -- Chapter 11: Looking Ahead: Tomorrow's Innovations Built on Today's Foundation -- Isolated Computing Environment -- Security-Hardening Measures -- Basic Utilities -- Anonymous Authentication and Secure Session Establishment -- Protected Input and Output -- Dynamic Application Loader -- Summary of Firmware Ingredients -- Software Guard Extensions -- More Excitement to Come -- References -- Index. |
| isbn |
9781430265726 9781430265719 |
| callnumber-first |
Q - Science |
| callnumber-subject |
QA - Mathematics |
| callnumber-label |
QA76 |
| callnumber-sort |
QA 276.9 A25 |
| genre |
Electronic books. |
| genre_facet |
Electronic books. |
| url |
https://ebookcentral.proquest.com/lib/oeawat/detail.action?docID=6422807 |
| illustrated |
Not Illustrated |
| oclc_num |
890133382 |
| work_keys_str_mv |
AT ruanxiaoyu platformembeddedsecuritytechnologyrevealedsafeguardingthefutureofcomputingwithintelembeddedsecurityandmanagementengine |
| status_str |
n |
| ids_txt_mv |
(MiAaPQ)5006422807 (Au-PeEL)EBL6422807 (OCoLC)890133382 |
| carrierType_str_mv |
cr |
| is_hierarchy_title |
Platform Embedded Security Technology Revealed : Safeguarding the Future of Computing with Intel Embedded Security and Management Engine. |
| marc_error |
Info : Unimarc and ISO-8859-1 translations identical, choosing ISO-8859-1. --- [ 856 : z ] |
| _version_ |
1792331059414695936 |
| fullrecord |
<?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>07733nam a22004093i 4500</leader><controlfield tag="001">5006422807</controlfield><controlfield tag="003">MiAaPQ</controlfield><controlfield tag="005">20240229073838.0</controlfield><controlfield tag="006">m o d | </controlfield><controlfield tag="007">cr cnu||||||||</controlfield><controlfield tag="008">240229s2014 xx o ||||0 eng d</controlfield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9781430265726</subfield><subfield code="q">(electronic bk.)</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="z">9781430265719</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(MiAaPQ)5006422807</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(Au-PeEL)EBL6422807</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(OCoLC)890133382</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">MiAaPQ</subfield><subfield code="b">eng</subfield><subfield code="e">rda</subfield><subfield code="e">pn</subfield><subfield code="c">MiAaPQ</subfield><subfield code="d">MiAaPQ</subfield></datafield><datafield tag="050" ind1=" " ind2="4"><subfield code="a">QA76.9.A25</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">Ruan, Xiaoyu.</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Platform Embedded Security Technology Revealed :</subfield><subfield code="b">Safeguarding the Future of Computing with Intel Embedded Security and Management Engine.</subfield></datafield><datafield tag="250" ind1=" " ind2=" "><subfield code="a">1st ed.</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="a">Berkeley, CA :</subfield><subfield code="b">Apress L. P.,</subfield><subfield code="c">2014.</subfield></datafield><datafield tag="264" ind1=" " ind2="4"><subfield code="c">Ã2014.</subfield></datafield><datafield tag="300" ind1=" " ind2=" "><subfield code="a">1 online resource (263 pages)</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="a">text</subfield><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="a">computer</subfield><subfield code="b">c</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="a">online resource</subfield><subfield code="b">cr</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="505" ind1="0" ind2=" "><subfield code="a">Intro -- Contents at a Glance -- Contents -- About the Author -- About the Technical Reviewer -- Acknowledgments -- Introduction -- Chapter 1: Cyber Security in the Mobile Age -- Three Pillars of Mobile Computing -- Power Efficiency -- Internet Connectivity -- Security -- BYOD -- Incident Case Study -- eBay Data Breach -- Target Data Breach -- OpenSSL Heartbleed -- Key Takeaways -- Strong Authentication -- Network Management -- Boot Integrity -- Hardware-Based Protection -- Open-Source Software Best Practice -- Third-Party Software Best Practice -- Security Development Lifecycle -- Assessment -- Architecture -- Design -- Implementation -- Deployment -- Interface Testing -- Penetration Testing -- CVSS -- Limitations -- References -- Chapter 2: Intel's Embedded Solutions: from Management to Security -- Management Engine vs. Intel AMT -- Intel AMT vs. Intel vPro Technology -- Management Engine Overview -- Hardware -- Overlapped I/O -- Firmware -- Software -- Platform and System Management -- Software Solutions -- Hardware Solutions -- In-Band Solutions -- Out-of-Band Solutions -- Intel AMT Overview -- BIOS Extension -- Local Management Service and Tray Icon -- Remote Management -- The Engine's Evolvement: from Management to Security -- Embedded System as Security Solution -- Security Applications at a Glance -- EPID -- PAVP -- IPT -- Boot Guard -- Virtual Security Core: ARM TrustZone -- Secure Mode and Nonsecure Mode -- Memory Isolation -- Bus Isolation -- Physical Isolation vs. Virtual Isolation -- References -- Chapter 3: Building Blocks of the Security and Management Engine -- Random Number Generation -- Message Authentication -- Hash with Multiple Calls -- Symmetric-Key Encryption -- AES -- DES/3DES -- Asymmetric-Key Encryption: RSA -- Key Pair Generation and Validation -- Encryption and Decryption -- Digital Signature -- RSA -- ECDSA.</subfield></datafield><datafield tag="505" ind1="8" ind2=" "><subfield code="a">Key Pair Generation and Validation -- Scalar Multiplication -- Window Method -- Dual Scalar Multiplication -- Hardware Acceleration -- Other Cryptography Functions -- Secure Storage -- Debugging -- Debug Messaging -- Special Production-Signed Firmware Based on Unique Part ID -- Secure Timer -- Host-Embedded Communication Interface -- Direct Memory Access to Host Memory -- References -- Chapter 4: The Engine: Safeguarding Itself before Safeguarding Others -- Access to Host Memory -- Communication with the CPU -- Triggering Power Flow -- Security Requirements -- Confidentiality -- Integrity -- Availability -- Threat Analysis and Mitigation -- Load Integrity -- Memory Integrity -- Memory Encryption -- Task Isolation -- Asset Protection -- Memory Manager -- Thread Manager -- Memory Protection Control -- Loader -- Inter-Task Call Management -- Exception Handler -- Nonprivileged Tasks -- Firmware Update and Downgrade -- Published Attacks -- "Introducing Ring -3 Rootkits " -- References -- Chapter 5: Privacy at the Next Level: Intel's Enhanced Privacy Identification (EPID) Technology -- Redefining Privacy for the Mobile Age -- Passive Anonymity -- Active Anonymity -- Processor Serial Number -- EPID -- Key Structures and Provisioning -- Revocation -- Private Key-Based Revocation -- Signature-Based Revocation -- Group-Based Revocation -- Signature Generation and Verification -- Signature Generation -- Base Name -- Signature Verification -- SIGMA -- Verifier's Certificate -- Messages Breakdown -- Implementation of EPID -- Key Recovery -- Attack Mitigation -- Applications of EPID -- Next Generation of EPID -- Two-way EPID -- Optimization -- References -- Chapter 6: Boot with Integrity, or Don't Boot -- Boot Attack -- Evil Maid -- BIOS and UEFI -- BIOS Alteration -- Software Replacement -- Jailbreaking -- Trusted Platform Module (TPM).</subfield></datafield><datafield tag="505" ind1="8" ind2=" "><subfield code="a">Platform Configuration Register -- Field Programmable Fuses -- Field Programmable Fuses vs. Flash Storage -- Field Programmable Fuse Task -- Intel Boot Guard -- Operating System Requirements for Boot Integrity -- OEM Configuration -- Measured Boot -- Verified Boot -- Manifests -- Verification Flow -- References -- Chapter 7: Trust Computing, Backed by the Intel Platform Trust Technology -- TPM Overview -- Cryptography Subsystem -- Storage -- Endorsement Key -- Attestation -- Binding and Sealing -- Intel Platform Trust Technology -- Cryptography Algorithms -- Endorsement Key Storage -- Endorsement Key Revocation -- Endorsement Certificate -- Supporting Security Firmware Applications -- Integrated vs. Discrete TPM -- References -- Chapter 8: Unleashing Premium Entertainment with Hardware-Based Content Protection Technology -- Rights Protection -- DRM Schemes -- Device Key Management -- Rights Management -- Playback -- UltraViolet -- End-to-End Content Protection -- Content Server -- License Server -- Software Stack -- External Display -- Weak Points -- Intel's Hardware-Based Content Protection -- Protected Audio and Video Path (PAVP) -- Device Key Provisioning -- Rights Management -- Intel Wireless Display -- Authentication and Key Exchange -- Content Protection on TrustZone -- References -- Chapter 9: Breaking the Boundaries with Dynamically Loaded Applications -- Closed-Door Model -- DAL Overview -- DAL Architecture -- Loading an Applet -- Secure Timer -- Host Storage Protection -- Security Considerations -- Reviewing and Signing Process -- References -- Chapter 10: Intel Identity Protection Technology: the Robust, Convenient, and Cost-Effective Way to Deter Identity Theft -- One-Time Password -- HOTP -- TOTP -- Transaction Signing -- OTP Tokens -- Embedded OTP and OCRA -- Token Installation -- TOTP and OCRA Generation -- Highlights and Lowlights.</subfield></datafield><datafield tag="505" ind1="8" ind2=" "><subfield code="a">Protected Transaction Display -- Drawing a Sprite -- Gathering the User's PIN Input -- Firmware Architecture -- Embedded PKI and NFC -- References -- Chapter 11: Looking Ahead: Tomorrow's Innovations Built on Today's Foundation -- Isolated Computing Environment -- Security-Hardening Measures -- Basic Utilities -- Anonymous Authentication and Secure Session Establishment -- Protected Input and Output -- Dynamic Application Loader -- Summary of Firmware Ingredients -- Software Guard Extensions -- More Excitement to Come -- References -- Index.</subfield></datafield><datafield tag="588" ind1=" " ind2=" "><subfield code="a">Description based on publisher supplied metadata and other sources.</subfield></datafield><datafield tag="590" ind1=" " ind2=" "><subfield code="a">Electronic reproduction. Ann Arbor, Michigan : ProQuest Ebook Central, 2024. Available via World Wide Web. Access may be limited to ProQuest Ebook Central affiliated libraries. </subfield></datafield><datafield tag="655" ind1=" " ind2="4"><subfield code="a">Electronic books.</subfield></datafield><datafield tag="776" ind1="0" ind2="8"><subfield code="i">Print version:</subfield><subfield code="a">Ruan, Xiaoyu</subfield><subfield code="t">Platform Embedded Security Technology Revealed</subfield><subfield code="d">Berkeley, CA : Apress L. P.,c2014</subfield><subfield code="z">9781430265719</subfield></datafield><datafield tag="797" ind1="2" ind2=" "><subfield code="a">ProQuest (Firm)</subfield></datafield><datafield tag="856" ind1="4" ind2="0"><subfield code="u">https://ebookcentral.proquest.com/lib/oeawat/detail.action?docID=6422807</subfield><subfield code="z">Click to View</subfield></datafield></record></collection> |