Cybersecurity Vulnerability What Are Vulnerabilities? Research Paper

Pages: 10 (2738 words)  |  Bibliography Sources: 10

SAMPLE EXCERPT:

[. . .] Therefore, secure coprocessors are restricted to low power, restricted bandwidth devices unable of processing at high output.

Strategy for Hardware Trust

Because of hardware weaknesses electronic design automation (EDA) and Computer-aided design (CAD) implements are crucial to the efficiency and achievement of circuit design. These tools, nevertheless, ignore IC supply chain glitches. This section describes ways to improve design tools and processes to defend against IC supply chain attacks.

Design tools emphasis mostly on design for test (DFT) or strategy for manufacturability (DFM). Scholars have argued that the design phase be increased in order to progress hardware trust, presenting the idea of design for hardware trust (DFHT). Actually, DFHT seeks to stop Trojan circuits from being introduced all through fabrication or design. An example of a DFHT technique is to adjust the design implements such that low probability changes in a circuit are enlarged (Chen, 2009), which seemingly aggravates an attacker's job of finding an input that can trigger a Trojan circuit yet is improbable to happen in testing.

Figure 2 devices to manage, command, direct, or regulate the behavior of other devices or systems

In order to make sure the hardware is not a victim to vulnerabilities they need something called the host integrity. This involved the trust in a computing system which requires both tamper-proof hardware and privileged software (Hadnagy, 2010). With malware, viruses, and Trojans, camouflaged in a system, software cannot effortlessly prove itself real. If trust in the secure coprocessor is recognized, then that trust enables validating the host. The secure coprocessor must verify or control or the initial boot process of the host and take photos of the memory condition. With this skill, the coprocessor will be able to compute secure hashes of the boot and kernel images, in addition to memory states at dissimilar milestones in the host execution. By comparing the secure hashes with known-good values, the secure coprocessor can detect corruptions in the memory.

Figure 3 Examples of what happens with hardware flaws.

Secure logs are another thing that is important. These logs are a vital target for attackers. Falsifying entries to eliminate interruption traces is vital for a stealth attack. With the aid of an important coprocessor, logs can be made tamper-obvious. Cryptographic checksums are the chief mechanism, nonetheless for sensitive information, such as financial logs, encryption primitives can be used for secrecy (Zhang, 2011).

Another thing that can cut down on the hardware flaws are DRM. This involves the two key properties which make secure coprocessors attractive in copyright protection applications (Mulligan, 2011). The first is the aptitude to show that a host software system is tamper-free, as well as the operating system and licensed applications. If an attacker (user) is not able to circumvent the license authentications, then commercial software can dependably check for correct registration events. Second are the trustworthy cryptographic primitives, as well as sole unforgeable identifiers. With these primitives content providers are able to deliver encrypted content to the host, restricting the attacker's (involving the end user) ability to get access to digital content that is original.

In spite of the usefulness of secure coprocessors, their cost and limitations do stop widespread disposition and persuade lighter mechanisms, such as the smartcard and the trusted platform module (TPM). Also, when it comes to cutting down on the hardware vulnerabilities, smartcards have as their key role the protection of a private key. With just a small quantity of memory and restricted computational power, smartcards store one or more manufacturer-provided cryptographic important sets and accomplish basic cryptographic procedures. In this esteem, they are alike to TPMs. Smartcards link via standard plug-and-play procedures (short distance radio waves, USB, infra-red, and) with the host and propose their services on-demand to the host for signatures, authentication, and other protocols (Zhang, 2011). This is where they vary from TPMs.

Research shows that a typical TPM is meticulously combined with its host, plugged into the system buses, and could be able to pause the host implementation and take memory snapshots. Also, smartcards are proposed to travel with a person and aid in authenticating the owner, although the TPM remains with the host device and aids to confirm its genuineness. Equally smartcards and TPMs are inexpensive for the reason that they lack tamper-proof mechanisms, nonetheless by the same token they are not secure from an adversary that can cause a physical attack.

How organizations can best address its potential impacts

Pfleeger (2008) makes the point that hardware vulnerability can be addressed through various aspects which consist of primary units within the organization, electric wiring and equipment removal. Through the main unit the intruder may unblock computer unit's peripherals and walk away with them. As said by Pfleeger (2008) once hardware have been cross examined or altered they can be labored back into the system and then used for future surveillance and be vulnerable to the organization. This suggests that establishments should have better organized facilities and beyond that keep them in limited, tamper-proof rooms and oversee the access of their facility by intruders and guests (Pfleeger, 2008).

Conclusion

It is clear that having hardware vulnerabilities can cause a lot of attacks. This paper explored the different kind of vulnerabilities that impact the hardware. It likewise gave a quick review of the security of the hardware itself and how hardware permits secure software. Furthermore it explored other things such as the threats to the processor supply chain, for instance the Trojan circuit, which are emerging as a fundamental problem that faces security practitioners due to hardware weaknesses. How are we able to make sure that attacks are not able to succeed in the supply chain before our systems are even organized? How could we produce some kind of a trustworthy system comprising untrusted modules? Usually, computer security has been able to depend on hardware as a trusted foundation for security. This paper has reviewed how hardware is able to provide such security even in the face of strong-minded attackers that capture the protected computing plans. It should likewise be noted that hardware vulnerability takes an important part in the running of the organization it should assist organizations to figure out the weaknesses that may be faced by the business in running its complete business. The management of businesses needs to understand that globalization brings about wonderful opportunities and therefore the vital for competitive vulnerability check technologies should be implemented so as to go against the risks.

References

Ashford, W. (2014, October 8). Public sector sees cybercrime as rising threat. Retrieved from Computer Weekly: http://www.computerweekly.com/news/2240113782/Public-sector-sees-cybercrime-as-rising-threat

Broggi, J.J. (2014). BUILDING ON EXECUTIVE ORDER 13,636 TO ENCOURAGE INFORMATION SHARING FOR CYBERSECURITY PURPOSES. Harvard Journal of Law and Public Policy, 9(12), 653-676.

Carr, J. & . (2010). Inside cyber warfare. Sebastopol, Calif: O'Reilly Media, Inc.

Chen, T. & . (2009). Guarding Against Network Intrusions. In J.R. VaccaComputer and Information Security Handbook. Amsterdam: Elsevier.

Hadnagy, C. (2010). Social Engineering: The Art of Human Hacking . Indianapolis, Indiana:: JohnWiley and Sons.

Kelly, B.B. (2012). INVESTING IN A CENTRALIZED CYBERSECURITY INFRASTRUCTURE: WHY "HACKTIVISM" CAN AND SHOULD INFLUENCE CYBERSECURITY REFORM. Boston University Law Review, 92(5), 1663-1711.

Mulligan, D.K. (2011). Doctrine for cybersecurity. Daedalus, 140(4), 70-92.

Pfleeger, S.L. (2008). Cybersecurity economic issues: Clearing the path to good practice. IEEE Software, 21(11), 35.

Thompson, K.K. (2011). Not like an egyptian: Cybersecurity and the internet kill switch debate*. Texas Law Review, 465-495.

Zhang,… [END OF PREVIEW]

Cyber Security Most Important Cyber Security Vulnerability Research Paper


Top Cyber Security Risks Term Paper


Analyzing the Cyber Security Professional


Analyzing the Cyber Security Phenomenon Essay


Securing the Electronic Frontier Research Paper


View 66 other related papers  >>

Cite This Research Paper:

APA Format

Cybersecurity Vulnerability What Are Vulnerabilities?.  (2014, October 9).  Retrieved November 19, 2018, from https://www.essaytown.com/subjects/paper/cybersecurity-vulnerability-vulnerabilities/5726757

MLA Format

"Cybersecurity Vulnerability What Are Vulnerabilities?."  9 October 2014.  Web.  19 November 2018. <https://www.essaytown.com/subjects/paper/cybersecurity-vulnerability-vulnerabilities/5726757>.

Chicago Format

"Cybersecurity Vulnerability What Are Vulnerabilities?."  Essaytown.com.  October 9, 2014.  Accessed November 19, 2018.
https://www.essaytown.com/subjects/paper/cybersecurity-vulnerability-vulnerabilities/5726757.