Computer architecture and security : fundamentals of designing secure computer systems

Shuangbao (Paul) Wang, Robert S. Ledley

The first book to introduce computer architecture for security and provide the tools to implement secure computer systems This book provides the fundamentals of computer architecture for security. It covers a wide range of computer hardware, system software and data concepts from a security perspective. It is essential for computer science and security professionals to understand both hardware and software security solutions to survive in the workplace. Examination of memory, CPU architecture and system implementation Discussion of computer buses and a dual-port bus interface Examples cover a board spectrum of hardware and software systems Design and implementation of a patent-pending secure computer system Includes the latest patent-pending technologies in architecture security Placement of computers in a security fulfilled network environment Co-authored by the inventor of the modern Computed Tomography (CT) scanner Provides website for lecture notes, security tools and latest updates

「Nielsen BookData」より

[目次]

  • About the Authors xv Preface xvii Acknowledgements xix 1 Introduction to Computer Architecture and Security 1 1.1 History of Computer Systems 3 1.1.1 Timeline of Computer History 5 1.1.2 Timeline of Internet History 15 1.1.3 Timeline of Computer Security History 28 1.2 John von Neumann Computer Architecture 34 1.3 Memory and Storage 36 1.4 Input/Output and Network Interface 37 1.5 Single CPU and Multiple CPU Systems 38 1.6 Overview of Computer Security 41 1.6.1 Confidentiality 41 1.6.2 Integrity 42 1.6.3 Availability 42 1.6.4 Threats 43 1.6.5 Firewalls 43 1.6.6 Hacking and Attacks 44 1.7 Security Problems in Neumann Architecture 46 1.8 Summary 48 Exercises 48 References 50 2 Digital Logic Design 51 2.1 Concept of Logic Unit 51 2.2 Logic Functions and Truth Tables 52 2.3 Boolean Algebra 54 2.4 Logic Circuit Design Process 55 2.5 Gates and Flip-Flops 56 2.6 Hardware Security 58 2.7 FPGA and VLSI 58 2.7.1 Design of an FPGA Biometric Security System 59 2.7.2 A RIFD Student Attendance System 59 2.8 Summary 65 Exercises 67 References 67 3 Computer Memory and Storage 68 3.1 A One Bit Memory Circuit 68 3.2 Register, MAR, MDR and Main Memory 70 3.3 Cache Memory 72 3.4 Virtual Memory 74 3.4.1 Paged Virtual Memory 74 3.4.2 Segmented Virtual Memory 74 3.5 Non-Volatile Memory 76 3.6 External Memory 77 3.6.1 Hard Disk Drives 78 3.6.2 Tertiary Storage and Off-Line Storage 78 3.6.3 Serial Advanced Technology Attachment (SATA) 79 3.6.4 Small Computer System Interface (SCSI) 80 3.6.5 Serial Attached SCSI (SAS) 81 3.6.6 Network-Attached Storage (NAS) 82 3.6.7 Storage Area Network (SAN) 83 3.6.8 Cloud Storage 85 3.7 Memory Access Security 86 3.8 Summary 88 Exercises 89 References 89 4 Bus and Interconnection 90 4.1 System Bus 90 4.1.1 Address Bus 91 4.1.2 Data Bus 93 4.1.3 Control Bus 93 4.2 Parallel Bus and Serial Bus 95 4.2.1 Parallel Buses and Parallel Communication 95 4.2.2 Serial Bus and Serial Communication 96 4.3 Synchronous Bus and Asynchronous Bus 107 4.4 Single Bus and Multiple Buses 109 4.5 Interconnection Buses 110 4.6 Security Considerations for Computer Buses 111 4.7 A Dual-Bus Interface Design 112 4.7.1 Dual-Channel Architecture 113 4.7.2 Triple-Channel Architecture 114 4.7.3 A Dual-Bus Memory Interface 115 4.8 Summary 115 Exercises 117 References 117 5 I/O and Network Interface 118 5.1 Direct Memory Access 118 5.2 Interrupts 120 5.3 Programmed I/O 121 5.4 USB and IEEE 1394 122 5.4.1 USB Advantages 123 5.4.2 USB Architecture 123 5.4.3 USB Version History 124 5.4.4 USB Design and Architecture 125 5.4.5 USB Mass Storage 127 5.4.6 USB Interface Connectors 128 5.4.7 USB Connector Types 130 5.4.8 USB Power and Charging 133 5.4.9 IEEE 1394 136 5.5 Network Interface Card 136 5.5.1 Basic NIC Architecture 137 5.5.2 Data Transmission 138 5.6 Keyboard, Video and Mouse (KVM) Interfaces 139 5.6.1 Keyboards 140 5.6.2 Video Graphic Card 140 5.6.3 Mouses 140 5.7 Input/Output Security 140 5.7.1 Disable Certain Key Combinations 141 5.7.2 Anti-Glare Displays 141 5.7.3 Adding Password to Printer 141 5.7.4 Bootable USB Ports 141 5.7.5 Encrypting Hard Drives 141 5.8 Summary 141 Exercises 142 References 143 6 Central Processing Unit 144 6.1 The Instruction Set 144 6.1.1 Instruction Classifications 144 6.1.2 Logic Instructions 145 6.1.3 Arithmetic Instructions 145 6.1.4 Intel 64/32 Instructions 147 6.2 Registers 153 6.2.1 General-Purpose Registers 153 6.2.2 Segment Registers 155 6.2.3 EFLAGS Register 156 6.3 The Program Counter and Flow Control 158 6.3.1 Intel Instruction Pointer 158 6.3.2 Interrupt and Exception 159 6.4 RISC Processors 161 6.4.1 History 162 6.4.2 Architecture and Programming 162 6.4.3 Performance 163 6.4.4 Advantages and Disadvantages 163 6.4.5 Applications 164 6.5 Pipelining 164 6.5.1 Different Types of Pipelines 164 6.5.2 Pipeline Performance Analysis 165 6.5.3 Data Hazard 166 6.6 CPU Security 166 6.7 Virtual CPU 168 6.8 Summary 169 Exercises 170 References 170 7 Advanced Computer Architecture 172 7.1 Multiprocessors 172 7.1.1 Multiprocessing 172 7.1.2 Cache 173 7.1.3 Hyper-Threading 174 7.1.4 Symmetric Multiprocessing 175 7.1.5 Multiprocessing Operating Systems 175 7.1.6 The Future of Multiprocessing 176 7.2 Parallel Processing 177 7.2.1 History of Parallel Processing 177 7.2.2 Flynn's Taxonomy 178 7.2.3 Bit-Level Parallelism 178 7.2.4 Instruction-Level Parallelism 179 7.2.5 Data-Level Parallelism 179 7.2.6 Task-Level Parallelism 179 7.2.7 Memory in Parallel Processing 180 7.2.8 Specialized Parallel Computers 181 7.2.9 The Future of Parallel Processing 182 7.3 Ubiquitous Computing 182 7.3.1 Ubiquitous Computing Development 183 7.3.2 Basic forms of Ubiquitous Computing 184 7.3.3 Augmented Reality 185 7.3.4 Mobile Computing 186 7.4 Grid, Distributed and Cloud Computing 187 7.4.1 Characteristics of Grid Computing 187 7.4.2 The Advantages and Disadvantages of Grid Computing 188 7.4.3 Distributed Computing 189 7.4.4 Distributed Systems 189 7.4.5 Parallel and Distributed Computing 190 7.4.6 Distributed Computing Architectures 190 7.4.7 Cloud Computing 192 7.4.8 Technical Aspects of Cloud Computing 193 7.4.9 Security Aspects of Cloud Computing 194 7.4.10 Ongoing and Future Elements in Cloud Computing 195 7.4.11 Adoption of Cloud Computing Industry Drivers 196 7.5 Internet Computing 197 7.5.1 Internet Computing Concept and Model 198 7.5.2 Benefit of Internet Computing for Businesses 199 7.5.3 Examples of Internet Computing 201 7.5.4 Migrating Internet Computing 202 7.6 Virtualization 203 7.6.1 Types of Virtualization 203 7.6.2 History of Virtualization 205 7.6.3 Virtualization Architecture 205 7.6.4 Virtual Machine Monitor 207 7.6.5 Examples of Virtual Machines 207 7.7 Biocomputers 209 7.7.1 Biochemical Computers 209 7.7.2 Biomechanical Computers 209 7.7.3 Bioelectronic Computers 210 7.8 Summary 211 Exercises 212 References 214 8 Assembly Language and Operating Systems 216 8.1 Assembly Language Basics 217 8.1.1 Numbering Systems 217 8.1.2 The Binary Numbering System and Base Conversions 219 8.1.3 The Hexadecimal Numbering System 220 8.1.4 Signed and Unsigned Numbers 221 8.2 Operation Code and Operands 223 8.3 Direct Addressing 225 8.4 Indirect Addressing 225 8.5 Stack and Buffer Overflow 226 8.5.1 Calling Procedures Using CALL and RET (Return) 228 8.5.2 Exploiting Stack Buffer Overflows 229 8.5.3 Stack Protection 231 8.6 FIFO and M/M/1 Problem 232 8.6.1 FIFO Data Structure 232 8.6.2 M/M/1 Model 233 8.7 Kernel, Drivers and OS Security 234 8.7.1 Kernel 234 8.7.2 BIOS 235 8.7.3 Boot Loader 236 8.7.4 Device Drivers 237 8.8 Summary 238 Exercises 239 References 240 9 TCP/IP and Internet 241 9.1 Data Communications 241 9.1.1 Signal, Data, and Channels 242 9.1.2 Signal Encoding and Modulation 243 9.1.3 Shannon Theorem 244 9.2 TCP/IP Protocol 244 9.2.1 Network Topology 245 9.2.2 Transmission Control Protocol (TCP) 246 9.2.3 The User Datagram Protocol (UDP) 247 9.2.4 Internet Protocol (IP) 247 9.3 Network Switches 248 9.3.1 Layer 1 Hubs 248 9.3.2 Ethernet Switch 249 9.4 Routers 250 9.4.1 History of Routers 251 9.4.2 Architecture 251 9.4.3 Internet Protocol Version 4 (IPv4) 253 9.4.4 Internet Protocol Version 6 (IPv6) 254 9.4.5 Open Shortest Path First 254 9.4.6 Throughput and Delay 256 9.5 Gateways 257 9.6 Wireless Networks and Network Address Translation (NAT) 258 9.6.1 Wireless Networks 258 9.6.2 Wireless Protocols 260 9.6.3 WLAN Handshaking, War Driving, and WLAN Security 261 9.6.4 Security Measures to Reduce Wireless Attacks 263 9.6.5 The Future of Wireless Network 263 9.6.6 Network Address Translation 264 9.6.7 Environmental and Health Concerns Using Cellular and Wireless Devices 265 9.7 Network Security 267 9.7.1 Introduction 268 9.7.2 Firewall Architecture 271 9.7.3 Constraint and Limitations of Firewall 273 9.7.4 Enterprise Firewalls 274 9.8 Summary 275 Exercises 276 9.9 Virtual Cyber-Security Laboratory 277 References 278 10 Design and Implementation: Modifying Neumann Architecture 280 10.1 Data Security in Computer Systems 280 10.1.1 Computer Security 281 10.1.2 Data Security and Data Bleaches 282 10.1.3 Researches in Architecture Security 283 10.2 Single-Bus View of Neumann Architecture 284 10.2.1 John von Neumann Computer Architecture 284 10.2.2 Modified Neumann Computer Architecture 285 10.2.3 Problems Exist in John Neumann Model 286 10.3 A Dual-Bus Solution 286 10.4 Bus Controller 288 10.4.1 Working Mechanism of the Bus Controller 288 10.4.2 Co-processor Board 289 10.5 Dual-Port Storage 292 10.6 Micro-Operating System 292 10.7 Summary 293 Exercises 294 10.8 Projects 295 References 295 Appendix A Digital Logic Simulators 297 A.1 CEDAR Logic Simulator 297 A.2 Logisim 298 A.3 Digital Logic Simulator v0.4 298 A.4 Logicly 299 Appendix B Computer Security Tools 300 B.1 Wireshark (Ethereal) 300 B.2 Metasploit 300 B.3 Nessus 301 B.4 Aircrack 301 B.5 Snort 301 B.6 Cain and Abel 302 B.7 BackTrack 302 B.8 Netcat 302 B.9 Tcpdump 302 B.10 John the Ripper 303 Appendix C Patent Application: Intrusion-Free Computer Architecture for Information and Data Security 304 C.1 Background of the Invention 304 C.1.1 John von Neumann Computer Architecture Model 305 C.1.2 Modified Neumann Computer Architecture 305 C.1.3 Problems Existed in the John Neumann Model 307 C.1.4 The Goal of the Invention 307 C.2 Field of Invention 308 C.3 Detailed Description of the Invention 308 C.4 Claim 310 Index 313

「Nielsen BookData」より

この本の情報

書名 Computer architecture and security : fundamentals of designing secure computer systems
著作者等 Ledley, Robert Steven
Ledley Robert S.
Wang Shuangbao Paul
シリーズ名 Information security series
出版元 John Wiley & Sons;Higher Education Press
刊行年月 2013
ページ数 xviii, 321 p.
大きさ 25 cm
ISBN 9781118168813
NCID BB13021092
※クリックでCiNii Booksを表示
言語 英語
出版国 シンガポール
この本を: 
このエントリーをはてなブックマークに追加

このページを印刷

外部サイトで検索

この本と繋がる本を検索

ウィキペディアから連想