Criticality of Cyber, IT & OT Security, Privacy for Business and means to secure the same.: Hardware Security Architecture.

Hardware Security Architecture.

Hardware security is an important aspect, firstly any one who is using machine today is getting some form of protection from hardware, secondly there are more security oriented properties that are coming in new chips in market in couple of years, and thirdly there are important properties that can only be build on hardware and software can build on those.

Machines today are connected and vulnerable to cyber threat. The type of threats we have are Memory corruption, data disclosure, code injection, control flow diversion, return oriented programming. The types of method attacker today can use are Type – Instruction, data, pointer, Extent – Base, Bounds and Ownership – component, access right. Architecture grantees that every thing would be right.

A lot of security issue we face today is because of the hardware security Architecture issues. Originally Multics was a machine designed for security, however machines that we have today security is an after thought. Multics was originally a project between MIT, which was designing things, General electric who was making hardware and Bell labs who was the user. However bell labs got little nervous and wanted some thing that work then and they designed a much simpler system on a less expensive piece of hardware and the system was called Unix, which was a trimmed down, lesser feature output of Multics. Unix was later widely used and is the predecessor of Linux and variety of system we used today.

In this transition what we lost was the idea of segmentation, we lost the idea of rings. What it carried forward was some ideas from Multics, ideas of permission and level of privileges, which in most machines that's just at the kernels as against user made distinction in Multics. Multics was programmed in a higher level language called PL/1, whereas Unix moved to a very low-level language called C, which is also the reason of lot of problem we face today.

Multics had some very important, very high leverage usage particularly in defense system. It work on fundamental three principles, first of these is of complete mediation, Secondly, separate privileges, and thirds principle is of least privileges. The fundamental principle was to do its job most of the time the Kernel does not need to read your data, segmentation at memory and use of access control rings.

Multics was much earlier a project in MIT, the idea of which was to develop a computer utility which could share its very expensive resources and people could access these resources. And the next leap today, which is now taking forward Multics is Cloud computing a network computing of all different kind of client server architecture.

The other things thats happening is at processor level it can make sure that only high users can access high data and thing that’s coming now is is fat pointer which means that every pointer to the memory is bounded above and below which bounds of the object which the pointer is pointing into and Intel has a feature MPX which helps enforce this property.