《克服安全问题的嵌入式系统毕业论文外文翻译》由会员分享,可在线阅读,更多相关《克服安全问题的嵌入式系统毕业论文外文翻译(8页珍藏版)》请在金锄头文库上搜索。
1、附录AOvercome security issues in embedded systemsBy Gary DrosselEmbedded Systems Design(06/12/07, 12:15:00 H EDT)Traditional security techniques may not suffice anymore. Embedded systems are getting more complex and hackers are getting smarter.Embedded systems traditionally have had very limited secur
2、ity options. Indeed, fitting a robust set of security features into such a small mechanical footprint can be challenging. Storage components, processing power, battery life, time-to-market, and overall cost concerns have prevented most security features from being implemented. Overcoming these desig
3、n challenges has become crucial to embedded systems designers in light of the growing threat of security breaches as more systems are shared or attached to networks and new regulations are adopted that make security mandatory.The security industry has focused largely on portable storage devices for
4、the consumer electronics industry. The basic premise here is that users want security capabilities to travel with the device, such as with a USB thumb drive. This approach lets users protect their data on any system, whether its on an office or home PC, an Internet kiosk, or a public computer. Softw
5、are applications and data are password-protected using industry-defined security protocols, which often are targeted by Internet hackers. Portable data devices are also highly susceptible to theft. Once stolen and the security encryption defeated, the fully intact data can be accessed, loaded onto a
6、 PC or the Internet, sold, or worse.On the other hand, embedded systems applications for the enterprise OEM market face their own unique challenges. These OEMs (original equipment manufacturers) targeting the netcom, military, industrial, interactive kiosk, and medical markets typically provide infr
7、astructure equipment to their customers by supplying everything from network routers and voting machines to medical diagnostic equipment and data recorders. The key requirement is that data must be rendered unreadable should the storage devices be removed from the systems for which theyre intended.
8、The host system must maintain ultimate control over security algorithms to protect the data and prevent IP theft. Security requirements can vary for these applications. They can be as simple as ensuring that the correct storage product is in the host, or as intricate as tying the software IP and app
9、lication data directly to the storage device.Tying security to the hostTwo key functions are required in enterprise OEM applications to protect application data and software IP. The first is a need to ensure that the end customer is using a qualified storage device in the system. Due to warranty or
10、service contracts, the OEM must verify that the storage device originally shipped with the equipment is indeed still in the system. The second is a need to tie specific application data and software IP to the specific drive for which it is intended to prevent theft and ensure software integrity. In
11、this way, even if the portable storage device is stolen, the data cant be accessed and the device wont function properly.Optimally, the host should have access to at least two unique pieces of data for validation purposes. One identifies the drive and ensures its the correct product. The second data
12、 string identifies the specific drive and its correlating data. The host system can then use that data to create encryption/decryption keys for software IP and application data. Such a method doesnt provide copy protection, but it restricts the use of particular software on any system other than the
13、 original host.Design considerationsDesign considerations for enterprise OEM applications are many. First, its important to ensure the integrity of the stored data. The drive itself must not be susceptible to corruption due to power disturbances. Portability has become of huge importance, so the tec
14、hnology considered must be low power and small and light enough to match the design requirements. In addition, extreme environmental conditions such as shock, vibration, altitude, and a wide temperature range must be considered. Multiple-year product lifecycle and high-endurance ratings are also imp
15、ortant. If a drive wears out unexpectedly, critical data can be lost, so a feedback mechanism that prevents field failures and unplanned downtime would be beneficial.Consumer applications typically only need the storage device to store data. In enterprise OEM applications, designers must consider op
16、erating systems requirements for storage. An operating system must be kept open to accommodate needed read/write functions. The traditional use of write protection becomes impossible on a storage device that supports an open operating system.Another important consideration for enterprise OEMs is the accidental overwriting of critical system files, such as the master boot record. When a power fluctuation occurs, address lines can float to undetermined states.
