Embedded Systems Design Europe - October 2007 - (Page 14)

cover feature protect and validate system integrity in an environment where encryption and implementation of digital signatures is simply not applicable. Another important aspect of security that relates to physical protection is tamper detection and anti-cloning. Compliance to a standard doesn’t necessarily address other concerns an OEM manufacturer must consider. Issues relating to IP protection are generally of little concern to a standards body or certiﬁcation lab unless such a vulnerability could affect other system-level security policies. In other words, security standards focus on protecting enduser data and network behavior, not the design techniques a manufacturer would consider proprietary. In that light, when a system is designed the OEM should not only consider what may be necessary to obtain certiﬁcation compliance, but also how other proprietary design techniques and IP can be included within the scope of the security policy being implemented. FINANCIAL TRANSACTIONS The standards and certiﬁcation requirements surrounding ﬁnancial transactions rank among the most stringent and are constantly changing. These standards are set forth by the ﬁnancial institutions for which transactions will be taking place with. Speciﬁcations such as EMV (European MasterCard Visa) and PCI/PED (Payment Card Industry/PIN Entry Device) are the most common, however NIST certiﬁcation is sometimes also required and should always be among the standards to consider when implementing a security policy. Another emerging technology that could become mainstream for ﬁnancial transactions is near-ﬁeld communications (NFC). This technology stems from the ISO 14443 RFID speciﬁcation and the contactless smart card standard. It’s an enabling technology that provides for a suite of new and simpliﬁed methods of allowing electronic devices to communicate when brought within close proximity to one another. The speciﬁcations for this standard 14 are being deﬁned by the NFC Forum, which was initially founded by Philips, Sony, and Nokia. Table 1 shows some current and emerging standards. Establishing methods to verify personal identity is a complex and controversial problem. This is especially important within government and military environments. As a result, the Department of Homeland Security issued a Presidential Directive (HSPD12) that calls for the implementation of a program to improve the identiﬁcation and authentication of federal employees and contractors. The impact of adopting this standard has resulted in the need to deﬁne a widespread array of new technology standards and speciﬁcations relating to enhanced smart card and biometrics. Although this standard initially targeted government employees, it should move into the private sector. The Public Key Infrastructure (PKI) server can be viewed as the hub of an asymmetrical encryption system that all digitally signed certiﬁcate security systems are based on. It also represents one of the most challenging aspects of security, because this is how and where a root of trust is established. Before any security policy can be enforced, there must be some mechanism that allows for a third party to verify that a digital certiﬁcate is indeed valid. Ideally, there would exist a single global entity that could always be contacted and that could never be compromised or contain inaccurate information. DISTRIBUTE TRUST Obviously, creation of such an entity is impossible. Currently the next best thing is to distribute trust such that connectivity is reliably maintained within the scope of the application environment and the PKI server is properly maintained. For example, if User A wanted to load a digitally signed ﬁle from User B, User A has a way to verify that the digital certiﬁcate associated with the signed ﬁle was created by User B. User A does this by contacting the PKI server whom both users trust. The integrity of the PKI server rep- resents one of the most critical links in maintaining a secure environment and must incorporate an appropriately high level of hardware and software security. Typically, the system is partitioned such that all cryptographic functions are performed in single module that has extensive countermeasures against any attack that could compromise the secrets. In large-scale systems, this portion of the system resides in an array of hardware cryptographic coprocessors and would have certiﬁcation of the highest degree, typically equivalent to FIPS 140.2 Level 4, NSA class 1, or both. Incorporating security To determine the level of security required for a given application, some thought should be given to the level of threats that a particular application may attract. This is done by accessing the cost of mounting a successful attack and the value or damage that could result. Then, one must be familiar with the levels of attack and the techniques that have proven to be successful. To determine the level of security required, IBM created a classiﬁcation taxonomy over a decade ago that’s still used to describe potential attack classiﬁcations: Class I (clever outsiders): • Often very intelligent • Have insufﬁcient knowledge of the system. • May have access to moderately sophisticated equipment. • Typically attack weakness in the system, rather than create one. Class II (knowledgeable insiders): • Have substantial specialized technical education and experience. • Have some system knowledge, but potential access to most of it. • Often have access to sophisticated tools and instruments for analysis. Class III (funded organizations): • Possess nearly unlimited funding resources. • Able to assemble teams of specialists. • Able to acquire or gain access to the most advanced analysis tools. OCTOBER 2007 | embedded systems design europe | www.embedded.com/europe 012-013-014-016_ESDE.indd 14 9/10/07 13:03:19 http://www.embedded.com/europe

Table of Contents Feed for the Digital Edition of Embedded Systems Design Europe - October 2007

Embedded Systems Design Europe - October 2007 Contents Linux Set to Dominate Torvalds Updates Linux Kernel ARM Establishes Smart Card Foundry Program Emerson Buys Motorola's Embedded Comms Group LynuxWroks and TTTech to Cooperate on Avionics MontaVista CEO Looks for Acquisitions in Europe Ready: Multiprocessing Technology Provides Opportunity Automotive to Drive MCU Market New Supporters Join COM Express Group Analyst Weighs TI Versus Xilinx Versus PicoChip Cover Feature: Embedded Systems Security Has Moved to the Forefront Trace Exposes the Toughest Real-Time Bugs Employ a Secure Flavor of Linux Use an MCU's Low-Power Modes in Foreground/Background Systems Transporting Video Over Wireless Networks New Products Advertising Contacts

Embedded Systems Design Europe - October 2007

For optimal viewing of this digital publication, please enable JavaScript and then refresh the page. If you would like to try to load the digital publication without using Flash Player detection, please click here.