The Design And Verification Of A Cryptographic Security Architecture

Cryptographic Security Architecture

A cryptographic security architecture is the collection of hardware and software that protects and controls the use of encryption keys and similar cryptovariables. It is the foundation for enforcing computer security policies and controls and preempting system misuse. This book provides a comprehensive design for a portable, flexible high-security cryptographic architecture, with particular emphasis on incorporating rigorous security models and practices. "Cryptographic Security Architecture" unveils an alternative means of building a trustworthy system based on concepts from established software engineering principles and cognitive psychology. Its novel security-kernel design implements a reference monitor that controls access to security-relevant objects and attributes based on a configurable security policy. Topics and features: * Builds a concise architectural design that can be easily extended in the future * Develops an application-specific security kernel that enforces a fully customizable, rule-based security policy * Presents a new verification technique that allows verification from the high-level specification down to the running code * Describes effective security assurance in random number generation, and the pitfalls associated therewith * Examines the generation and protection of cryptovariables, as well as application of the architectural design to cryptographic hardware The work provides an in-depth presentation of a flexible, platform-independent cryptographic security architecture suited to software, hardware, and hybrid implementations. Security design practitioners, professionals, researchers, and advanced students will find the work an essential resource.

The Design and Verification of a Cryptographic Security Architecture

Information and Communications Security

This book constitutes the refereed proceedings of the 10th International Conference on Information and Communications Security, ICICS 2008, held in Birmingham, UK, in October 2008. The 27 revised full papers presented together with one invited paper were carefully reviewed and selected from 125 submissions. The papers are organized in topical sections on authentication, side channel analysis, cryptanalysis, access control, software security, system security, applied cryptography, and security protocols.