- Author:
- Xiaoyu Ruan
Platform Embedded Security Technology Revealed is an in-depth introduction to Intels platform embedded solution: the security and management engine. The engine is shipped inside most Intel platforms for servers, personal computers, tablets, and smartphones. The engine realizes advanced security and management functionalities and protects applications secrets and users privacy in a secure, light-weight, and inexpensive way. Besides native built-in features, it allows third-party software vendors to develop applications that take advantage of the security infrastructures offered by the engine. Intels security and management engine is technologically unique and significant, but is largely unknown to many members of the tech communities who could potentially benefit from it. Platform Embedded Security Technology Revealed reveals technical details of the engine. The engine provides a new way for the computer security industry to resolve critical problems resulting from booming mobile technologies, such as increasing threats against confidentiality and privacy. This book describes how this advanced level of protection is made possible by the engine, how it can improve users security experience, and how third-party vendors can make use of it. It's written for computer security professionals and researchers; embedded system engineers; and software engineers and vendors who are interested in developing new security applications on top of Intels security and management engine. Its also written for advanced users who are interested in understanding how the security features of Intels platforms work. What youll learn The cyber security challenges behind the creation of the embedded security and management engine, and the solutions it presents The pros and cons of enforcing security in the embedded engine Basic cryptography and security infrastructure of the engine Security-hardening features of the engine Handling dynamically loaded applications How anonymous authentication works with enhanced privacy protection Content protection at the hardware level Secure boot with a hardware root of trust Firmware-based TPM Identity protection with a hardware-based, one-time password Who this book is for Computer security professionals and researchers; embedded system engineers; software engineers and vendors who are interested in developing new security applications on top of Intels security and management engine; OEM (such as Lenovo, HP, etc.) marketing and R&D staff.
Cited By
- Liang H, Li M, Chen Y, Jiang L, Xie Z and Yang T (2020). Establishing Trusted I/O Paths for SGX Client Systems With Aurora, IEEE Transactions on Information Forensics and Security, 15, (1589-1600), Online publication date: 1-Jan-2020.
Pinto S and Santos N (2019). Demystifying Arm TrustZone, ACM Computing Surveys, 51:6, (1-36), Online publication date: 30-Nov-2019.- Ning Z, Zhang F, Shi W and Shi W Position Paper Proceedings of the Hardware and Architectural Support for Security and Privacy, (1-8)
- Weiser S and Werner M SGXIO Proceedings of the Seventh ACM on Conference on Data and Application Security and Privacy, (261-268)
- Zhang F, Cecchetti E, Croman K, Juels A and Shi E Town Crier Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, (270-282)
- Zhang F and Zhang H SoK Proceedings of the Hardware and Architectural Support for Security and Privacy 2016, (1-8)
- Yu M, Gligor V and Zhou Z Trusted Display on Untrusted Commodity Platforms Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, (989-1003)
Index Terms
- Platform Embedded Security Technology Revealed: Safeguarding the Future of Computing with Intel Embedded Security and Management Engine
Recommendations
Reviews
Gulustan Dogan
This is a great resource for understanding how Intel embeds security technology in hardware. Cybersecurity is a very important topic, and this book truly fills a gap by explaining Intel's approach in a readable way. It assumes a basic knowledge of security terms. However, it is easy to understand, and it is obvious that the author has good expertise and a solid understanding of the field. According to the publisher, this book will be helpful for a wide audience, including "computer security professionals and researchers, embedded system engineers, and software engineers and vendors who are interested in developing new security applications on top of Intel's security and management engine." The book contains 11 chapters and an index. The first chapter points out that security has become more important with the rise of mobile computing. The author claims that security is the third pillar of mobile computing, after power efficiency and Internet connectivity. Chapter 2 covers Active Management Technology (AMT) and Trusted Platform Module (TPM). It talks about how AMT started as a management tool and then evolved into a security tool. Chapter 3 introduces the features and interfaces of Intel's security engine. Chapter 4 informs readers about how the security engine can be a backdoor for attackers, as it has many privileges and wide access to system resources. Chapter 5 provides information about Intel's Enhanced Privacy Identification (EPID) technology. Chapter 6 points out the fact that most security controls are in charge during runtime; however, we have to focus on boot time attacks also. Chapter 7 gives an overview of TPM. Chapter 8 discusses rights management and digital rights management (DRM) schemes. Chapter 9 is about dynamically controlling security mechanisms via the way they exchange information, although they are considered closed doors, as they cannot be changed after manufacture. Chapter 10 is about Intel Identity Protection Technology and how it can be used to prevent identity theft. Chapter 11 addresses the possibility of using today's security mechanisms for future security breaches. The author reminds readers that creativity is not always about creating new things, but using available things in creative ways. Every chapter introduces the methods and structures related to the topic. There is a short overview at the beginning of each chapter and a reference section. More reviews about this item: Amazon Online Computing Reviews Service
Access critical reviews of Computing literature here
Become a reviewer for Computing Reviews.