Archivio Istituzionale della RicercaCurrent trends for ubiquitous data usage have made information security as a mandatory component of any system. The availability of su itable levels of protection for data is required to secure any kind of content throughout its lifecycle and independently from the media, which allows the data to be used. In this paper we present a methodology to provide data protection through a simple and effective security abstraction layer based on the SEcube™ (Secure Environment cube) single chip, a new security-oriented open hardware and software platform . After analyzing the most critical information states, we introduce a set of easy-to-use APIs that provide an open-sour ce, multi-paradigm security layer, suitable to protect both dat a at rest and data in motion. Being the SEcube™ made up of three hardware elements (a highly powerful processor, a Common Criteria certified smartcard and a flexible FPGA) , all the functions are implemented and executed in a fully controlled secure environment. All the complexities related to key management and algorithms are handled within the secure environment, leaving the developers free to focus on the final applications and services.
SEcube™: Data at Rest and Data in Motion Protection / Varriale, Antonio; Prinetto, Paolo Ernesto; Carelli, Alberto; Trotta, Pascal. - ELETTRONICO. - 1:(2016), pp. 138-144. (Intervento presentato al convegno SAM'16 - The 2016 International Conference on Security and Management tenutosi a Las Vegas (USA)).
SEcube™: Data at Rest and Data in Motion Protection
PRINETTO, Paolo Ernesto;CARELLI, ALBERTO;TROTTA, PASCAL
2016
Abstract
Current trends for ubiquitous data usage have made information security as a mandatory component of any system. The availability of su itable levels of protection for data is required to secure any kind of content throughout its lifecycle and independently from the media, which allows the data to be used. In this paper we present a methodology to provide data protection through a simple and effective security abstraction layer based on the SEcube™ (Secure Environment cube) single chip, a new security-oriented open hardware and software platform . After analyzing the most critical information states, we introduce a set of easy-to-use APIs that provide an open-sour ce, multi-paradigm security layer, suitable to protect both dat a at rest and data in motion. Being the SEcube™ made up of three hardware elements (a highly powerful processor, a Common Criteria certified smartcard and a flexible FPGA) , all the functions are implemented and executed in a fully controlled secure environment. All the complexities related to key management and algorithms are handled within the secure environment, leaving the developers free to focus on the final applications and services.
Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
https://hdl.handle.net/11583/2670544
Attenzione
Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo