Building the IBM 4758 Secure Coprocessor Export

@article{DLPSDSW2001, abstract = {The authors sought to build a secure coprocessor—defined as a tamper-responding device derived from the Abyss, Citadel, and 4755 work—that would provide a single multipurpose platform third parties could use to develop and deploy secure coprocessor applications, with minimal IBM participation. The project had several goals: ensure that the device could be identified externally, design the device and its soft-ware to be securely configurable and updatable in the field, construct the software architecture to accommodate layers of code from different parties, avoid letting the compromise of one device breach any other's security, and validate all these assertions through an external party.Providing an environment in which applications could run securely forced the designers to focus not only on security mechanisms and their implementation and management, but also on the security policies they must support. Clearly, the hardware on which applications run must be secure, as must the operating system and run-time environment in between, while offering a reasonable API for applications developers. To fix problems in the field and enable fast and inexpensive reaction to changing customer needs, the designers implemented part of the code as firmware rather than as read-only memory.The 4758 project achieved most of its design goals. Currently, the authors are exploring other embedded processors, the addition of a network communication channel, and other form factors, including those appropriate for laptops.}, address = {Los Alamitos, CA, USA}, author = {Dyer, Joan G. and Lindemann, Mark and Perez, Ronald and Sailer, Reiner and van Doorn, Leendert and Smith, Sean W. and Weingart, Steve}, booktitle = {Computer}, citeulike-article-id = {3880295}, citeulike-linkout-0 = {http://doi.ieeecomputersociety.org/10.1109/2.955100}, citeulike-linkout-1 = {http://dx.doi.org/10.1109/2.955100}, citeulike-linkout-2 = {http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=955100}, doi = {10.1109/2.955100}, issn = {0018-9162}, journal = {Computer}, keywords = {cryptography, secure-coprocessor, security}, number = {10}, pages = {57--66}, posted-at = {2009-01-13 10:17:04}, priority = {3}, publisher = {IEEE Computer Society}, title = {Building the IBM 4758 Secure Coprocessor}, url = {http://dx.doi.org/10.1109/2.955100}, volume = {34}, year = {2001} }

TY - JOUR ID - DLPSDSW2001 L3 - citeulike-article-id:3880295 N2 - The authors sought to build a secure coprocessor—defined as a tamper-responding device derived from the Abyss, Citadel, and 4755 work—that would provide a single multipurpose platform third parties could use to develop and deploy secure coprocessor applications, with minimal IBM participation. The project had several goals: ensure that the device could be identified externally, design the device and its soft-ware to be securely configurable and updatable in the field, construct the software architecture to accommodate layers of code from different parties, avoid letting the compromise of one device breach any other's security, and validate all these assertions through an external party.Providing an environment in which applications could run securely forced the designers to focus not only on security mechanisms and their implementation and management, but also on the security policies they must support. Clearly, the hardware on which applications run must be secure, as must the operating system and run-time environment in between, while offering a reasonable API for applications developers. To fix problems in the field and enable fast and inexpensive reaction to changing customer needs, the designers implemented part of the code as firmware rather than as read-only memory.The 4758 project achieved most of its design goals. Currently, the authors are exploring other embedded processors, the addition of a network communication channel, and other form factors, including those appropriate for laptops. IS - 10 JF - Computer SN - 0018-9162 AD - Los Alamitos, CA, USA EP - 66 TI - Building the IBM 4758 Secure Coprocessor PB - IEEE Computer Society VL - 34 T2 - Computer SP - 57 KW - cryptography KW - secure-coprocessor KW - security AU - Dyer, Joan AU - Lindemann, Mark AU - Perez, Ronald AU - Sailer, Reiner AU - van Doorn, Leendert AU - Smith, Sean AU - Weingart, Steve PY - 2001/// UR - http://dx.doi.org/10.1109/2.955100 ER -