Disscuss the advantages of the following three methods: 1) A dedicated hardware
ID: 3902684 • Letter: D
Question
Disscuss the advantages of the following three methods:
1) A dedicated hardware security module, or trusted element, that is outside od the main system board.
2) A hardware block located within the main system board which manages cryptographic operations and key storage
3) A general purpose processing engine that is placed alongside the main processor, and which used custom hardware logic to prevent unauthorized access to sensitive resources.
Thank you, and it would be nice if the answer is written and explained well. :)
Explanation / Answer
1) The external security devices encapsulate the assets inside a physical device designed for robust security.
The use of a completely separate design and manufacturing flow allows use of techniques and silicon processes that can give high levels of tamper resistance and physical security.
The smartcard manufacture and personalization processes have frequently been formally certified through approved evaluation schemes. This makes them suitable for use in use cases that need a high degree of security assurance, such as credit card and debit card payment schemes.
2) The main advantage of these systems is the significant cost reduction and performance improvements over the smartcard option.
The systems that provide a dedicated general purpose processor for the security sub-system are comparable to the TrustZone hardware solution in terms of security.
3) The second is a general purpose processing engine that is placed alongside the main processor, and which uses custom hardware logic to prevent unauthorized access to sensitive resources.
The main advantage of these systems is the significant cost reduction and performance improvements over the smartcard option.The systems that provide a dedicated general purpose processor for the security sub-system are comparable to the TrustZone hardware solution in terms of security.