Current and Past Issues of ComputingEdge
Download the Current Issue
Dear ComputingEdge reader:
Hardware—The New Point of Attack: Cybercriminals increasingly exploit computer hardware vulnerabilities, highlighting the need for secure architectures and hardware-based defenses. Cache timing, Rowhammer, BIOS, and other types of cyberattacks on hardware and firmware are threatening information security in new ways. This issue of ComputingEdge discusses innovative techniques for combating these attacks at the hardware level.
Someone to Watch over Me
How long have we been concerned with system security? The answer may surprise you, good colleague. A long, long time. Longer than we have had computers. The old punched card companies worried that pirates would steal personal data, the telegraph crowd was concerned about criminals intercepting messages, and—set yourself down for this last one—at least one author has written about stealing flag semaphore messages from Napoleon.
But you don’t need to worry about keeping up to date about the problems of security because ComputingEdge has you covered. Concerned about your hardware? In “Trusted Execution Environments: Properties, Applications, and Challenges,” Patrick Jauernig, Ahmad-Reza Sadeghi, and Emmanuel Stapf describe a security approach that uses a small-scale software computer base called a trusted execution environment to protect your machine.
Concerned about a bigger system? In “Cyberattack-Resilient Cyberphysical Systems,” Barry Horowitz writes about using small monitoring systems called sentinels to protect your operation. These systems both watch your system and try to decide what to do. “A significant design issue regarding achieving cyberattack resilience for the protected system is the security designed into the sentinel, which can consist of a combination of both cyberattack defense and resilience solutions.”
Finally, Nir Kshetri offers a couple of solutions to protect records. For medical records, he suggests a blockchain solution in “Blockchain and Electronic Healthcare Records.” It may be one of the more interesting and practicable applications for blockchain technology. “Blockchain enables the collection of data from a variety of sources,” he writes, “and keeps those data in an audit trail of transactions.” Writing with Jeff Voas, the editor in chief of Computer, Kshetri takes a holistic approach to supply chain security in “Supply Chain Trust.” The two of them look at the roles that different actors can play, actors that include companies, governments, trade associations, and the customers themselves. “In a quest to break large organizations’ networks,” they explain, “cyber-criminals may look beyond the first-tier supply chain partners.”
So, if you’re thinking about security, this month’s ComputingEdge will be a good place to start.
—David Alan Grier for ComputingEdge