Seven Deadliest USB Attacks phần 8

vô hiệu hóa các cổng không sử dụng, và thực thi việc sử dụng mật khẩu BIOS có thể được xem như là một lớp phủ ban đầu một cách tiếp cận bảo mật nhiều lớp. Cách sử dụng một cổng USB khóa (Kensington) cho các cổng không sử dụng và hoạt động theo quy định tại Chương 4, "tràn thiết bị USB, | 148 CHAPTER 5 RAM dump to seek an alternative system. Setting the boot sequence to hard drive first disabling of unused ports and enforcing usage of BIOS passwords can be viewed as an initial coating to a multilayered security approach. Utilizing a USB port lock Kensington for unused and active ports as defined in Chapter 4 USB Device Overflow combined with these BIOS features can significantly enhance the security of a system. Trustless Execution Technology and Module Platform Intel s Trusted Execution Technology TXT is described as a set of improved hardware designed to aid in the protection of sensitive data from software-based The Intel TXT protects six points on a server client machine 1. Protected execution - It provides applications with the ability to run in isolated protected execution environments such that no other unauthorized software on the platform can observe or compromise the information being operated upon. Each of these isolated environments has dedicated resources that are managed by the processor chipset and OS kernel. 2. Sealed storage - It provides for the ability to encrypt and store keys data or other secrets within hardware on the platform. It does this in such a way that these secrets can only be released decrypted to an executing environment that is the same as when the secrets were encrypted. This helps prevent attacks exploiting the vulnerability where the encrypted data has been transferred to other platforms either for normal use thereby become decrypted or for malicious attack. 3. Protected input - It provides a mechanism that protects communication between the keyboard mouse and applications running in the protected execution environments from being observed or compromised by any other unauthorized software running on the platform. For USB input Trusted Execution can do this by cryptographically encrypting the keystrokes and mouse clicks with an encryption key shared between a protected domain s input manager and an input

Không thể tạo bản xem trước, hãy bấm tải xuống
TỪ KHÓA LIÊN QUAN
TÀI LIỆU MỚI ĐĂNG
Đã phát hiện trình chặn quảng cáo AdBlock
Trang web này phụ thuộc vào doanh thu từ số lần hiển thị quảng cáo để tồn tại. Vui lòng tắt trình chặn quảng cáo của bạn hoặc tạm dừng tính năng chặn quảng cáo cho trang web này.