Cryptographic Security Architecture - Design and Verification (Hardcover, 2004 ed.)

A cryptographic security architecture constitutes the collection of hardware and software that protects and controls the use of encryption keys and similar cryptovariables. Traditional security architectures have concentrated mostly on defining a programming interface (API) and left the internals up to individual implementors. The work carefully presents a design for a portable, flexible security architecture based on traditional security models involving a security kernel that controls access to security-relevant objects and attributes based on a configurable security policy. Layered on top of the kernel are various objects that abstract core functionality, such as encryption and digital signature capabilities, certificate management, and secure sessions and data enveloping (email encryption) in a manner that allows them to be easily moved into cryptographic devices, such as smart cards and crypto accelerators for extra performance or security. An alternative means of building a trustworthy system based on concepts from cognitive psychology and established software engineering principles is presented, and its application to verifying the correctness of an implementation of the architecture down to the level of the running code is examined. The versatility of the design has been proven through its use in implementations ranging from 16-bit microcontrollers through to supercomputers, as well as a number of unusual areas, such as security modules in ATMs. Security design practitioners, professionals, and advanced students will find the book useful for understanding design techniques for security architecture.