Details

<p>About the Authors xv</p> <p>Preface xvii</p> <p>Acknowledgements xix</p> <p><b>1 Introduction to Computer Architecture and Security 1</b></p> <p>1.1 History of Computer Systems 3</p> <p>1.1.1 Timeline of Computer History 5</p> <p>1.1.2 Timeline of Internet History 15</p> <p>1.1.3 Timeline of Computer Security History 28</p> <p>1.2 John von Neumann Computer Architecture 34</p> <p>1.3 Memory and Storage 36</p> <p>1.4 Input/Output and Network Interface 37</p> <p>1.5 Single CPU and Multiple CPU Systems 38</p> <p>1.6 Overview of Computer Security 41</p> <p>1.6.1 Confidentiality 41</p> <p>1.6.2 Integrity 42</p> <p>1.6.3 Availability 42</p> <p>1.6.4 Threats 43</p> <p>1.6.5 Firewalls 43</p> <p>1.6.6 Hacking and Attacks 44</p> <p>1.7 Security Problems in Neumann Architecture 46</p> <p>1.8 Summary 48</p> <p>Exercises 48</p> <p>References 50</p> <p><b>2 Digital Logic Design 51</b></p> <p>2.1 Concept of Logic Unit 51</p> <p>2.2 Logic Functions and Truth Tables 52</p> <p>2.3 Boolean Algebra 54</p> <p>2.4 Logic Circuit Design Process 55</p> <p>2.5 Gates and Flip-Flops 56</p> <p>2.6 Hardware Security 58</p> <p>2.7 FPGA and VLSI 58</p> <p>2.7.1 Design of an FPGA Biometric Security System 59</p> <p>2.7.2 A RIFD Student Attendance System 59</p> <p>2.8 Summary 65</p> <p>Exercises 67</p> <p>References 67</p> <p><b>3 Computer Memory and Storage 68</b></p> <p>3.1 A One Bit Memory Circuit 68</p> <p>3.2 Register, MAR, MDR and Main Memory 70</p> <p>3.3 Cache Memory 72</p> <p>3.4 Virtual Memory 74</p> <p>3.4.1 Paged Virtual Memory^*75</p> <p>3.4.2 Segmented Virtual Memory^* 75</p> <p>3.5 Non-Volatile Memory 76</p> <p>3.6 External Memory 77</p> <p>3.6.1 Hard Disk Drives 78</p> <p>3.6.2 Tertiary Storage and Off-Line Storage^*78</p> <p>3.6.3 Serial Advanced Technology Attachment (SATA) 79</p> <p>3.6.4 Small Computer System Interface (SCSI) 80</p> <p>3.6.5 Serial Attached SCSI (SAS) 81</p> <p>3.6.6 Network-Attached Storage (NAS)^* 82</p> <p>3.6.7 Storage Area Network (SAN)^* 83</p> <p>3.6.8 Cloud Storage 85</p> <p>3.7 Memory Access Security 86</p> <p>3.8 Summary 88</p> <p>Exercises 89</p> <p>References 89</p> <p><b>4 Bus and Interconnection 90</b></p> <p>4.1 System Bus 90</p> <p>4.1.1 Address Bus 91</p> <p>4.1.2 Data Bus 93</p> <p>4.1.3 Control Bus 93</p> <p>4.2 Parallel Bus and Serial Bus 95</p> <p>4.2.1 Parallel Buses and Parallel Communication 95</p> <p>4.2.2 Serial Bus and Serial Communication 96</p> <p>4.3 Synchronous Bus and Asynchronous Bus 107</p> <p>4.4 Single Bus and Multiple Buses 109</p> <p>4.5 Interconnection Buses 110</p> <p>4.6 Security Considerations for Computer Buses 111</p> <p>4.7 A Dual-Bus Interface Design 112</p> <p>4.7.1 Dual-Channel Architecture^* 113</p> <p>4.7.2 Triple-Channel Architecture^* 114</p> <p>4.7.3 A Dual-Bus Memory Interface 115</p> <p>4.8 Summary 115</p> <p>Exercises 117</p> <p>References 117</p> <p><b>5 I/O and Network Interface 118</b></p> <p>5.1 Direct Memory Access 118</p> <p>5.2 Interrupts 120</p> <p>5.3 Programmed I/O 121</p> <p>5.4 USB and IEEE 1394 122</p> <p>5.4.1 USB Advantages 123</p> <p>5.4.2 USB Architecture 123</p> <p>5.4.3 USB Version History 124</p> <p>5.4.4 USB Design and Architecture^*125</p> <p>5.4.5 USB Mass Storage 127</p> <p>5.4.6 USB Interface Connectors 128</p> <p>5.4.7 USB Connector Types 130</p> <p>5.4.8 USB Power and Charging 133</p> <p>5.4.9 IEEE 1394 136</p> <p>5.5 Network Interface Card 136</p> <p>5.5.1 Basic NIC Architecture 137</p> <p>5.5.2 Data Transmission 138</p> <p>5.6 Keyboard, Video and Mouse (KVM) Interfaces 139</p> <p>5.6.1 Keyboards 140</p> <p>5.6.2 Video Graphic Card 140</p> <p>5.6.3 Mouses 140</p> <p>5.7 Input/Output Security 140</p> <p>5.7.1 Disable Certain Key Combinations 141</p> <p>5.7.2 Anti-Glare Displays 141</p> <p>5.7.3 Adding Password to Printer 141</p> <p>5.7.4 Bootable USB Ports 141</p> <p>5.7.5 Encrypting Hard Drives 141</p> <p>5.8 Summary 141</p> <p>Exercises 142</p> <p>References 143</p> <p><b>6 Central Processing Unit 144</b></p> <p>6.1 The Instruction Set 144</p> <p>6.1.1 Instruction Classifications 144</p> <p>6.1.2 Logic Instructions 145</p> <p>6.1.3 Arithmetic Instructions 145</p> <p>6.1.4 Intel 64/32 Instructions^*147</p> <p>6.2 Registers 153</p> <p>6.2.1 General-Purpose Registers 153</p> <p>6.2.2 Segment Registers 155</p> <p>6.2.3 EFLAGS Register 156</p> <p>6.3 The Program Counter and Flow Control 158</p> <p>6.3.1 Intel Instruction Pointer^*158</p> <p>6.3.2 Interrupt and Exception^* 159</p> <p>6.4 RISC Processors 161</p> <p>6.4.1 History 162</p> <p>6.4.2 Architecture and Programming 162</p> <p>6.4.3 Performance 163</p> <p>6.4.4 Advantages and Disadvantages 163</p> <p>6.4.5 Applications 164</p> <p>6.5 Pipelining 164</p> <p>6.5.1 Different Types of Pipelines 164</p> <p>6.5.2 Pipeline Performance Analysis 165</p> <p>6.5.3 Data Hazard 166</p> <p>6.6 CPU Security 166</p> <p>6.7 Virtual CPU 168</p> <p>6.8 Summary 169</p> <p>Exercises 170</p> <p>References 170</p> <p><b>7 Advanced Computer Architecture 172</b></p> <p>7.1 Multiprocessors 172</p> <p>7.1.1 Multiprocessing 172</p> <p>7.1.2 Cache 173</p> <p>7.1.3 Hyper-Threading 174</p> <p>7.1.4 Symmetric Multiprocessing 175</p> <p>7.1.5 Multiprocessing Operating Systems 175</p> <p>7.1.6 The Future of Multiprocessing 176</p> <p>7.2 Parallel Processing 177</p> <p>7.2.1 History of Parallel Processing 177</p> <p>7.2.2 Flynn’s Taxonomy 178</p> <p>7.2.3 Bit-Level Parallelism 178</p> <p>7.2.4 Instruction-Level Parallelism 179</p> <p>7.2.5 Data-Level Parallelism 179</p> <p>7.2.6 Task-Level Parallelism 179</p> <p>7.2.7 Memory in Parallel Processing 180</p> <p>7.2.8 Specialized Parallel Computers 181</p> <p>7.2.9 The Future of Parallel Processing 182</p> <p>7.3 Ubiquitous Computing 182</p> <p>7.3.1 Ubiquitous Computing Development 183</p> <p>7.3.2 Basic forms of Ubiquitous Computing 184</p> <p>7.3.3 Augmented Reality 185</p> <p>7.3.4 Mobile Computing 186</p> <p>7.4 Grid, Distributed and Cloud Computing 187</p> <p>7.4.1 Characteristics of Grid Computing 187</p> <p>7.4.2 The Advantages and Disadvantages of Grid Computing 188</p> <p>7.4.3 Distributed Computing 189</p> <p>7.4.4 Distributed Systems 189</p> <p>7.4.5 Parallel and Distributed Computing 190</p> <p>7.4.6 Distributed Computing Architectures 190</p> <p>7.4.7 Cloud Computing 192</p> <p>7.4.8 Technical Aspects of Cloud Computing 193</p> <p>7.4.9 Security Aspects of Cloud Computing 194</p> <p>7.4.10 Ongoing and Future Elements in Cloud Computing 195</p> <p>7.4.11 Adoption of Cloud Computing Industry Drivers 196</p> <p>7.5 Internet Computing 197</p> <p>7.5.1 Internet Computing Concept and Model 198</p> <p>7.5.2 Benefit of Internet Computing for Businesses 199</p> <p>7.5.3 Examples of Internet Computing 201</p> <p>7.5.4 Migrating Internet Computing 202</p> <p>7.6 Virtualization 203</p> <p>7.6.1 Types of Virtualization 203</p> <p>7.6.2 History of Virtualization 205</p> <p>7.6.3 Virtualization Architecture 205</p> <p>7.6.4 Virtual Machine Monitor 207</p> <p>7.6.5 Examples of Virtual Machines 207</p> <p>7.7 Biocomputers 209</p> <p>7.7.1 Biochemical Computers 209</p> <p>7.7.2 Biomechanical Computers 209</p> <p>7.7.3 Bioelectronic Computers 210</p> <p>7.8 Summary 211</p> <p>Exercises 212</p> <p>References 214</p> <p><b>8 Assembly Language and Operating Systems 216</b></p> <p>8.1 Assembly Language Basics 217</p> <p>8.1.1 Numbering Systems 217</p> <p>8.1.2 The Binary Numbering System and Base Conversions 219</p> <p>8.1.3 The Hexadecimal Numbering System 220</p> <p>8.1.4 Signed and Unsigned Numbers 221</p> <p>8.2 Operation Code and Operands 223</p> <p>8.3 Direct Addressing 225</p> <p>8.4 Indirect Addressing 225</p> <p>8.5 Stack and Buffer Overflow 226</p> <p>8.5.1 Calling Procedures Using CALL and RET (Return) 228</p> <p>8.5.2 Exploiting Stack Buffer Overflows 229</p> <p>8.5.3 Stack Protection 231</p> <p>8.6 FIFO and M/M/1 Problem 232</p> <p>8.6.1 FIFO Data Structure 232</p> <p>8.6.2 M/M/1 Model 233</p> <p>8.7 Kernel, Drivers and OS Security 234</p> <p>8.7.1 Kernel 234</p> <p>8.7.2 BIOS 235</p> <p>8.7.3 Boot Loader 236</p> <p>8.7.4 Device Drivers 237</p> <p>8.8 Summary 238</p> <p>Exercises 239</p> <p>References 240</p> <p><b>9 TCP/IP and Internet 241</b></p> <p>9.1 Data Communications 241</p> <p>9.1.1 Signal, Data, and Channels 242</p> <p>9.1.2 Signal Encoding and Modulation 243</p> <p>9.1.3 Shannon Theorem 244</p> <p>9.2 TCP/IP Protocol 244</p> <p>9.2.1 Network Topology 245</p> <p>9.2.2 Transmission Control Protocol (TCP) 246</p> <p>9.2.3 The User Datagram Protocol (UDP) 247</p> <p>9.2.4 Internet Protocol (IP) 247</p> <p>9.3 Network Switches 248</p> <p>9.3.1 Layer 1 Hubs 248</p> <p>9.3.2 Ethernet Switch 249</p> <p>9.4 Routers 250</p> <p>9.4.1 History of Routers 251</p> <p>9.4.2 Architecture 251</p> <p>9.4.3 Internet Protocol Version 4 (IPv4) 253</p> <p>9.4.4 Internet Protocol Version 6 (IPv6) 254</p> <p>9.4.5 Open Shortest Path First 254</p> <p>9.4.6 Throughput and Delay 256</p> <p>9.5 Gateways 257</p> <p>9.6 Wireless Networks and Network Address Translation (NAT) 258</p> <p>9.6.1 Wireless Networks 258</p> <p>9.6.2 Wireless Protocols 260</p> <p>9.6.3 WLAN Handshaking, War Driving, and WLAN Security 261</p> <p>9.6.4 Security Measures to Reduce Wireless Attacks 263</p> <p>9.6.5 The Future of Wireless Network 263</p> <p>9.6.6 Network Address Translation 264</p> <p>9.6.7 Environmental and Health Concerns Using Cellular and Wireless Devices 265</p> <p>9.7 Network Security 267</p> <p>9.7.1 Introduction 268</p> <p>9.7.2 Firewall Architecture 271</p> <p>9.7.3 Constraint and Limitations of Firewall 273</p> <p>9.7.4 Enterprise Firewalls 274</p> <p>9.8 Summary 275</p> <p>Exercises 276</p> <p>9.9 Virtual Cyber-Security Laboratory 277</p> <p>References 278</p> <p><b>10 Design and Implementation: Modifying Neumann Architecture 280</b></p> <p>10.1 Data Security in Computer Systems 280</p> <p>10.1.1 Computer Security 281</p> <p>10.1.2 Data Security and Data Bleaches 282</p> <p>10.1.3 Researches in Architecture Security 283</p> <p>10.2 Single-Bus View of Neumann Architecture 284</p> <p>10.2.1 John von Neumann Computer Architecture 284</p> <p>10.2.2 Modified Neumann Computer Architecture 285</p> <p>10.2.3 Problems Exist in John Neumann Model 286</p> <p>10.3 A Dual-Bus Solution 286</p> <p>10.4 Bus Controller 288</p> <p>10.4.1 Working Mechanism of the Bus Controller 288</p> <p>10.4.2 Co-processor Board 289</p> <p>10.5 Dual-Port Storage 292</p> <p>10.6 Micro-Operating System 292</p> <p>10.7 Summary 293</p> <p>Exercises 294</p> <p>10.8 Projects 295</p> <p>References 295</p> <p><b>Appendix A Digital Logic Simulators 297</b></p> <p>A.1 CEDAR Logic Simulator 297</p> <p>A.2 Logisim 298</p> <p>A.3 Digital Logic Simulator v0.4 298</p> <p>A.4 Logicly 299</p> <p><b>Appendix B Computer Security Tools 300</b></p> <p>B.1 Wireshark (Ethereal) 300</p> <p>B.2 Metasploit 300</p> <p>B.3 Nessus 301</p> <p>B.4 Aircrack 301</p> <p>B.5 Snort 301</p> <p>B.6 Cain and Abel 302</p> <p>B.7 BackTrack 302</p> <p>B.8 Netcat 302</p> <p>B.9 Tcpdump 302</p> <p>B.10 John the Ripper 303</p> <p><b>Appendix C Patent Application: Intrusion-Free Computer Architecture for Information and Data Security 304</b></p> <p>C.1 Background of the Invention 304</p> <p>C.1.1 John von Neumann Computer Architecture Model 305</p> <p>C.1.2 Modified Neumann Computer Architecture 305</p> <p>C.1.3 Problems Existed in the John Neumann Model 307</p> <p>C.1.4 The Goal of the Invention 307</p> <p>C.2 Field of Invention 308</p> <p>C.3 Detailed Description of the Invention 308</p> <p>C.4 Claim 310</p> <p>Index 313</p>

<p><b>Shuangbao (Paul) Wang,</b> <i>George Mason University, USA</i> <p><b>Robert S. Ledley,</b> <i>Georgetown University, USA</i>

<p><b>Computer Architecture and Security<br> Fundamentals of Designing Secure Computer Systems</b> <p>In today's workplace, computer and information security professionals must understand both hardware and software to deploy effective security solutions. <b><i>Computer Architecture and Security</i></b> covers a wide range of computer and network hardware, system software, information and data concepts from a security perspective, providing readers with solutions and tools to implement secure computer and information systems. Featuring a careful, in-depth, and innovative introduction to modern computer systems and patent-pending technologies in computer security, the text integrates design considerations with hands-on experiences to help practitioners to render systems immune from attacks. <ul> <li><b>Examination of memory, CPU architecture and system implementation</b></li> <li><b>Discussion of computer buses and a dual-port bus interface</b></li> <li><b>Examples cover a board spectrum of hardware and software systems</b></li> <li><b>Includes the latest patent-pending technologies in architecture security</b></li> <li><b>Placement of computers in a security fulfilled network environment</b></li> <li><b>Co-authored by the inventor of the modern Computed Tomography (CT) scanner</b></li> <li><b>Provides Companion Website with lecture notes, security tools and latest updates</b></li> </ul> <p>This book is geared for graduate students in computer architecture, communications, and information security, as well as engineers, researchers, security professionals, and middleware designers.

SG