Hardware Security presented at AVAR 2014

by Igor Muttik,

Summary : To block malicious attacks effectively, security products need to employ all means available to them. The help may come from deep hardware capabilities of the platforms and we'll describe such technologies that are available but, unfortunately, not used very often for security.
We will list and discuss the capabilities which started appearing in popular platforms over the recent years. These features may provide urgently needed fresh blood for security solutions and boost our chances in the fight against malware:
exceptions associated with memory paging (like Trusted Memory Services Layer technology - to fight rootkits),
transactional support (TSX instructions in modern CPUs),
isolated trusted execution environments (like Manageability Engine, Android TrustZone, Intel SGX - to isolate sensitive data and code),
sealed environments to hide secrets (like TPM, TPM2.0, EPID - to keep encryption/decryption keys for files and storage),
hardware support for stack control (to avoid buffer overflows) and execution flow control (tracing, breakpoints, branch tracing),
protected audio-video paths (to avoid software tampering with the delivery of data to/from user),
new CPU architectures, etc.
Apart from giving an overview we shall also dig more deeply into several of these hardware technologies and give a demonstration.