System and application development consists of design, development, test, and deployment processes. Security has to be addressed at every step in the development cycle. However, addressing security in the design stage itself is most critical. Since prevention is better than cure, addressing security at the design stage itself can facilitate preventative controls to address security issues.
The elements of a computer that are fundamental to its operations, together with the way the elements are organized, are referred to as the computer architecture.
A computer is a physical device consisting of physical components. These physical components are called hardware. The hardware components process the instructions and data presented to them. The set of instructions and data is called software.
Some of the fundamental elements in the computer architecture are the input/output systems, the CPU, and memory. A common plane connects the previous three and is called a bus.
The following are the functions of each of these elements:
- A central processing unit (CPU) is the heart and brain of a computer. Its primary function is to process the instruction and data presented to it by other systems such as application software through input/output systems. The process carried out by the CPU is called executing the program.
- An input/output (IO) systems interface with the CPU. Input/Output mechanisms and structures enable the supply of input instructions and data to the CPU, and they manage the output data from the CPU to appropriate interfaces.
The function of memory is to store the instructions and data either permanently or temporarily. Computer memory can be categorized as primary memory and secondary memory.
Note
Primary memory refers to a storage area that is directly addressable by the CPU. The examples of such memory are cache, Random Access Memory (RAM), and Read Only Memory (ROM). Secondary memory refers to permanent storage that is indirectly accessible by the CPU. Some examples are magnetic disks, tapes, and so on.
Telecommunication and networking technologies enable computers to communicate with each other. A computer may act as a server or a client or both. Based on the role of a computer in a network, the network architecture is classified as a client-server or centralized model. Since interconnectivity is the primary goal, these models are generally called distributed architecture.
Sometimes, the collection of hardware and software is together referred to as a computer system.
A computer system can be categorized as an open system, a closed system, or a combination of both.
An open system, as the name implies, is open to interconnectivity with other systems. It can also be reviewed by independent third parties. This means an open system can be reviewed and evaluated by third parties. In contrary, a closed system is proprietary in nature, and the internal workings are not known; auditing such systems, such as code review or architecture review is not feasible. Such systems may not be compatible with other systems.
From an asset classification and information security perspective, a computer is a physical asset and the necessary physical security principles are applicable to it. The service provided by a computer is called computing. It is treated as a service asset.
Various computing methods are available to improve the instruction execution cycle. An instruction execution cycle is the time required to fetch the instruction and data from memory, decode the information, and execute it.
When many operations are performed per instruction, such a computing is known as Complex Instruction Set Computing (CISC). When instruction sets reduce the cycle time to execute instructions, then the method is called Reduced Instruction Set Computing (RISC). Instruction processing generally contains fetch, decode, and execute cycles.
When the fetch, decode, and execute cycles are overlapped by a set of instructions to reduce the time cycle, then such a method is called pipelining.
From an information security perspective, computer architecture should take into consideration the CIA aspects of computing services.
In computer systems, establishing the level of assurance based on the defined security models so that the computer system can be trusted for use in critical infrastructure is called trusted computing.
The following are some of the concepts that relate to information security aspects of a trusted computing architecture:
- Trusted computing base is as follows:
- The totality of protection mechanisms within it
- It includes hardware, firmware, and software
- It is responsible for enforcing a computer security policy
- Trusted computer system refers to systems that have a well-defined security policy, accountability, assurance mechanisms, and proper documentation.
- Trusted Computer System Evaluation Criteria (TCSEC) is a set of basic requirements to evaluate the effectiveness of computer security controls built into computer systems. TCSEC is the United States Department of Defense (DOD) standard and is popularly known as orange book.
- Protection domain is a security function used to control or prevent direct access by an insecure or lower-level entity to a secure higher-level entity. Software programs, such as operating systems or applications, run in either the user-protection domain or the kernel-protection domain.
- When the protection domains are organized in a hierarchical format, then they are called protection rings. The purpose of protection rings is to protect data and the computing system from malicious behaviors of programs. For example, sensitive and machine-critical data that is accessible to the operating system will be in the inner rings. They will be protected from access or modification by the programs that are on the outer-level ring.
- Security perimeter is an outer ring of a trusted computing base or, in simple terms, it is the outer ring of a protected domain or entity.
- Trusted path refers to secure paths provided by software to communicate with entities within trusted rings to eliminate unauthorized access.
- Encapsulation is a technique used to hide information from unauthorized entities. This is analogous to a capsule in medicine. The contents within the capsule are protected from environmental effects by the capsule shell.
- Abstraction is the process of hiding the details and exposing only the essential features of a particular concept or object that are encapsulated.
- Reference monitor is a secure module that controls access to trusted, protected entities in a trusted computing base.
- Security kernel is a computer architecture consisting of hardware and software elements that implement reference monitor.
- Security label is a classification mechanism used to indicate the security levels of entities. Examples of labels can be low, medium, or high or classified, secret, or sensitive and so on based on the sensitivity of the data and function.
- Logical security guard is a security mechanism to control the communication between entities that are labeled low sensitive and high sensitivity.
- Security modes are operating modes based on the operating level of the information systems and the sensitivity level or the security label. Some of the modes in which information systems operate are dedicated, compartmented, controlled, and limited access.