Security Capabilities of Information Systems
Security Capabilities of Information Systems are of important aspects of CISSP training course. In this section, we focus on Memory Protection, Trusted Platform Module (TPM) and Encryption / Decryption.
Memory Protection
Information Systems are very important. So Memory Protection is an important security concept associated.
Memory in a computer system can be either physical or virtual storage. Physical memory can be classified as a HDD drives, SSD drives, and other storages. Virtual memory can be a paging file or swap portions.
Memory Protection domain is associated with the protection of memory from unauthorized access. The protection can be enforced either by an operating system or implemented through hardware. Memory protection is totally concerned about protecting the memory space assigned to a process. Memory that belongs to a process is protected by its private virtual address space.
Trusted Platform Module (TPM)
TPM performs sensitive cryptographic functions on a physically separate, dedicated microprocessor. A TPM chip is a secure cryptoprocessor, which carries out cryptographic operations that involve the storage and processing of symmetric and asymmetric keys, hashes, and digital certificates.
The TPM is an international standard (ISO/ IEC 11889 Series).
A TPM generates and stores cryptographic keys, and performs the following functions:
- Enables third-party verification of the system state using a cryptographic hash of the known good hardware and software configuration.
- Binds a unique cryptographic key to specific hardware.
- Encrypts data with a unique cryptographic key and ensures that ciphertext can only be decrypted if the hardware is in a known good state.
Some of the key advantages of using TPM technology are that you can:
- Generate, store, and limit the use of cryptographic keys.
- Use TPM technology for platform device authentication by using the TPM’s unique RSA key.
TPM’s internal memory is divided into two different segments:
- Persistent (static) memory modules.
- Versatile (dynamic) memory modules.
Encryption / Decryption
A system incorporating with TPM creates cryptographic keys and encrypts them. These encrypted keys can only decrypt by TPM. Each TPM has a master wrapping key, which is known as Storage Root Key (SRK), stored in TPM itself.
The private key is always present inside the TPM, while the public key is used to verify the authenticity of the TPM itself.