Question 1
A hardware security module is identified as a secure Crypto processor, which is liable for managing digital keys and accelerating the system, in terms of digital signals per second. Therefore, this provides a strong authentication to access some of the significant keys for server applications (White & Edward, 2007). It is essential to have the hardware security function since; they provide a foundation for data protection in an organization. This enables organizations to take advantage of rights movement, data encryption and digital signing within the organization itself (Safford, 2002).
On the contrary, this hardware security module is faced with certain challenges. Some of the most common challenges include the impact of the system on performance strategies, resiliency for critical systems and the protection of the system among others.
Question 2
In the recent past, there are various programs that have been established in order to battle against the attacks in an organization. Contrarily, in some instances, there are several attacks that cannot be defended by software.
Some of the most common attacks that cannot be prevented by software include main-in-the-middle attack, client-side attacks from a management program, drone raids, network security threats, web application attacks and distributed denial of service attacks among others (White & Edward, 2007).
These attacks are quite crucial in any organization. This proves that an organization is not supposed to entirely rely on computer systems because they cannot defend the organization from all attacks. As a matter of fact, the organization should employ other forms of security that will ensure that the confidential data is protected.
Question 3
Organizations should be concerned with various issues especially when they are purchasing computer hardware and software (White & Edward, 2007). These issues include compatibility and incorporation with other applications, ease of surrogating and the cost. The open standards support some of the main technical approaches in security.
For instance, the organizations should ensure that the software they purchase is built on open standards. Open standards ensures that the organization is able to replace the software with another one in the procurement level. It is clear that the most vital open standards are data formats.
In technology, an open standard for software can be defined as a publicly available specification that enables an organization to achieve a certain task. This shows that open standards are essential in security since; they are mainly aimed at the benefit of the users (White & Edward, 2007). In addition, the open standards also ensure that the global economic growth is sustained.
Question 4
According to IBM, open standards help in the economic health, growth of the business, technological innovation, societal freedom and legitimate governance. In fact, IBM supports open standards for all the stakeholders in both the emerging and mature economies.
In the new policy set up by the company, the open standards usually concentrate on the quality and openness of the property policies and membership regulations. IBM can change its proprietary ESS 1.0 chip based on the focus of enabling computer applications to become more interoperable through the open standards.
Recent research asserts that IBM supports the fair application of standard development practices for every stakeholder. Furthermore, IBM will continually hold on to this doctrine. It is clear that IBM has established a doctrine of its new policy which is mainly guided by open standards (White & Edward, 2007).
Question 5
Trusted Computing can be defined as the technology which has been developed and endorsed by the Trusted Computing Group. In trusted computing, the computer behaves in the anticipated mode. These behaviors are mainly imposed by the hardware and software of the computer (Safford, 2002).
Trusted Computing is contentious since, the computer hardware is not secured from the owner, but it is secured against the owner. Therefore, various scholars identify trusted computing as treacherous computing. Some of the most common proponents include Endpoint Technologies Associates, International Data Company among others. These proponents point out that the technology makes computers safe especially from malicious programs. Therefore, most of the companies that manufacture computer hardware are planning to include trusted computing in their products.
Question 6
In the discipline of computing, the trusted computing platform can be identified as the name of a published requirement which details a secure Crypto processor. Additionally, the trusted platform module can also be recognized as the common term given to implementations of that requirement.
Research asserts that the most current module specification is the 1.2 Revision 116 that was published in early in 2011. This module normally facilitates secure generation of cryptographic keys (White & Edward, 2007).
This module is applicable in several ways including platform integrity, disk encryption, digital rights management, software license and password protection among other uses. Finally, the trusted platform module was also realized from the Trusted Computing Group.
Question 7
The OpenGL ES is recognized as a subset of the OpenGL 3D graphics API (Application Programming Interface). These embedded systems are mostly designed for devices such as Personal Digital Assistants and cell phones among other devices (Safford, 2002).
There are several versions of the OpenGL embedded systems that are there available in the present market. The most common versions are the ESS 1.0 and the ESS 2.0 version. The main discrepancy between these versions is that the ESS 1.0 included a certified 3D graphics application program interface, Symbian, QNX and Androis OS (White & Edward, 2007).
In addition, this version also supports the Play Station 3. On the other hand, the ESS 2.0 is supported by various devices including Mac devices, Raspberry Pi and blackberry devices which have the blackberry operating system among others.
Question 8
When computers are manufactured, the machine instructions include a bootstrap code which is contained in a critical component in the computer. There are several methodologies and systems which have been developed in order to prevent unauthorized modification of an operating system (White & Edward, 2007).
In addition, the system also includes the operating system that has the kernel code which controls access to the operations of the processing unit. In most cases, this system usually has an enforcement agent that executes a superior opportunity, as opposed to the kernel code.
This proves that the trusted boot functions usually prevent any unauthorized alterations of the operating system. These trusted functions ensure that the operating system is always secured from any modifications that are not authorized.
Question 9
Endorsement key is defined as an encryption key which is eternally embedded in the trusted platform module security hardware. This Endorsement key usually assists in recognizing the authenticity of the trusted platform module (White & Edward, 2007).
The storage key is also rooted in the trusted platform module security hardware. The main function of the storage root key is to protect the module keys that are created by applications. This key is created when an individual takes ownership the trusted module.
Finally, the owner authorization secret key is known as a 160-bit secret which is shared by the owner of the trusted platform module (Safford, 2002).
Question 10
The ESS 2.0 was released in 2007. This version is not backward attuned with the ESS 1.0. In fact, this version is skeptic in regard to the system.
The embedded security subsystem is able to protect the owner’s data from any form of external attack. On the contrary, this chip is able to protect the data from attack by the owner.
For instance, this chip is principally a public key smartcard chip that is able to execute certain tasks (Safford, 2002).
References
Safford, D. (2002). Clarifying misinformation on TCPA. Retrieved from http://www.research.ibm.com/gsal/tcpa/tcpa_rebuttal.pdf
White, R., & Edward, T. (2007). How computers work. United States: Que Press.
