Combining Security Assurance and High Performance in Hostile Environments
Abstract
With growing global bandwidth consumption and increasing cyber-attacks, information security actors are in constant need for scalable, high performance products that still provide a high level of security assurance. The French national project "SHIVA" aims at developing a new security architecture providing multiple services and such performance and security assurance levels. Based on research and development from various fields, this paper presents usages of technologies from the high performance computing systems (HPC clusters), FPGA-based reprogrammable devices and the use of formal methods to provide additional assurance to be tested under most standard evaluation criteria. A very high level of security assurance is targeted, hence high attack potentials are assumed as per the Common Criteria Vulnerability Analysis assurance requirements (CC AVA VAN.5): A distributed architecture using scalable InfiniBand interconnect is discussed as a new interconnect method for cryptographic devices. New usages and advantages of relying on such an architecture are presented, as well as various security considerations on threats, attacks and how reprogrammable devices bring innovative solutions to cryptographic initialization process on hostile platforms, as well as optimizations and opportunities opened by the use of pre-processing and formally designed software in handling operational data flow and critical information
Document Details
- Document Type
- Technical Report
- Publication Date
- Nov 01, 2010
- Accession Number
- ADA547124
Entities
People
- Antoine Casanova
- Pierre Capillon