计算机体系结构与安全
2013-1
高等教育出版社
王双保,(美)莱德利 著
321
490000
无
This book provides the fundamentals of computer architecture and security. It covers a wide range of computer hardware, system software and data concepts from a security perspective. It is essential for computer and information security professio-nals to understand both hardware and software security solutions to thrive in the workplace. It features a careful, in-depth, and innovative introduction to modern computer systems and patent-pending technologies in computer security. In the past, computers were designed without security considerations. Later,firewalls were used to protect them from outside attacks. This textbook inte-grates security considerations into computer architecture in a way that it is immune from attacks. When necessary, the author creates simplified examples from patent-pending technologies that clearly explain architectural and imple-mentation features. This book is intended for graduate and undergraduate students, engineers, and researchers who are interested in secure computer architecture and systems. This book is essential for anyone who needs to understand, design or implement a secure computer system. Studying computer architecture from a security perspective is a new area. There are many textbooks about computer architecture and many others about computer security. However, textbooks introducing computer architecture with security as the main theme are rare. This book introduces not only how to secure computer compo-nents (Memory, I/O, network interfaces and CPU) but also how to secure the entire computer system. The book proposes a new model that changes the Neumann archi-tecture that has been the foundation of modern computers since 1945. The book includes the most recent patent-pending technology in computer architecture for security. It also incorporates experiences from the author's recent award-winning teaching and research. This book also introduces the latest technologies, such as virtualization, cloud computing, Internet computing, ubiquitous computing, biocomputers and other advanced computer architectures, into the classroom in order to shorten the transi-tion time from student to employee.
在当今的计算机和信息系统应用设计中,计算机和信息安全专业人员必须同时了解硬件和软件才能有效地部署安全解决方案。《信息安全系列:计算机体系结构与安全(英文版)》从安全的角度对计算机和网络硬件、系统软件、信息和数据的概念进行全面的阐述,并为读者提供实现安全的计算机和信息系统的解决方案和工具;此外,在计算机安全、信息集成设计与实践经验方面还介绍了现代计算机系统以及作者所拥有的一些专利技术,以使读者更好地掌握和应用计算机安全系统的知识。《信息安全系列:计算机体系结构与安全(英文版)》可作为高等学校计算机、电子与通信以及信息安全学科高年级本科生和研究生教材,也可供相关专业研究人员、安全专家以及工程师参考。
Shuangbao(Paul)Wang美国乔治·梅森大学副教授,曾任美国国家生物医学基金会信息技术总裁、青岛市科技信息研究所所长;获美国先进模拟和培训LINK学者奖1项,科技奖励18项;拥有专利4项,其中3项已实现转让并投产,研究成果在美国“产业化周”列为最佳发明奖:1篇论文列入《科学快线》25篇优秀论文之首。
Robert S.
Ledley美国乔治敦大学教授,美国科学院院士,美国国家生物医学基金会主席,计算机断层扫描(CT)的发明人。兼任4个国际期刊的主编,撰写了多部专著,拥有专利和基金项目百余项,获1997年美国总统颁发的“国家技术奖”,被评为1990年国家优秀发明人才。
1 Introduction to Computer Architecture and Security
1.1 History of Computer Systems
1.1.1 Timeline of Computer History
1.1.2 Timeline of Internet History
1.1.3 Timeline of Computer Security History
1.2 John von Neumann Computer Architecture
1.3 Memory and Storage
1.4 Input1Output and Network Interface
1.5 Single CPU and Multiple CPU Systems
1.6 Overview of Computer Security
1.6.1 Confidentiality
1.6.2 Integrity
1.6.3 Availability
1.6.4 Threats
1.6.5 Firewalls
1.6.6 Hacking and Attacks
1.7 Security Problems in Neumann Architecture
1.8 Summary
Exercises
References
2 Digital Logic Design
2.1 Concept of Logic Unit
2.2 Logic Functions and Truth Tables
2.3 Boolean Algebra
2.4 Logic Circuit Design Process
2.5 Gates and Flip-Flops
2.6 Hardware Security
2.7 FPGA and VLSI
2.7.1 Design of an FPGA Biometric Security System
2.7.2 A RIFD Student Attendance System
2.8 Summary
Exercises
References
3 Computer Memory and Storage
3.1 A One Bit Memory Circuit
3.2 Register, MAR, MDR and Main Memory
3.3 Cache Memory
3.4 Virtual Memory
3.4.1 Paged Virtual Memory
3.4.2 Segmented Virtual Memory
3.5 Non-Volatile Memory
3.6 External Memory
3.6.1 Hard Disk Drives
3.6.2 Tertiary Storage and Off-Line Storage
3.6.3 Serial Advanced Technology Attachment (SATA)
3.6.4 Small Computer System Interface (SCSI)
3.6.5 Serial Attached SCSI (SAS)
3.6.6 Network-Attached Storage (NAS)
3.6.7 Storage Area Network (SAN)
3.6.8 Cloud Storage
3.7 Memory Access Security
3.8 Summary
Exercises
References
4 Bus and Interconnection
4.1 System Bus
4.1.1 Address Bus
4.1.2 Data Bus
4.1.3 Control Bus
4.2 Parallel Bus and Serial Bus
4.2.1 Parallel Buses and Parallel Communication
4.2.2 Serial Bus and Serial Communication
4.3 Synchronous Bus and Asynchronous Bus
……
5 I/O and network interface
6 Central processing unit
7 advanced computer architecture
8 assembly language and operating systems
9 TCP/IP and internet
10 design and implementation: modifying Neumann architecture
Appendix a digital logic simulators
Appendix b computer security tools
Appendix c patent application: intrusion-free computer architecture
for information and data security
Index
版权页: 插图: In modem computers,hard disk drives are usually used as secondary storage.Thetime taken to access a given byte of information stored on a hard disk is typically afew thousandths of a second,or milliseconds.By contrast,the time taken to access agiven byte of information stored in random access memory is measured in billionthsof a second,or nanoseconds.This illustrates the significant accesstime differencewhich distinguishes solidstate memory from rotating magnetic storage devices:hard disks are typically about a million times slower than memory.Rotating opticalstorage devices,such as CD and DVD drives,have even longer access times.Withdisk drives,once the disk read/write head reaches the proper placement and the dataof interest rotates under it,subsequent data on the track are very fast to access.As aresult,in order to hide the initial seek time and rotational latency,data are transferredto and from disks in large contiguous blocks. When data reside on disk,block access to hide latency offers a ray of hope indesigning efficient external memory algorithms.Sequential or block access ondisks is orders of magnitude faster than random access,and many sophisticatedparadigms have been developed to design efficient algorithms based uponsequential and block access.Another way to reduce the I/O bottleneck is to usemultiple disks in parallel in order to increase the bandwidth between primary andsecondary memory. Some other examples of secondary storage technologies are: flash memory (e.g.,USB flash drives or keys),floppy disks,magnetic tape,paper tape,punched cards,standalone RAM disks,and Iomega Zip drives. The secondary storage is often formatted according to a file system format,whichprovides the abstraction necessary to organize data into files and directories,providing additional information (called metadata) describing the owner of a certain file,the access time,the access permissions,and other information. Most computer operating systems use the concept of virtual memory,allowingutilization of more primary storage capacity than is physically available in the system.As the primary memory fills up,the system moves the leastused chunks(pages) to secondary storage devices (to a swap file or page file),retrieving themlater when they are needed.As more of these retrievals from slower secondary stor-age are necessary,the more the overall system performance is degraded.
《计算机体系结构与安全》可作为高等学校计算机、电子与通信以及信息安全学科高年级本科生和研究生教材,也可供相关专业研究人员、安全专家以及工程师参考。
无