Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
Computer security
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
===Hardware protection mechanisms=== {{See also|Computer security compromised by hardware failure}} Hardware-based or assisted computer security also offers an alternative to software-only computer security. Using devices and methods such as [[dongle]]s, [[trusted platform module]]s, intrusion-aware cases, drive locks, disabling USB ports, and mobile-enabled access may be considered more secure due to the physical access (or sophisticated backdoor access) required in order to be compromised. Each of these is covered in more detail below. * USB [[dongle]]s are typically used in software licensing schemes to unlock software capabilities,<ref>{{Cite web |title=What is a license dongle? |url=https://www.revenera.com/software-monetization/glossary/license-dongle |access-date=2024-06-12 |website=www.revenera.com |language=en}}</ref> but they can also be seen as a way to prevent unauthorized access to a computer or other device's software. The dongle, or key, essentially creates a secure encrypted tunnel between the software application and the key. The principle is that an encryption scheme on the dongle, such as [[Advanced Encryption Standard]] (AES) provides a stronger measure of security since it is harder to hack and replicate the dongle than to simply copy the native software to another machine and use it. Another security application for dongles is to use them for accessing web-based content such as cloud software or [[Virtual Private Networks]] (VPNs).<ref>{{cite web |title=Token-based authentication |url=http://www.safenet-inc.com/multi-factor-authentication/authenticators/pki-usb-authentication/etoken-5200-token-based-authentication/ |url-status=live |archive-url=https://web.archive.org/web/20140320234026/http://www.safenet-inc.com/multi-factor-authentication/authenticators/pki-usb-authentication/etoken-5200-token-based-authentication/ |archive-date=20 March 2014 |access-date=20 March 2014 |publisher=SafeNet.com}}</ref> In addition, a USB dongle can be configured to lock or unlock a computer.<ref>{{cite web |date=10 February 2010 |title=Lock and protect your Windows PC |url=http://www.thewindowsclub.com/lock-protect-your-windows-pc-using-a-usb-drive-with-predator |url-status=live |archive-url=https://web.archive.org/web/20140320220321/http://www.thewindowsclub.com/lock-protect-your-windows-pc-using-a-usb-drive-with-predator |archive-date=20 March 2014 |access-date=20 March 2014 |publisher=TheWindowsClub.com}}</ref> * [[Trusted platform module]]s (TPMs) secure devices by integrating cryptographic capabilities onto access devices, through the use of microprocessors, or so-called computers-on-a-chip. TPMs used in conjunction with server-side software offer a way to detect and authenticate hardware devices, preventing unauthorized network and data access.<ref>{{cite web |first=James |last=Greene |year=2012 |title=Intel Trusted Execution Technology: White Paper |url=http://www.intel.com/content/dam/www/public/us/en/documents/white-papers/trusted-execution-technology-security-paper.pdf |url-status=live |archive-url=https://web.archive.org/web/20140611161421/http://www.intel.com/content/dam/www/public/us/en/documents/white-papers/trusted-execution-technology-security-paper.pdf |archive-date=11 June 2014 |access-date=18 December 2013 |publisher=Intel Corporation}}</ref> * [[Computer case#Intrusion detection|Computer case intrusion detection]] refers to a device, typically a push-button switch, which detects when a computer case is opened. The firmware or BIOS is programmed to show an alert to the operator when the computer is booted up the next time. * Drive locks are essentially software tools to encrypt hard drives, making them inaccessible to thieves.<ref>{{cite web |date=4 October 2008 |title=SafeNet ProtectDrive 8.4 |url=http://www.scmagazine.com/safenet-protectdrive-84/review/2596/ |url-status=live |archive-url=https://web.archive.org/web/20140320220133/http://www.scmagazine.com/safenet-protectdrive-84/review/2596/ |archive-date=20 March 2014 |access-date=20 March 2014 |work=SCMagazine.com}}</ref> Tools exist specifically for encrypting external drives as well.<ref>{{cite web |date=11 May 2009 |title=Secure Hard Drives: Lock Down Your Data |url=https://www.pcmag.com/article2/0,2817,2342798,00.asp |url-status=live |archive-url=https://web.archive.org/web/20170621202140/http://www.pcmag.com/article2/0,2817,2342798,00.asp |archive-date=21 June 2017 |publisher=PCMag.com}}</ref> * Disabling USB ports is a security option for preventing unauthorized and malicious access to an otherwise secure computer. Infected USB dongles connected to a network from a computer inside the firewall are considered by the magazine Network World as the most common hardware threat facing computer networks. * Disconnecting or disabling peripheral devices (like camera, GPS, removable storage, etc.), that are not in use.<ref>{{cite journal |last1=Souppaya |first1=Murugiah P. |last2=Scarfone |first2=Karen |date=2013 |title=Guidelines for Managing the Security of Mobile Devices in the Enterprise |url=https://www.nist.gov/publications/guidelines-managing-security-mobile-devices-enterprise |journal=National Institute of Standards and Technology |series=Special Publication (NIST SP) |location=Gaithersburg, MD |doi=10.6028/NIST.SP.800-124r1 |doi-access=free}}</ref> * Mobile-enabled access devices are growing in popularity due to the ubiquitous nature of cell phones.<ref>{{Cite web |date=2024-02-23 |title=Access Control Statistics: Trends & Insights |url=https://entrycare.com/access-control-statistics/ |access-date=2024-04-26 |language=en-US}}</ref> Built-in capabilities such as [[Bluetooth]], the newer [[Bluetooth low energy]] (LE), [[near-field communication]] (NFC) on non-iOS devices and [[biometrics|biometric]] validation such as thumbprint readers, as well as [[QR code]] reader software designed for mobile devices, offer new, secure ways for mobile phones to connect to access control systems. These control systems provide computer security and can also be used for controlling access to secure buildings.<ref>{{cite web |date=4 November 2013 |title=Forget IDs, use your phone as credentials |url=http://video.foxbusiness.com/v/2804966490001/forget-ids-use-your-phone-as-credentials/?playlist_id=937116503001#sp=show-clips |url-status=live |archive-url=https://web.archive.org/web/20140320215829/http://video.foxbusiness.com/v/2804966490001/forget-ids-use-your-phone-as-credentials/?playlist_id=937116503001#sp=show-clips |archive-date=20 March 2014 |access-date=20 March 2014 |publisher=[[Fox Business Network]]}}</ref> * [[IOMMU]]s allow for hardware-based [[Sandbox (computer security)|sandboxing]] of components in mobile and desktop computers by utilizing [[direct memory access]] protections.<ref>{{cite web |title=Direct memory access protections for Mac computers |url=https://support.apple.com/guide/security/direct-memory-access-protections-seca4960c2b5/1/web/1 |access-date=16 November 2022 |website=Apple}}</ref><ref>{{cite web |title=Using IOMMU for DMA Protection in UEFI Firmware |url=https://www.intel.com/content/dam/develop/external/us/en/documents/intel-whitepaper-using-iommu-for-dma-protection-in-uefi-820238.pdf |url-status=live |archive-url=https://web.archive.org/web/20211209062425/https://www.intel.com/content/dam/develop/external/us/en/documents/intel-whitepaper-using-iommu-for-dma-protection-in-uefi-820238.pdf |archive-date=2021-12-09 |access-date=16 November 2022 |publisher=Intel Corporation}}</ref> * [[Physical unclonable function|Physical Unclonable Functions]] (PUFs) can be used as a digital fingerprint or a unique identifier to integrated circuits and hardware, providing users the ability to secure the hardware supply chains going into their systems.<ref>{{Cite journal |last1=Babaei |first1=Armin |last2=Schiele |first2=Gregor |last3=Zohner |first3=Michael |date=2022-07-26 |title=Reconfigurable Security Architecture (RESA) Based on PUF for FPGA-Based IoT Devices |journal=Sensors |language=en |volume=22 |issue=15 |page=5577 |bibcode=2022Senso..22.5577B |doi=10.3390/s22155577 |issn=1424-8220 |pmc=9331300 |pmid=35898079 |doi-access=free}}</ref><ref>{{Cite journal |last1=Hassija |first1=Vikas |last2=Chamola |first2=Vinay |last3=Gupta |first3=Vatsal |last4=Jain |first4=Sarthak |last5=Guizani |first5=Nadra |date=2021-04-15 |title=A Survey on Supply Chain Security: Application Areas, Security Threats, and Solution Architectures |url=https://ieeexplore.ieee.org/document/9203862 |journal=IEEE Internet of Things Journal |volume=8 |issue=8 |pages=6222β6246 |doi=10.1109/JIOT.2020.3025775 |issn=2327-4662 |s2cid=226767829|url-access=subscription }}</ref>
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)