资 源 简 介
通过集成到微控制器的技术提高安全性
当安全在我们的直接控制之下,这是日常生活中显而易见的一个方面;我们锁上门窗,我们不把贵重物品放在普通的视线里,我们在电子支付时保护我们的别针。然而,当安全级别不是我们的直接控制下变得更加模糊;不清楚为什么安全是必要的,事实上,它是如何实现的。
越来越多的嵌入式电子设备出现了这种情况,因为它们现在实现了某种程度的连接,但在历史上对安全问题不敏感。
如果存在秘密连接,例如在生产能力联网的工业设备,或医疗设备,使病人信息的访问-危险可能不清楚,或往往,甚至在当地存在。由于连通性是全球性的现象,远程攻击的危险也是如此,这增加了远远超出邻近地区的安全问题。来自地球另一端的威胁可能是特定的——或者可能是无意的——瞄准良性设备,并将这种威胁扩展到它随后访问的任何其他设备。
因此,物联网很可能会促进嵌入式安全的问题,远远超出局域网或可见的威胁。
What is a security threat?
There are many aspects to security in electronic devices today. Predominantly, these can be categorized as threats to either content, intellectual property, or personal data. The trends behind the cost and benefits of adding connecTIvity are moving posiTIvely, but this is only possible thanks to another trend – the use of more diverse hardware soluTIons and the adopTIon of open source software.
While these are both, ostensibly, also positive, the effect is increased difficulty in guaranteeing security. When networking was first introduced, it was under the control of a small number of providers, which made the need for security almost moot. As connectivity has proliferated, the diversity in hardware and software solutions makes security harder to impose, unless you remain in complete control of your platform (such as Apple)。 Even then, threats can never be entirely mitigated. Security, therefore, is any method by which a threat can be curtailed or controlled. This accepts that threats cannot be entirely avoided but must, instead, have equal and preferably greater countermeasures.
