Online Security in Embedded Systems
These days many gadgets with embedded systems are being used. Tablets, Netbooks and Desktop Clients. Many of these are used to make secure transactions like Banking. It is also used as a Security Device for Web Applications and Website Memberships.
The secure transaction process has improved. I know there is encryption and also the NIC number of Ethernet cards etc. I have some thought, i think i will note it here. In one sentence "Make Every CPU Chip Unique with a Unerasable ROM ID Code or Signature" this can also be tied to a QR Code. A Firmware query spawned by a SSL TCP/IP action will return the CHIP ID which enables secure communication and device tracking overriding all user controls.Processor manufactures and Chip IP makers are standardized. The Secure CPU makers should obtain a license for secure CPU, which will be a CPU but with a Secure Transaction Chip with Unique Identification Code engraved within. Each Chip is unique and a replacement of CPU needs new authentication for all transactions. No two chips are made the same, the unique numbers are not on flash (like BIOS), but digitally etched-burnt with indelible e-ink. So when a person makes transaction his computer is more securely authorized. More security options like GPS in CPU for big transactions, these computers will be expensive too.
(First posted in delabs Notes 2006 - Then in Nomadic Computing 2007)
delabs design Notes - 2008