Abstract
This paper proposes a security framework for secure data communications across the partners in the Semiconductor Supply Chain Environment. The security mechanisms of the proposed framework will be based on the SSL/TLS and OAuth 2.0 protocols, which are two standard security protocols. However, both protocols are vulnerable to a number of attacks, and thus more sophisticated security mechanisms based on these protocols should be designed and implemented in order to address the specific security challenges of the Semiconductor Supply Chain in a more effective and efficient manner.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Dierks, T.: The Transport Layer Security (TLS) Protocol Version 1.2, RFC 5246, vol. RFC 5246, pp. 1–104 (2008)
Hardt, D.: The OAuth 2.0 Authorization Framework [RFC 6749], RFC 6749, pp. 1–76 (2012)
Hong, J.: The state of phishing attacks. Commun. ACM 55(1), 74–81 (2012)
GReAT, The Icefog APT: A Tale of Cloak and Three Daggers, Kaspersky Labs (2013)
Mantas, G., Komninos, N., Rodriuez, J., Logota, E., Marques, H.: Security for 5G communications, Fundamentals of 5G Mobile Networks, pp. 207–220 (2015)
Krebs, B.: Target Hackers Broke in Via HVAC Company, Krebs on Security (2014)
Hawkings, B.: Case Study: The Home Depot Data Breach, SANS Institute (2015)
Krebs, B.: Sources: Target Investigating Data Breach, Krebs on Security (2013)
Nelson, N.: The impact of Dragonfly malware on industrial control systems (2016)
Symantec, Dragonfly: Cyberespionage Attacks Against Energy Suppliers (2014)
Gragido, W.: Lions at the Watering Hole – The ‘VOHO’ Affair, RSA (2012)
BAE Systems Applied Intelligence, Shylock. Banking malware. Evolution or revolution? (2014)
Zetter, K.: A cyberattack has caused confirmed physical damage for the second time ever, Wired, pp. 1–19 (2017)
Falliere, N., Murchu, L.O., Chien, E.: W32.Stuxnet Dossier, vol. 4, February 2011
Lipp, M., et al.: Meltdown (2018). no. ArXiv eprints: arXiv:1801.01207
Kocher, P., et al.: Spectre Attacks: Exploiting Speculative Execution * (2018). no. ArXiv eprints: arXiv:1801.01203
Krebs, B.: Breach at Michaels Stores Extends Nationwide, Krebs on Security (2011)
Acknowledgment
The work has been performed in the project Power Semiconductor and Electronics Manufacturing 4.0 (SemI40), under grant agreement No 692466. The project is co-funded by grants from Austria, Germany, Italy, France, Portugal (from the fundação para a ciência e Tecnologia - ECSEL/0009/2015) and - Electronic Component Systems for European Leadership Joint Undertaking (ECSEL JU).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Esfahani, A. et al. (2019). Security Framework for the Semiconductor Supply Chain Environment. In: Sucasas, V., Mantas, G., Althunibat, S. (eds) Broadband Communications, Networks, and Systems. BROADNETS 2018. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 263. Springer, Cham. https://doi.org/10.1007/978-3-030-05195-2_16
Download citation
DOI: https://doi.org/10.1007/978-3-030-05195-2_16
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-05194-5
Online ISBN: 978-3-030-05195-2
eBook Packages: Computer ScienceComputer Science (R0)