Electronic data security has become an area of great focus for development as more daily transactions become computerized. Computing devices are constantly being utilized to exchange financial data, personal identification data, and the like. As a result, hackers may attempt to compromise computing devices to gain access to this valuable information. For example, malicious software (e.g., malware) may be loaded to passively or actively attack computing devices. Passive attacks may comprise malware observing data being passed between a processor and a memory to obtain passwords or other sensitive or confidential data. Active attacks may involve altering data stored in memory to trigger an atypical result such as allowing an unpermitted user to gain access to the computing device. In either instance, plaintext (unencrypted) data in the memory of a computing device that is exchanged with a processor in the computing device may present a major vulnerability.
Device manufacturers, component manufacturers, and software developers, for example, continue to try to develop protective measures to combat vulnerabilities. Software-based malware detection and elimination solutions typically operate at the privilege level of an operating system (OS) in the computing device. These solutions may be effective against lower privilege attacks, but may not be able to combat higher-privileged malware like rootkits. Some hardware-based protective solutions are now emerging that are instituted very early during boot-up of a computing device, and thus may establish protective measures before malware even becomes active. Known-good protection firmware may be loaded early on during boot-up that may perform various functions such as checking whether subsequently loaded software comports with known-good versions, establishing protected areas of memory wherein data may be protected from being accessed by hostile software, and the like. While the benefits of these protective measures may be apparent, at least one issue that hardware protection systems may introduce is additional processing overhead at a very low level resulting in, for example, slower overall performance for the computing device.
Furthermore, as the concern regarding data theft grows from cloud computing to physical attacks of personal devices or client systems, and to identity theft, the list of vulnerabilities keeps growing. And, as a result, the number of security solutions continues to grow to address vulnerabilities of different kinds and levels of risk. Each security solution carries different impacts on computing performance, memory overhead and bandwidth. It is difficult to foresee all of the market needs in terms of choice of the security solutions for different vendors or customers. It is also expensive to manufacture customized devices (or components for those devices) that each covers a different security solution in anticipation of various security level demands. And, to implement all the security solutions and corresponding encryption modes into the same devices would require too much space, much of which would be wasted for lower security level options, if chosen.