Robert Day: the OS is the key attack point
In the connected world of the internet of things (IoT), like in the defence industry, one attack could be fatal. Security thinking needs to be turned on its head, and IoT endpoints and routers need to be designed to resist the next attack rather than patched to prevent the last one.
If the right technology is applied when the network is being designed (rather than as an afterthought), it could dramatically reduce the chance of an attack, or its impact when it occurs.
Much of this technology already exists and was evolved to meet the security needs of the defence industry, which has been operating secure remote networks for decades, and where a compromise in any part of the network could be fatal to national security and hence not an option.
In the endpoint, operating systems are often the key attack point as they are typically the highest privileged software in any given system, and if compromised offer keys to the control and data kingdoms.
However, if an RTOS (real-time operating system) is used that has built-in security functionality, especially one that was designed to meet the exacting security needs of tactical defence systems, then it could offer enough security protection to stop the most determined attacker.
The router will need a similar secure OS but due to its greater complexity, and multiple network connections, especially its link to the Internet, additional measures are needed. This leads us toward what is known as a multi-domain system.
In the defence industry, secure OSs have been used for multi-domain systems linked to different networks at different levels of security classification, but the prevailing thoughts and technology for true domain separation call for something known as a separation kernel.
This is at a higher level of privilege than the OS (i.e., it sits between the OS and the hardware), and its primary function (as the name suggests) is to separate the resources in the system, such that an attack in one domain cannot reach or compromise the other domain.
A defence in depth strategy must be employed as we put IoT infrastructure in place, as traditional network and endpoint security is not adequately containing today’s cyber threats. IoT systems need to be secure by design, as successful attacks can degrade or even destroy public confidence before the IoT proves its value.
Writer is Robert Day, v-p marketing, Lynx Software Technologies
from News http://www.electronicsweekly.com/news/business/viewpoints/iot-needs-secure-maintain-public-confidence-2014-12/
via Yuichun
沒有留言:
張貼留言