This post is also available in: עברית (Hebrew)
The networked world is changing. From 93 million connected devices in 2000, to 5 billion in 2010 and 31 billion expected in 2020, the world is getting more connected. Everything, from personal computational devices like computers and Smartphones, through home appliances and cars and finally infrastructure like power grids and traffic monitoring systems, is on the way to become a part of the web. This process raises questions like how to deal with the tremendous amounts of information those 31 billion machines will generate, and mainly how to secure all those connections.
“Securing networks requires taking into account both the infrastructure and the devices connected to it”, says Aric (AJ) Shipley, Senior Director of Security Solutions at Wind River Systems. “Because we are already present in the infrastructure, we can provide the needed security for devices connected to this infrastructure”.
To enable securing both the network itself and its end devices, while providing tools to manage traffic, Wind River offers its Intelligent Network Platform (INP), a system that manages network flow, inspects data streams to classify their types and target applications, and boosts performance by up to 300%. This lets organizations secure their connections by having the software analyze and find suspicious packets, improve revenue streams by serving ads with content and accelerating network access to prevent peak periods from slowing connections.
“We have a defense in depth approach. We apply security mechanisms from the moment you boot a machine. Security is baked into the silicon and we build it further in every possible level in the software”, says Shipley. He goes on to describe the “concentric circles” of security the company makes, insulating each app and connection inside a sandbox monitored by several software pieces, making it possible to “make sure when a device is ready to speak with another device, it’s done inside the safest environment possible”.
The importance of securing end devices as well as the enterprise network, he says, comes from the ability to infiltrate those networks from smart mobile devices. “Securing these devices is a challenge, since they don’t have access to the same level of resources as computers, like storage to save signature files, powerful computing to execute advanced security algorithms etc. But there’s software on those devices, being hacked the same way as computer software – acquiring administrative access and sending unauthorized information”. He emphasizes the importance of securing mobile devices without affecting their performance and battery life.
When asked about the challenges of defending the open source Operating Systems, like Android, versus closed ones, Shipley say that “you could claim that Linux distributions are less secure because the bad guys have access to their code, but the good guys also have this access, and this way security holes are patched much more quickly. At the end of the day, there’s a better visibility, which means you are better aware since you know where you’re exposed”.
Addressing the problem in defending devices from their owners’ mistakes, Shipley says “users are a devices biggest security hole, but also its biggest asset”. He adds that a user can either expose himself or be of assistance by reporting possible hazards. “In embedded systems, I don’t have a user exposing himself, but I also don’t have a user to report flaws”.
Referencing the ‘Internet of Things’, Shipley believes that connected machines can be safer than connected users, but “everyone is trying to connect machined without taking into account the security threats it poses. It’s happening so fast that we (security vendors) can hardly hold up”. Today, he declares, almost everything is exposed, offering hackers many opportunities.
INP, according to Shipley, is the first time companies and organizations can implement an overall security system, including the infrastructure and the endpoints, in a scalable, affordable way. The cooperation with Wind River’s parent company, Intel, makes it possible to roll out solutions based on hardware-software bundles faster and easier, and the future holds even better integrations, thanks to Intel’s purchase of security vendor McAfee.
By Yair Mohr