Application security as crucial to the modern distributed trust model

© 2017 Intertrust Technologies Corporation. All rights reserved.

Application security as crucial to the modern distributed trust modelLINE-Intertrust Security Summit 1 —TokyoMay 17, 2017

Dave Maher, CTO Intertrust


Three drivers for Application layer security

2

1. Scale

2. Hyper-connectivity

3. Implications of Merger of the Cyber and Physical worlds


Scale

3

20204

BILLIONConnected People

$4 TRILLIONRevenue Opportunity

25+ MILLION

Apps

25+ BILLION

Embedded and Intelligent Systems

50 TRILLION

GBs of Data


Hyperconnectivity and dynamic and ephehemeral networks

4


Merger of Cyber and Physical worlds bring huuuuge risks

5


Isolation defeats the purpose of connectivity

6


Ransomware and other malware

7


Software self-defense addresses scale

8

Things must become responsible for themselves


• Security within the device or application — self-defense

• Security mechanisms that are simple for users, self-maintaining, inexpensive yet strong

• Security can be lightweight yet strong

• Defense-in-depth: Additional layers, including

• Network security where appropriate

• Cloud-based services that can detect patterns of illicit activity

• Protection of application data and device sensor info

• Protection of resources

• Secure delegation: Make it easy to give access to legitimate users but hard for illicit users

Trust models — what we rely on for Safety, Security, Privacy

10


Model for an internet connected thing

11

Sensors

Physical Interfaces

Communications

Security Associations

Remote Controller

CloudServices

Thing

Remote Front Panel Status

Security Manager


• Except by legitimate users

• Part of a defensed in depth strategy

• When a device or application appears on a network, don’t shout out too much

• Incremental and tokenized discovery can keep things friendly for legitimate users

• Protocols can help assure things appear uninteresting to illegitimate users

Make valuable devices difficult to discover

12


Reference Monitor

13

Reference Monitor


Audit Trail

Device ControlsUser


• A Security Association (SA) is the establishment of shared security attributes between two network entities to support secure communication

• We can use a similar approach for authorization using Message Authentication Codes

• We can include permissions in an SA authorizing use of commands or access to state and sensor data in a device or application

• Keys are typically part of an SA

• We can use cloud services to simplify SA management and associated key management for IoT devices and applications


14

https://en.wikipedia.org/wiki/Network_security

https://en.wikipedia.org/wiki/Computer_networking


Secure Key Vault

15

• Access to applications and devices can be protected using cryptographic keys in security associations

• Need a secure place to keep them


• Collect behavior info from devices and applications

• Learn normal behavior

• Detect and classify anomalies

• Determine threat thresholds

• Set alarms and notifications

• All without tipping off intruders

Secure Telemetry and Threat Analytics

16


1. When we design applications and IoT devices today we must keep in mind• Scale• Hyper-connectivity• Implications of Merger of the Cyber and Physical worlds

2. We CAN keep things simple and friendly but we must take care

17

Conclusion


Thank you

Application security as crucial to the modern distributed trust model

Technology

Transcript of Application security as crucial to the modern distributed trust model