2016 ELPP – IoT Security This work was created in an open classroom environment as part of a program within the Sutardja Center for Entrepreneurship & Technology and led by Prof. Ikhlaq Sidhu at UC Berkeley. There should be no proprietary information contained in this paper. No information contained in this paper is intended to affect or influence public relations with any firm affiliated with any of the authors. The views represented are those of the authors alone and do not reflect those of the University of California Berkeley. • Vijay Kumar Eranti • Serge Maskalik • Jeffrey Pierce • Dina McKinney • Hima Devisetti • Venkata Nandanavanam • Geoffrey Perez
23
Embed
2016 ELPP – IoT Security Word V2scet.berkeley.edu/wp-content/uploads/2016-ELPP-–-IoT-Security... · 2016 ELPP – IoT Security This work was created in an open classroom environment
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
2016 ELPP – IoT Security
This work was created in an open classroom environment as part of a program within the Sutardja Center for Entrepreneurship & Technology and led by Prof. Ikhlaq Sidhu at UC Berkeley. There should be no proprietary information contained in this paper. No information contained in this paper is intended to affect or influence public relations with any firm affiliated with any of the authors. The views represented are those of the authors alone and do not reflect those of the University of California Berkeley.
BusinessLandscapeTheInternetofThingsiscomprisedofawildlydiverserangeofdevicetypes- from small to large, from simple to complex – from consumergadgets to sophisticated systems found in DoD, utility andindustrial/manufacturing systems. Now part of the expanding webconnected network – Internet of Things, embedded devices are verydifferent from standard PCs or other consumer devices. These
industrial operational assets are commonly fixed function devicesdesignedspecificallytoperformaspecializedtask.ManyofthemuseaspecializedoperatingsystemsuchasVxWorks,MQXorINTEGRITY,orastrippeddownversionofLinux.Installingnewsoftwareonthesystemin the field either requires a specialized upgrade process or is simplynotsupported. Inmostcases,thesedevicesareoptimizedtominimizeprocessingcyclesandmemoryusageanddonothaveextraprocessingresourcesavailabletosupporttraditionalsecuritymechanisms.Asaresult,standardPCsecuritysolutionswon’tsolvethechallengesofembeddeddevices.Infact,giventhespecializednatureofembeddedsystems,PCsecuritysolutionswon’tevenrunonmostembeddeddevices.TherearemanycompaniesthatareworkingonprovidingsecurityinIoTlandscape.Someofthecompaniesinclude:
• AzetiNetworksAG• Intel• Sypris• ZingBox• Shodan• CertifiedSecuritySolutions:EnterprisedigitalidentityCertified Security Solutions (CSS) (https://www.css-security.com/ ) is a cyber security company that builds andsupports platforms to enable secure commerce for globalbusinesses connected to the Internet. CMS enterprise certificatelifecycle management and VerdeTTo™ IoT identity securityplatforms simplify the design, deployment, monitoring andmanagement of trusted digital identities, making authenticationscalable,flexibleandaffordable.
• Symantec:Symantec (https://www.symantec.com/ ) expands securityportfolio with new Embedded Critical System Protection,designedtodefendIoTdevicesagainstzero-dayattacks,andsignsATMmanufacturerWincorNixdorf as oneof the early adopters.To further fuel innovation in IoT security, Symantec recentlyannounced a partnership with Frost Data Capital to incubateearly-stage startupswith funding, resourcesandexpertise.FrostData Capital underpins the incubator with seasoned
entrepreneurs,proven innovationmethodologyandprocess,anddeep expertise in big data analytics, IoT, industrials andhealthcare.ThesestartupcompanieswillhavetheopportunitytocollaboratewithSymantec to solve themost complex challengesshapingtomorrow'sthreatlandscape.
• SecureThings:SecuriThings (http://securithings.com/) is a User and EntityBehavioral Analytics (UEBA) solution for IoT. It monitors usersandtheIoTdevicesthemselves.Itusesmachinelearningsecurityalgorithms adapted for IoT to identify andmitigate threats. Andit’s simple to add to any IoT application, because it’s pre-integratedwithleadingIoTplatforms.
• DeviceAuthority:SecurityAutomationforInternetofThingsDevice Authority (http://www.deviceauthority.com/) providessimple,innovativesolutionstoaddressthechallengesofsecuringthe Internet of Things (IoT). IoT brings new security challengesintroduced by the scale and pace of adoption, as well as thephysicalconsequencesofcompromisedsecurity.Thesechallengescannot be effectively addressed by traditional InformationTechnology (IT) security solutions. The Device Authority IoTsecurity platform is purpose-built to address these challengesthrough automated device provisioning, credentialmanagement,secure updates and policy-driven data encryption. The IoTpromises countless efficiencies, increased competitiveness,improved customer service and even brand new marketopportunities. However, deploying strong security is hard andalways has been. Deploying strong IoT security is evenharder. According to Gartner, by 2020, around 25% of allidentified security breaches will involve IoT. To address this,Device Authority introduces a new paradigm of IoT SecurityAutomation that accelerates and simplifies the deployment ofstrongIoTsecurity.Advanced,policydrivensecurityautomationiscriticalforindustrial,healthcare,transportationandotherlargescale security sensitive IoT environments. Their patenteddynamickeytechnologyprovidestheessentialdevice-basedtrustanchor for IoT devices, enabling policy-driven provisioning,
access control and data protection for mission-critical IoTapplicationsandservices.
• Bastille:SecurityfortheInternetofRadiosBastille(https://www.bastille.net/)isthefirstcompanytoenableenterprise security teams to assess and mitigate the riskassociatedwiththegrowingInternetofRadios.Bastille’ssoftwareand security sensors bring visibility to devices emitting radiosignals (Wi-Fi, cellular, wireless dongles and other IoTcommunications) in the installed organization’sairspace. Bastille’s technology scans the entire radio spectrum,identifying devices on frequencies from 60MHz to 6 GHz. Thisdataisthengatheredandstored,andmappedsothatcompaniescan understand what devices are transmitting data, and fromwhere in their corporate airspace. This provides improvedsituational awareness of potential cyber threats and post-eventforensicanalysis.