Defending the Internet of Things: Identity at the Core of Security
Attacks on traditional IT systems have resulted in massive loss of money, privacy and intellectual property. Even worse, attacks on the Internet of Things (IoT) potentially threaten our safety.
This threat landscape exists alongside the ever-increasing demand for more technology to be embedded into coordinated devices used in healthcare, automobiles, aviation, critical infrastructure and smart city initiatives.
More system complexity means that there is more threat surface that needs to be defended. It also means that there is more potential to make mistakes and introduce vulnerabilities.
The opportunity to create a safe and secure system occurs when we realize that perimeter defenses are insufficient and that we must engineer comprehensive security throughout system processes. In highly automated systems, connected devices must assure trust by assuring authenticity. Too often, devices in automated and coordinated systems do not challenge the authenticity of the source of the commands that they act upon.
In an ideal world, the identity of each system component would be authenticated, but system constraints demand that we optimize an architecture that achieves security and assures performance.Download File