Secure hardware, smarter software can help thwart cyberattacks
- By Henry Kenyon
- Oct 25, 2011
Hackers and network administrators fight a never-ending battle across cyberspace, but some new policies, techniques and technologies being developed or just entering the marketplace can help keep government networks one step ahead of the bad guys, a panel of experts said.
While preventing or detering attacks on computers and networks is the core of cyber defense, the nature of most hacking attacks is changing, explained Tim Polk, a computer scientist with the National Institute of Standards and Technology (NIST). Polk was part of a panel discussing the latest trends in technologies for protecting systems Oct. 24 at the Executive Leadership Conference in Williamsburg, Va.
Attacks that once focused on a computer’s operating system are now moving to applications, the basic input/output system (BIOS) or firmware. The shift is forcing designers to look at defending different parts of a computer system, he said. This is an issue because, in the commercial world, many products and services are now interconnected, which creates a large number of attack vectors, Polk said.
The security singularity: When humans are the biggest problem
Advanced persistent threats are a new way of life
To develop good authentication, Polk cited several key areas: measurable security mechanisms, measuring the security of running systems and evaluating systems. For measurable security mechanisms, cryptographic measurements are more effective than red teaming, Polk said. However, comparing the mechanisms of different types of security system is still an art form.
Measuring the security of running systems requires risk-based access control, Polk said. For administrators, they must consider if it is safe to:
- Let a wireless device on the network.
- Let a device or program access agency data.
- Run application on the network.
This process ensures that a device is cleared to run on a government network or that an application is cleared to operate on a government cloud, Polk said.
On the hardware end of things, microchip developer Intel has been working on building security features directly into its products, said Kevin Fiftal, an account manager with Intel’s government business division.
Hardware is at the root of trust security, which is why Intel bought McAfee, Fiftal said. McAfee security technology can now be built directly into the firm’s microchips, which helps mitigate risk, he said.
Some of Intel’s security initiatives include:
- Identity protection technology embedded on Intel chips.
- Enhanced Privacy Identification (EPIP). Intel plans to apply EPIP technology across its entire product spectrum from desktops to mobile devices.
The National Science Foundation (NSF) has been tackling a variety of cyber and computer security research topics since 2001, when it launched the Trusted Computing Program, said Carl Landwehr, the program’s director. There are currently some 540 awards to academic organizations for cyberspace and computing research, he said.
Four three-year research awards were issued in 2010. They are:
- Future Internet Architectures program.
- Mobility First.
- Expressive Internet Architecture.
- Nebula (cloud computing).
NSF grant recipients are also investigating cloud architectures through the Trustworthy Computing Environment, Landwehr said. Other areas of NSF-funded research that may provide future results include: work on automated vulnerability checks in software, automated configuration management for hardware, and novel methods for detecting and preventing hardware Trojan horse programs.