With IoT devices encompassing just about everything – refrigerators, washers, dryers, drones, security cameras and the like – the amount of data created by these devices is going to exceed the bandwidth of the internet. There is just not enough fiber and bandwidth between just about everywhere and cloud providers. This means we are going to have to start processing and storing data near its creation point and pushing what is needed or legally required to clouds of the future. So what security features should we be asking and planning for, at home and work or near your local repository data, to protect data which will become information that can be used for and against everyone, both today and in the future?
Security Layers of the Future
There are likely several things that are going to be needed in the future that we do not have now, or we are slow to implement for local data collection. Here are a few that come to mind:
1. IPv6 and IPsec for devices from your refrigerator to your local NAS. These features have been mandated by some U.S. Government agencies and businesses, with more to come. There are lots of reasons for this, but security is one of the main ones.
2. Data encryption at rest (DAR) for all storage devices so that someone cannot snatch and grab devices and get the data.
3. A security framework that signs all of the firmware and OS upgrades to ensure that updates are really the update from the company that made the device and do not have backdoors.
4. With all the talk about quantum computers, we are going to need to change our encryption algorithms in the future to quantum-resistant algorithms. Here is a National Institute of Standards publication on quantum-resistant algorithms.
IPv6 has been around for decades. It became a draft standard in 1998, but work had started at the beginning of the 1990s. IPv6 provides for:
1. Mandatory use of IPSec, which is important as data streams such as video could potentially be changed in real time, given the speed and performance of new GPUs
2. Large Addressing Space means potential hackers would need to perform a net scan of 2^64 (18446744073709551616) hosts, which is not very likely
3. Neighbor Discovery and address auto-configuration make IPv6 more secure than its predecessor
It is going to be important for all devices to run IPv6 and encrypt all data traffic both within the internal network and externally. Every device on the network should both use WiFI encryption, IPv6 and IPsec to reduce the potential for attacks like the casino fish tank attack. We all need to demand with our wallets that all devices run IPv6 with IPsec and support enterprise-grade WIFI encryption to reduce the potential for devices to be compromised. Rest assured that you are likely going to need to upgrade communications technically more quickly than you upgrade devices. For example WIFI router that are 10 years old are likely need very secure, but your refrigerator will likely last more than 10 years.
I have written about DAR before (here and here) but for most organizations this is not a requirement, although there are often mandates. In the U.S. in some environments, the cryptographic module must be certified though the FIPS standards process from the National Institute of Standards (NIST), and other certifications that are required for devices with DAR include Common Criteria both in the US and in other parts of to the world especially in the EU.
Signed OS and Firmware
NIST has a new set of guidelines called NIST 800-193, which is titled Platform Firmware Resiliency Guidelines and came out in May 2018. The underlying goals and principles of these guidelines are:
· Protection: Mechanisms for ensuring that Platform Firmware code and critical data remain in a state of integrity and are protected from corruption, such as the process for ensuring the authenticity and integrity of firmware updates
· Detection: Mechanisms for detecting when Platform Firmware code and critical data have been corrupted
· Recovery: Mechanisms for restoring Platform Firmware code and critical data to a state of integrity in the event that any such firmware code or critical data are found to have been corrupted, or when forced to recover through an authorized mechanism. Recovery is limited to the ability to recover firmware code and critical data.
Quantum Computing is likely Coming
While there is some question of when quantum computing will happen, too many corporations and nations are working on quantum systems for quantum computing not to happen. The only question is when, whether 4, 6 or 10 years out. Initially it is likely that quantum systems will be used for good, such as health care, weather prediction and systems design, and of course national interests such as defense, but we all know that good will not last forever and it can and will be used for nefarious purposes shortly after introduction regardless of access protections. The impact will be tremendous, from cryptographic hashes to encryption algorithms. It is possible that everything done in the past will have to be redone with new algorithms, which will likely be very costly given that initial quantum systems will be very expensive and the new algorithms will take significant time. So you might ask why don't we start today with quantum resistant algorithms, and the answer in my opinion is the cost in CPU time, memory, and I/O to implement quantum resistant algorithms on today's limited hardware. There are really no good solutions as far as I can see doing it now has a high cost and doing it after quantum is here has a high risk.
Data at the edge going to be a way of life within a few short years. You will likely not have the protections that you have in major datacenters, with guards, cameras, policies for data destruction and other ecosystem pieces. Data is not going to stop growing faster than density trends. Higher-resolution cameras, more lenses and more sensors everywhere are just a few of the reasons why this trend is not going to change. Current data security policies are designed in my opinion around two basic workflows:
· Consumer homes, where security does not matter for most, and enterprises,
· Enterprise where security does matter, given penalties for compliance failures and data breaches.
The cost of building enterprise data centers at the edge to store all of the data in a near-local way is not going to happen, given the availability of infrastructure and the costs for upgrades. Storage of data at the edge is both a security problem and a storage problem and there is in my opinion going to have to be some architectural tradeoffs with IT security, power, cooling and armed guards being a few of the potential differences between the enterprise and the edge.
Millions of cat pictures do not need to be stored in full resolution for long periods of time, but video surveillance of you home will likely need to be stored for far longer, as it might show someone casing your home to determine areas where the camera coverage allows them to escape detection. All of these new security methods need to take into account the ever-changing security arms race or maybe, as I think things are going to get far worse than they are today. I think there is a high risk of a bleak future for less tech savvy people, as I believe there are a number of disruptive changes that will require regular changes not just at your home, but end to end for everyone’s security posture. Understanding what needs to be changed and when, will be difficult to understand and is ripe for disreputable sales tactics.
The views and opinions expressed in this article are those of the author and do not necessarily reflect any policy or position of Seagate Government Solutions or Seagate Technology.