Solution Providers Applaud New Security Protocol, Citing Security Concerns For IoT
A conglomerate of technology vendors, including ARM, Symantec, and Sprint, said Wednesday they are developing a protocol to address security challenges in the Internet of Things.
Solution providers are applauding the Open Trust Protocol (OTrP), which they say will enable an open standard for trusted software to provide a system root-level of trust with customers who are concerned about IoT security.
Michael Goldstein, president and CEO of LAN Infotech, a Fort Lauderdale, Fla.-based Symantec and Microsoft partner, said security is top-of-mind with customers with whom he has talked to about the Internet of Things.
’I think there is a need for [security] standards,’ said Goldstein. ’A viable standard in the industry is still far off, but customers today understand that they need more security, particularly on home networks, with the Internet of Things.’
While Gartner estimates that 20 billion devices will be connected in 2020, there isn’t yet any sort of standard applied to security in these devices, opening them up to potential cyber security breaches.
The planned protocol, which will be designed to provide secure architecture and code management to protect connected devices, will be compatible with security systems such as ARM’s TrustZone-based Trusted Execution Environments, which is designed to protect mobile computing devices from attacks.
’In an internet-connected world, it is imperative to establish trust between all devices and service providers,’ said Marc Canel, vice president of security systems at ARM. ’Operators need to trust devices their systems interact with and OTrP achieves this in a simple way. It brings e-commerce trust architectures together with a high-level protocol that can be easily integrated with any existing platform.’
Rob Chamberlin, co-founder and executive vice president of Berkeley, Calif.-based DataXoom, a solution provider that works with Sprint, said security concerns surrounding IoT are prevalent among large enterprises.
’As large companies continue to embrace the Internet of Things, security is going to become a much more important aspect of any large enterprise implementation,’ he said.
The new protocol will be used with Public Key Infrastructure and Certificate Authority-based trust architectures, which enable service providers, app developers and OEMs to utilize their own keys to authenticate and manage software and data assets.
Goldstein, for his part, said his company is currently looking at the Internet of Things from a security perspective, particularly from the role that wireless networks play in IoT.
’For us, we want customers to know that if they access their networks, files will be protected, even as IoT grows,’ he said.
Other companies joining in to work on the protocol include Intercede, Solacia, Verimatrix, and Thundersoft.