Cloud-based security lifecycle management for connected objects. What is it and why is it important?
Connected device architecture is no longer an evolving concept. With the maturation of this methodology in today’s Internet of Things (IoT), new challenges are uncovered as the market compels vendors to innovate in the amount of services provided at the edge. Vendors and OEMs, in turn, are making end-user services more sophisticated, increasing the security spectrum of this framework. The need to update the firmware/software stems from the obsolescence of device security measures and improved services, and additionally are regulatory requirements, such as in the standards EN 303645 (Europe) and NIST SP 800-193 (USA). To mitigate the growing threats and vulnerabilities in the field and protect end-user devices from cyberattacks at both the network and device levels, a new strategy is needed to filter attacks in real time and implement a centralized protection mechanism for all connected modules. While device-to-device communication remains operational, a secure cloud-based device manager, capable of ensuring secure operation throughout the devices’ lifecycle is needed.
The generic phases of a device lifecycle encompass three major stages, namely device provisioning, which configures the device with the user-specific features and security configuration such as key provisioning and device registration, followed by the firmware/software update, which continues periodically or not until the final stage of the device which is decommissioning. However, in this lifecycle model, it is difficult to provide in-field security from the cloud since the only available means is updating which relies on identified and reported generic threats that are not specific to the IoT network in question or the fleet of devices. Therefore, a cloud-based device identity service is essential to manage individual devices and provide an identity access management for the devices connected to the network. In addition to that, the device identity entails various security services related to the device’s connectivity such as its authentication, attestation, and so on. Statistical analysis of active network data can improve network security but does not solve the problem of the device-level security which can become vulnerable between the time a new threat emerges, which may challenge the devices’ security, and the time the security patch is ready via a software update. The solution to this problem is to use an Intrusion Detection System (IDS).
An active IDS on the device can mitigate local threats by raising local or global alarms, but this system is limited in terms of threat model data and can result in an increase in false negatives over time. In addition, the device remains at the public side and therefore, tampering attacks can nullify or degrade the IDS detection capabilities. Therefore, the cloud can play a major role in protecting connected devices from 0-day attacks with an advanced AI-based monitoring service that analyzes anomalous behavior arising from the device endpoints and can provide several security measures such as active alerts and event management, and in critical cases, device isolation.
Therefore, we must now understand that a cloud-based security lifecycle management system is quite essential for sustained and protected operation of connected devices and for a safe IoT. Secure-IC continuously strives to improve device safety and security and is committed to providing state-of-the-art protection mechanisms to individual devices and connected device infrastructures.
Do you have questions on this topic and on our protection solutions? We are here to help.