Protection paradigm is shifting from pattern recognition to behavioral techniques, says Intel Labs director of security research Sridhar Iyengar.
As we look beyond the manageability engine, we're researching a general-purpose solution for being able to run high-trust
computations on the open platform.
Wolfe: This relates to the big issue concerning everyone nowadays -- security in the cloud.
Rattner: We're working with Microsoft and Cisco and some other folks on something we call network enclaves, which is an architecture that allows for dramatically simpler cryptographic key management. It lets you build Internet-wide subnets, which are completely secure. Plus, the IT folks don't have to manage the individual keys, because they're derived from a single, master key associated with the enclave. It's going to take a few more years to get this to market.
What's Happening Today
Fast forward to last fall, when I visited Intel Labs. My briefings confirmed that progress is continuing on many fronts. Looming largest right now is what I'd call perimeter security. That goes both sideways, to include endpoint security -- keeping the bad guys from bringing their own devices onto your network -- and upstairs, where the data stairway to heaven (i.e., the cloud) requires protection.
I spoke with Sridhar Iyengar, director of security research at Intel Labs. "Where we're at is trying to figure out hardware primitives that make software secure," he said. Thus the aforementioned AES extensions are just the beginning.
Sridhar Iyengar, director of security research at Intel Labs.
Largely, that's because protection has evolved from stanching known threats to having to catch bad stuff you don't even know is there. As Iyengar put it: "In the case of anti-malware, to do pattern recognition, you have to have seen one to identify one."
Enter DeepSAFE. Jointly developed by Intel and McAfee, it's hardware-assisted and is perhaps the first instantiation of a changing
approach. "The paradigm shift is from pattern recognition to behavioral techniques," Iyengar said.
For example, keeping an eye on actions which are taking place on a computer -- someone trying to write to disk-- can provide a heads-up on a breach, even if no well-defined malware executable can be found.
Yet what you do on your computer doesn't stay on your computer. It goes onto networks and over the Internet. "The problem we want to go after is, the privacy of your data after it leaves your platform," Iyengar said. "So for example, after you post a photo to Facebook, you have no control over it. I think in the grand vision, [we need to] figure out ways in which you can attach policies to
To that end, McAfee recently fielded its Social Protection App.
Other plays in the near-term security future apply secure wireless communication to improve client authentication at network end points. (Rattner discussed this during his keynote at the 2012 Intel Developer Forum in San Francisco last September. )
Biometrics (aka fingerprints) instead of passwords and the use of sensors to immediately lock your tablet once you put it down are also in the mix.
The upshot: We're amid a security arms race between the good guys and hackers. I should give other security vendors, like Trend Micro, Symantec, Microsoft, F-Secure, etc. their due, because in fairness everyone has been looking at the new generation of threats. The security industry is also working hard to secure the cloud.
We'll continue our tour of my Intel Labs visit next time.
Intel Labs Visit Stories:
Intel Simmers Social's Secret Sauce