News & Analysis
Comment
Les_Slater
This whole security issue should be solvable. I like Intel's approach but we're ...
DrQuine
The computer resources devoted to fighting Malware are staggering - often ...
Wolfe's Den: Intel Mauls Malware with Hardware Security
Alexander Wolfe
1/17/2013 10:50 AM EST
Labs View
As we look beyond the manageability engine, we're researching a general-purpose solution for being able to run high-trust computations on the open platform.
Wolfe: This relates to the big issue concerning everyone nowadays -- security in the cloud.
Rattner: We're working with Microsoft and Cisco and some other folks on something we call network enclaves, which is an architecture that allows for dramatically simpler cryptographic key management. It lets you build Internet-wide subnets, which are completely secure. Plus, the IT folks don't have to manage the individual keys, because they're derived from a single, master key associated with the enclave. It's going to take a few more years to get this to market.
What's Happening Today
Fast forward to last fall, when I visited Intel Labs. My briefings confirmed that progress is continuing on many fronts. Looming largest right now is what I'd call perimeter security. That goes both sideways, to include endpoint security -- keeping the bad guys from bringing their own devices onto your network -- and upstairs, where the data stairway to heaven (i.e., the cloud) requires protection.
I spoke with Sridhar Iyengar, director of security research at Intel Labs. "Where we're at is trying to figure out hardware primitives that make software secure," he said. Thus the aforementioned AES extensions are just the beginning.
Sridhar Iyengar, director of security research at Intel Labs.
Largely, that's because protection has evolved from stanching known threats to having to catch bad stuff you don't even know is there. As Iyengar put it: "In the case of anti-malware, to do pattern recognition, you have to have seen one to identify one."
Enter DeepSAFE. Jointly developed by Intel and McAfee, it's hardware-assisted and is perhaps the first instantiation of a changing approach. "The paradigm shift is from pattern recognition to behavioral techniques," Iyengar said.
For example, keeping an eye on actions which are taking place on a computer -- someone trying to write to disk-- can provide a heads-up on a breach, even if no well-defined malware executable can be found.
Yet what you do on your computer doesn't stay on your computer. It goes onto networks and over the Internet. "The problem we want to go after is, the privacy of your data after it leaves your platform," Iyengar said. "So for example, after you post a photo to Facebook, you have no control over it. I think in the grand vision, [we need to] figure out ways in which you can attach policies to data."
To that end, McAfee recently fielded its Social Protection App.
Other plays in the near-term security future apply secure wireless communication to improve client authentication at network end points. (Rattner discussed this during his keynote at the 2012 Intel Developer Forum in San Francisco last September. )
Biometrics (aka fingerprints) instead of passwords and the use of sensors to immediately lock your tablet once you put it down are also in the mix.
The upshot: We're amid a security arms race between the good guys and hackers. I should give other security vendors, like Trend Micro, Symantec, Microsoft, F-Secure, etc. their due, because in fairness everyone has been looking at the new generation of threats. The security industry is also working hard to secure the cloud.
We'll continue our tour of my Intel Labs visit next time.
Intel Labs Visit Stories:
Intel Simmers Social's Secret Sauce
As we look beyond the manageability engine, we're researching a general-purpose solution for being able to run high-trust computations on the open platform.
Wolfe: This relates to the big issue concerning everyone nowadays -- security in the cloud.
Rattner: We're working with Microsoft and Cisco and some other folks on something we call network enclaves, which is an architecture that allows for dramatically simpler cryptographic key management. It lets you build Internet-wide subnets, which are completely secure. Plus, the IT folks don't have to manage the individual keys, because they're derived from a single, master key associated with the enclave. It's going to take a few more years to get this to market.
What's Happening Today
Fast forward to last fall, when I visited Intel Labs. My briefings confirmed that progress is continuing on many fronts. Looming largest right now is what I'd call perimeter security. That goes both sideways, to include endpoint security -- keeping the bad guys from bringing their own devices onto your network -- and upstairs, where the data stairway to heaven (i.e., the cloud) requires protection.
I spoke with Sridhar Iyengar, director of security research at Intel Labs. "Where we're at is trying to figure out hardware primitives that make software secure," he said. Thus the aforementioned AES extensions are just the beginning.
Sridhar Iyengar, director of security research at Intel Labs.
Largely, that's because protection has evolved from stanching known threats to having to catch bad stuff you don't even know is there. As Iyengar put it: "In the case of anti-malware, to do pattern recognition, you have to have seen one to identify one."
Enter DeepSAFE. Jointly developed by Intel and McAfee, it's hardware-assisted and is perhaps the first instantiation of a changing approach. "The paradigm shift is from pattern recognition to behavioral techniques," Iyengar said.
For example, keeping an eye on actions which are taking place on a computer -- someone trying to write to disk-- can provide a heads-up on a breach, even if no well-defined malware executable can be found.
Yet what you do on your computer doesn't stay on your computer. It goes onto networks and over the Internet. "The problem we want to go after is, the privacy of your data after it leaves your platform," Iyengar said. "So for example, after you post a photo to Facebook, you have no control over it. I think in the grand vision, [we need to] figure out ways in which you can attach policies to data."
To that end, McAfee recently fielded its Social Protection App.
Other plays in the near-term security future apply secure wireless communication to improve client authentication at network end points. (Rattner discussed this during his keynote at the 2012 Intel Developer Forum in San Francisco last September. )
Biometrics (aka fingerprints) instead of passwords and the use of sensors to immediately lock your tablet once you put it down are also in the mix.
The upshot: We're amid a security arms race between the good guys and hackers. I should give other security vendors, like Trend Micro, Symantec, Microsoft, F-Secure, etc. their due, because in fairness everyone has been looking at the new generation of threats. The security industry is also working hard to secure the cloud.
We'll continue our tour of my Intel Labs visit next time.
Intel Labs Visit Stories:
Intel Simmers Social's Secret Sauce
|
|
|
|
|
Navigate to related information
EREBUS
1/17/2013 4:52 PM EST
After I loaded McAfee on one of my computers, I could not get rid of it. I understand the need for security, but I refuse to turnover complete control of my system to someone else.
There are many ways in which a secure working environment can be implemented for home and business systems.
The latest McAfee approach is not one of them. I now consider their software as dangerous as any virus I ever accidentally loaded.
Just my opinion.
Sign in to Reply
DrQuine
1/17/2013 10:29 PM EST
The computer resources devoted to fighting Malware are staggering - often greater than the time the computer spends doing "productive" work. Anything that can be done to improve security and CPU availability for the hapless human user would be much appreciated. Furthermore, current malware checking software is the cause of an inordinate number of computer lock-ups and issues. That said, the fundamental issue I see with hardware security is that it is relatively "fixed". When hackers have a stationary target, they can be devastating.
Sign in to Reply
Les_Slater
1/18/2013 12:58 PM EST
This whole security issue should be solvable. I like Intel's approach but we're up against some big issues that are designed to make commerce more convenient.
But the problem isn't convenience itself. The problem is that making the most profit out of every click, transaction, whatever, is what's turning into the PRIMARY driver of technology.
Sign in to Reply