NSA Gives $300,000 for a Safer Internet of Things

Uploaded on 2015-09-07 in TECHNOLOGY--Developments, NEWS-News Analysis, FREE TO VIEW, BUSINESS-Services-IT & Telecoms, TECHNOLOGY-Key Areas-Internet of Things

 images?q=tbn:ANd9GcR9mUNG-Uq28fIHFsB-EE9_X-W9XLX28-VXiyHVaKogGpELeOMq

Better Security Starts At The Design Phase.

The NSA is funding development for architecture for a "safer" Internet of Things (IoT), in the hope of incorporating better security at a product's design phase. The controversial US intelligence agency is bestowing a $299,000, one-year grant to the University of Alabama in Huntsville (UAH) for a project that aims to build a lightweight virtualisation architecture, which will make it easier to build security into IoT systems before they leave the factory.

A growing number of devices are being internet-enabled, thereby joining the IoT as smart meters, inter-enabled cars, and much, much more.

Unfortunately, little consideration has been given to security at the design phases, so that security flaws from weak authentication, crap crypto and glaring built-in web console flaws have become legion.As a result, cars have been remotely hacked while home routers have been left hopelessly insecure. The list is extensive, and growing.

Given its history, particularly when it comes to intercepting the supply chain of routers to plant backdoors, it might be tempting to think that the NSA wants to backdoor IoT devices too. But it's hardly worth the effort on kit that is wide open and insecure in the first place.
The UAH's Dielectric architecture aims to incorporate cybersecurity into the product design phase of IoT kit rather than bolting it on as an afterthought.

Experts in embedded systems and automotive systems will come together to work on the project. The approach could have applications in cloud-based systems, according to UAH.
"With the Internet of Things, one expects various 'things' – that is, embedded systems – to connect to the cloud," said Dr Etzkorn, a faculty member at UAH's computer science department. "We are examining security methodologies that can apply both at the embedded systems level and the cloud level."

The academics said the arrival of funds later this month will enable them to take on two graduate student researchers at the beginning of the autumn term and support them through the summer of 2016.
The research team will also include three faculty members from the UAH electrical and computer engineering department as well as two from its computer science department, as explained in a statement on the Dielectric architecture and the NSA grant here.

Register: http://bit.ly/1J6nn2r

« Assange Advised Snowden To Go to Russia
Cyberspies Impersonate Security Researcher »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

BCS, The chartered Institute for IT

BCS, The chartered Institute for IT

BCS provides IT professionals with up to date and relevant certifications enabling them to manage IT security effectively within their budget.

Bishop Fox

Bishop Fox

Bishop Fox is a leading authority in offensive security, providing solutions ranging from continuous penetration testing and attack surface management to product and application security assessments.

TenIntelligence

TenIntelligence

TenIntelligence provides due diligence, brand protection and fraud investigation services including digital forensics.

Asigra

Asigra

Asigra provides an industry leading cloud backup and recovery software platform called Asigra Cloud Backup.

Daon

Daon

Daon offers a universal biometric authentication platform for mobile devices.

Datacom Systems

Datacom Systems

Datacom Systems is a leading manufacturer of network visibility solutions.

Rhebo

Rhebo

Rhebo Industrial Protector monitors and ensures the continuous, correct, and predictable operation of real-time Industrial Control Systems to prevent outages and reduce downtimes.

CETIC

CETIC

CETIC is an applied research centre in the field of ICT. Key technologies include Big Data, Cloud Computing, the Internet of Things, software quality, and trust and security of IT systems.

Elron Ventures

Elron Ventures

Elron partner with early stage ventures to build companies that transform lives and industries. Our main areas of focus are enterprise software, cybersecurity, and healthcare.

UK Research & Innovation (UKRI)

UK Research & Innovation (UKRI)

UKRI works in partnership with universities, research organisations, businesses, charities, and government to create the best possible environment for research and innovation to flourish.

Nemko

Nemko

Nemko offers testing, inspection, and certification services worldwide, mainly concerning products and systems, but also for machinery, installations, and personnel.

FortifyData

FortifyData

FortifyData is the next generation of cyber risk management–a comprehensive platform that continuously evaluates your third-party, internal and people risks.

Strategic Technology Solutions (STS)

Strategic Technology Solutions (STS)

Strategic Technology Solutions specialize in providing Cybersecurity and Managed IT Services to the legal industry.

IT Solutions Consulting

IT Solutions Consulting

IT Solutions is a full-service IT partner providing managed services and other information technology solutions nationwide.

L&T Technology Services (LTTS)

L&T Technology Services (LTTS)

L&T Technology Services Limited (LTTS) is a global leader in Engineering and R&D (ER&D) services.

Superna

Superna

Superna is the global leader in data security and cyberstorage solutions for unstructured data, both on-prem and in the hybrid multi-cloud.