Internet of Things security, with all its dramatic implications of physical safety and privacy concerns, started ramping up quite a few years ago. Initially, my team worked on a security model for IoT, mapping the actors, the threats and the required protections. We came up with several ideas from this model and work, and we felt we were better equipped to start addressing the security concerns we identified. What stood above the rest is the understanding that while the IoT security world is large and complex — and scary — many of the current and anticipated problems can be addressed by simple means. We understood that application authors are frequently either unaware of the security implications of their code or aren’t careful enough to handle implementation subtleties. Both of these greatly affect their application security. For example, a developer may not realize that passwords need to be protected from brute-force attacks, or that some block ciphers are considered unsafe and are not recommended for use. Often when security is mentioned, people tend to address it with encryption or network segmentation and then call their development “secure.” These are important tools for better security, don’t get me wrong, but they’re not enough. There are other aspects, like the use of adequate encryption ciphers, proper password management, a nice solid authorization model, and simple user management. Nothing fancy, as we are talking about pretty simple devices and simple use cases. So, your TV needs a simple notion of users — one for the casual viewer and one for the “admin” who performs configurations (like blocking certain channels or setting the ideal color profile). Why would an application developer need to develop it from scratch? A sensor on your production floor needs to connect over wifi to submit its metrics — why should it store the credentials in the clear? We said to ourselves (feeling very smug) “hey, we know security — why don’t we provide decent implementations for all these aspects?” And so libsecurity came to be. libsecurity is a) complete in the sense that it offers everything a developer needs (well, ok, eventually it will); b) small in the sense that its scope is restricted and its implementation requirements are scoped; and c) correct in the sense that we take extra effort in reviewing and testing. And while we paint it in IoT colors, it can actually be used in many scenarios that require simple, down to earth security. We are happy to put it out there for everybody to use. We can certainly benefit from additional input about its functionality (i.e. what is missing, what isn’t clear) and hope you can benefit from what it has to offer. If our vision is right, it will relieve you from worrying about a number of security features and will save the world a couple of security-induced problems. Oh, what a wonderful world it will be. This initial release is coded using golang (aka Go Language), and therefore is easily portable to every environment on which golang runs. It can be used both as a library or as a daemon using its RESTful API. We are working on a pure C implementation, which will also benefit from formal verification (and here we are relying on the vast IBM expertise around model-checking and static analysis). No concrete plans have yet been made on its release date or form of the C version though. But drop me a line if you need more details.

Join The Discussion

Your email address will not be published. Required fields are marked *