|Home||Internet of Things||Aerospace||Apparel||Energy||Defense||Health Care||Logistics||Manufacturing||Retail|
Sorting Out Security: Making Sense of Today's Solutions
Security at the process level is essential to creating an immunity to the cyberattacks of tomorrow.
Encryption and Cryptography
This is an example of communications security. Its "secure processors" ensure that any data going to and from the device is encrypted, making data theft or exfiltration impossible—or, at least, a huge amount of work for an attacker.
Encrypting communication is important, and even vital in many situations, but it doesn't warrant calling the processor a "secure processor," because it doesn't protect against attacks that prey on software vulnerabilities. Attackers can still exfiltrate data by bypassing encryption routines. An attacker can exploit a software vulnerability, execute a buffer overflow, inject code and take over the processor. Once that has occurred, securing communications becomes meaningless.
Compartmentalization may limit an attacker's impact, but it does not protect against the exploitation of software vulnerabilities in the first place. Moreover, it doesn't stop an attacker from finding and exploiting a vulnerability in the "trusted" area of memory—especially since, in practice, people are putting more and more code into these trusted areas that are still subject to the "15 bugs per thousand lines of code" rule.
Login and post your comment!
Not a member?
Signup for an account now to access all of the features of RFIDJournal.com!
SEND IT YOUR WAY
RFID JOURNAL EVENTS
ASK THE EXPERTS
Simply enter a question for our experts.
TAKE THE POLL
|RFID Journal LIVE!||RFID in Health Care||LIVE! LatAm||LIVE! Brasil||LIVE! Europe||RFID Connect||Virtual Events||RFID Journal Awards||Webinars||Presentations|