vulnerabilities, or even through zero day attacks, malware can
infest today’s most protected code storage devices. It’s true that
many memory devices today include a variety of data protection
features, such as block locking, write protection, and one time
programmability. The problem with all of these techniques is that
they are not cryptographic in nature. With access to a datasheet
and the appropriate level of system access, a would-be attacker
can easily circumvent most of today’s flash memory protection. If
the aforementioned trusted boot techniques are correctly applied,
these breaches will very likely be detected. Wouldn’t it be better to
avoid getting a case of strep throat all together than to go through a
10-day regimen of antibiotics?
What the industry needs is the equivalent of a flu shot to
protect its memory-hungry embedded devices. Each of the future
nodes within the connected castle needs to be immunized against
attacks before they can happen. This can only happen with more
robust security capabilities within the memory device itself. Do-
ing so will not only protect the computing device in the network,
but at all points prior to the network from its inception through
the supply chain.
Better memory security will in no way obviate the need for
the sound practices of code signing and measurement. After all,
good security is always based on multiple layers of security. The
ultimate goal should be to protect the memory along with the
system logic, and as a result the computing device as a whole will
become much more resilient to attack. ECN
The cell phone is the key
Enhancing physical security with bluetooth access control.
By Steve Spatig, General Manager, Southco’s Electronic
Access Solutions Strategic Business Unit
The widespread proliferation of smart phones and wireless communication technologies continues to inspire innovation in the many ways these connected devices can be used, from
monitoring home energy usage to remotely unlocking your automobile or residence.
With the expansion of the Internet of Things (Io T) and the
convergence of computer and telecommunications technologies,
the wireless phone has evolved to become an individual’s primary
link to the world around them. Therefore, it’s only natural that
the same phone that people use to shop, pay bills, and stay connected could also be used to manage physical access.
Bluetooth technology has been included as a standard feature