Hardware-based security more effective against new threats

Hardware-based security more effective against new threats

Summary: Securing hardware components would prove more effective in today's security environment, given that many online threats are delivered via software or network vulnerabilities.

SHARE:
2

With software security tools and network vulnerabilities constantly being targeted by hackers, securing hardware components will grow in importance given it is more secure and cybercriminals will find it difficult to alter the physical layer for their purposes.

virtualization
Securing hardware components would prove more effective in today's security environment, given that many online threats are delivered via software or network vulnerabilities.

Patrick Moorhead, president and principal analyst of Moor Insight and Strategy, said hardware-based security is more secure than software tools such as antivirus since it cannot be altered. Hardware-based security refers to safeguarding the computer using components such as processors.

An RSA spokesperson added the physical layer eliminates the possibility of malware, such as virtual rootkits, from infiltrating the operating system and penetrating the virtualization layer.

In 2010, RSA, together with VMWare and Intel, introduced a proof-of-concept framework to integrate security into the entire hardware stack. Intel's Westmere processors were to be equipped with the Trusted Execution Technology (TXT) platform, which provides authentication for every step of the boost sequence--from verifying the hardware configurations and initializing the BIOS to launching the hypervisor.

Cathy Huang, industry manager of Asia-Pacific ICT practice at Frost & Sullivan, said PC makers and virtualization infrastructure providers such as HyTrust have since adopted the security framework, which represents an important component of Intel's vision to build security into the hardware layer.

Hardware security suited for current environment
The proliferation of Web-enabled wireless devices such as smartphones, tablets, game consoles and e-book readers also makes managing security across myriad platforms more complicated, she added.

"End-user software is often seen as being obtrusive and performance diminishing in these new age devices," Huang explained. "In theory, a hardware-based security would obviate these two obstacles and ensure a high level of trust in these devices."

Moorhead added that since the proof-of-concept framework was introduced by RSA, Intel and VMWare in 2010, there have been multiple efforts in incorporating a level of security into hardware devices.

One example is ARM's joint venture with Gemalto and Giesecke & Devrient to set up Trustonic in December 2012. The new entity focuses on expanding ARM's TrustZone security programming, which manifests as a security extension within the silicon and can be programmed into a smartphone's hardware. Giesecked & Devrient and Gemalto will provide the software to extend the hardware security parameters to the application layer.

Huang added that with an expected surge in machine-to-machine (M2M) communications, hardware-based security will be able to solve some of the legacy security issues associated with software and network.

Intel and VMWare did not respond to ZDNet Asia's requests for comments for this article.

End users apathetic
Consumers, however, remained oblivious and apathetic toward the IT industry's efforts to improve security.

Singapore-based Jake Chan told ZDNet he had no preference with regard to how security is deployed for his PC or mobile devices. "I'm sure different types of security will protect your device in some way so having any one of them will do," he said.

Insurance agent Alan Tan said he "did not care" if his smartphone had hardware security because he "trusted" the manufacturers. "The technology vendors manufacturing devices and PCs would probably know what they are doing to prevent cybercriminals from stealing our data," Tan stated.

Topics: Security, Hardware, Mobility

Ellyne Phneah

About Ellyne Phneah

Elly grew up on the adrenaline of crime fiction and it spurred her interest in cybercrime, privacy and the terror on the dark side of IT. At ZDNet Asia, she has made it her mission to warn readers of upcoming security threats, while also covering other tech issues.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

2 comments
Log in or register to join the discussion
  • Static coding

    Would achieve much the same result. The central issue is that code can be too easily changed, and digital signing is not enough.
    JustCallMeBC
  • But That Hardware Would Need Regular Software Updates...

    ...to keep up with new threats. And then that software becomes a source of vulnerabilities in itself...

    ...and you're right back to square one.
    ldo17