simple secure stealth - global sts · easier. mobility, multi-homing, and baseline end-to-end...
TRANSCRIPT
Copyright© 2018 PROENR Inc.
Advancing Paradigms
Cryptographic Hardened Stealth Networking & Security
July 26, 2018
Simple ! Secure ! Stealth
Copyright© 2018 PROENR Inc.
Advancing ParadigmsAdvancing Paradigms
July 26, 20182
Copyright© 2018 PROENR Inc.
Advancing ParadigmsAdvancing Paradigms
July 26, 20183
¤ The World Wide Web was invented in 1989. The internet was commercialized only 22 years ago.
¤ 40 million people used it then – today there are over 3.8 billion people using the internet - over half of the World’s population.
¤ The number of internet connected “things” exceeded our population back in 2008.
¤ The majority of Internet “users” are machines, not people.
¤ The number of connected Internet of Things (IoT) devices worldwide will jump 12 percent on average annually, from 20 billion in 2017 to 30 billion in 2020. (per IHS)
¤ The rate of internet connection is outpacing our ability to properly secure it.
Copyright© 2018 PROENR Inc.
Advancing ParadigmsAdvancing Paradigms
July 26, 20184
The original design of the TCP/IP Internet protocols was created for an environment where the end-users were assumed to be mutually trusting, and where the network was assumed to be inherently unreliable.
Today the underlying communication network is more diverse, sometimes even hostile, in addition to being unreliable, and a fraction of users must be assumed to be egregiously selfish or outright malicious.
Care needs to be exercised in the rapid and widespread adoption of IoT – in smart grids, for example – where the pace of adoption exceeds the pace of improvement.
Internet Protocol (IP) lack of security has fostered an entire industry. The unemployment rate in Cyber-Security is zero. Even though IP Security (IPSec), Domain Name Service Security (DNSSec), & other security mechanisms have introduced some levels of protection to IP, the concept of a secure identity for hosts is missing.
The challenge - IP addresses are mainly used as host identifiers besides their routing information.
A solution - the Internet Engineering Task Force (IETF) has proposed the Host Identity Protocol (HIP) for IPv4 and IPv6.
Copyright© 2018 PROENR Inc.
Advancing ParadigmsAdvancing Paradigms
July 26, 20185
The original ideas were formed through discussions at IETF meetings during 1998 and 1999. Since then, it has been developed by teams from Ericsson, Boeing, universities, and other companies. The Host Identity Protocol (HIP) reached first stable version in 2007.
Host Identity Protocol (HIP) creates a trusted network architecture that solves networking and security problems that traditional IT architectures cannot. It does so while reducing costs and dramatically simplifying deployment and management, without disrupting operations. Customers gain simpler connectivity, better security with less complexity, and without having to separate networking and security policies and technologies.
Host Identity Protocol (HIP)
Any IP resource can be easily moved across networks, subnets, or the cloud, and organizations can deliver secure remote connectivity, instant DR/failover, and secure machine-to-machine communications.
Copyright© 2018 PROENR Inc.
Advancing ParadigmsAdvancing Paradigms
July 26, 20186
HIP enhances the original Internet architecture by adding a name space used between the IP layer and the transport protocols.
This new name space consists of crypto- graphic identifiers, thereby implementing the identifier / locator split.
How does HIP work? The basic idea of HIP is toadd a new name space to the TCP/IP stack. These names areused above the IP layer (IPv4 and IPv6), in the transport layer(TCP, UDP, SCTP, etc) and above.
HIP and associated architecture is a new piece of technology that may have a profound impact on how the Internet will evolve over the coming years.
Copyright© 2018 PROENR Inc.
Advancing ParadigmsAdvancing Paradigms
July 26, 20187
The architectural enhancement implemented by HIP has profound consequences. A number of the previously hard networking problems become suddenly much easier. Mobility, multi-homing, and baseline end-to-end security integrate neatly into the new architecture. The use of cryptographic identifiers allows enhanced accountability, thereby providing a base for easier build up of trust.
From a functional point of view, HIP integrates IP-layer mobility, multi-homing and multi-access, security, NAT traversal, and IPv4/v6 interoperability.
HIP can be seen as restoring the now-lost end-to-end connectivity across various IP links and technologies, this time in a way that is secure and supports mobility and multi-homing.
HIP has profound consequences
Copyright© 2018 PROENR Inc.
Advancing ParadigmsAdvancing Paradigms
July 26, 20188
Value Proposition
¤ Private overlay networks isolated from the underlying network
¤ Underlying network can be any mix of:
¤ wired Ethernet, cellular, WiFi or SatCom networks
¤ Trust management based on hardened cryptographic identities
¤ rather than spoofable IP or MAC addresses
¤ Encryption of all data and information (AES-256 encryption)
¤ Cloaking of critical infrastructure
¤ Serial to IP encapsulation
Copyright© 2018 PROENR Inc.
Advancing ParadigmsAdvancing Paradigms
July 26, 20189
¤ Connectivity for any device, across any network, even cellular networks or public WiFi¤ With a single solution, enabling or revoking secure vendor access is now fast and simple¤ Peer-to-peer encryption and device-level micro-segmentation significantly improves security¤ No change to underlying routing and switching infrastructure
Micro-Segmentation
Copyright© 2018 PROENR Inc.
Advancing ParadigmsAdvancing Paradigms
July 26, 201810
Thank youPlease call or email Hakan Parker to answer any questions you may have and to discuss further.
Professional Engineering Resources
Telephone: +1 (832) 373-0864Email: [email protected]
Copyright© 2018 PROENR Inc.
Advancing ParadigmsAdvancing Paradigms
July 26, 201811
¤ New connections of devices and information
¤ Enhanced collection of data that grows from the connections of devices and information
¤ Advanced computation that transforms collected data into new possibilities
¤ Unique creation of new interactions, business models and solutions
IHS has identified four foundational, interconnected pillars at the core of the IoT movement: connect, collect, compute and create
Copyright© 2018 PROENR Inc.
Advancing ParadigmsAdvancing Paradigms
Our expertise includes Management consulting for entrepreneurial ventures & initiatives, divestiture & mergers and business process & systems evaluation and optimization.
Professional Engineering Resources specializes in delivering Information, Communication and Technology (I.C.T.) expertise, services and solutions. We have been recognized as subject matter experts and influencers in the analysis, design, planning, review and project management of Satellite Teleport & Data center Infrastructures, Managed Satellite Network Systems & Technologies and end user systems, applications and value added services.
Our people have extensive expertise in satellite & wireless communications, product & service development, Radio Frequency and Satcom System design, Satellite Network planning & design, business development, Quality policy / ISO9000 qualification, Project Management, and a myriad of other qualifications and expertise for your Information, Communication and Technology (I.C.T.) initiatives.
PEO
PLE
PRO
CESS
TECH
NO
LOG
Y
QU
LAIT
Y
Guiding pillars
July 26, 201812
Copyright© 2018 PROENR Inc.
Advancing ParadigmsAdvancing Paradigms
July 26, 201813
Evolution in user/password security
https://www.trusona.com