NSA Gives $300,000 for a Safer Internet of Things

 images?q=tbn:ANd9GcR9mUNG-Uq28fIHFsB-EE9_X-W9XLX28-VXiyHVaKogGpELeOMq

Better Security Starts At The Design Phase.

The NSA is funding development for architecture for a "safer" Internet of Things (IoT), in the hope of incorporating better security at a product's design phase. The controversial US intelligence agency is bestowing a $299,000, one-year grant to the University of Alabama in Huntsville (UAH) for a project that aims to build a lightweight virtualisation architecture, which will make it easier to build security into IoT systems before they leave the factory.

A growing number of devices are being internet-enabled, thereby joining the IoT as smart meters, inter-enabled cars, and much, much more.

Unfortunately, little consideration has been given to security at the design phases, so that security flaws from weak authentication, crap crypto and glaring built-in web console flaws have become legion.As a result, cars have been remotely hacked while home routers have been left hopelessly insecure. The list is extensive, and growing.

Given its history, particularly when it comes to intercepting the supply chain of routers to plant backdoors, it might be tempting to think that the NSA wants to backdoor IoT devices too. But it's hardly worth the effort on kit that is wide open and insecure in the first place.
The UAH's Dielectric architecture aims to incorporate cybersecurity into the product design phase of IoT kit rather than bolting it on as an afterthought.

Experts in embedded systems and automotive systems will come together to work on the project. The approach could have applications in cloud-based systems, according to UAH.
"With the Internet of Things, one expects various 'things' – that is, embedded systems – to connect to the cloud," said Dr Etzkorn, a faculty member at UAH's computer science department. "We are examining security methodologies that can apply both at the embedded systems level and the cloud level."

The academics said the arrival of funds later this month will enable them to take on two graduate student researchers at the beginning of the autumn term and support them through the summer of 2016.
The research team will also include three faculty members from the UAH electrical and computer engineering department as well as two from its computer science department, as explained in a statement on the Dielectric architecture and the NSA grant here.

Register: http://bit.ly/1J6nn2r

« Assange Advised Snowden To Go to Russia
Cyberspies Impersonate Security Researcher »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Ambersail

Ambersail

Ambersail provide Penetration Testing and Cyber Security Compliance services.

NRD Cyber Security

NRD Cyber Security

NRD Cyber Security create a secure digital environment for countries, governments, and organisations and implement cybersecurity resilience enhancement projects around the world.

Lacework

Lacework

Lacework brings speed, scale, and automation to cloud security and allows security and DevOps teams to collaborate on keeping data and applications safe.

Nok Nok Labs

Nok Nok Labs

Nok Nok is a market leader in next generation authentication for cloud, mobile and IoT applications.

Tecnalia Research & Innovation

Tecnalia Research & Innovation

Tecnalia is the largest center of applied research and technological development in Spain, a benchmark in Europe and a member of the Basque Research and Technology Alliance.

ThriveDX

ThriveDX

ThriveDX, the world’s premier EdTech provider (formerly HackerU), champions digital transformation training as a means of empowering individuals to thrive in the age of digital disruption.

Broadcom

Broadcom

Broadcom is a global technology leader that designs, develops and supplies a broad range of semiconductor and infrastructure software solutions.

Cyber Security Authority (CSA) - Ghana

Cyber Security Authority (CSA) - Ghana

The Cyber Security Authority has been established to regulate cybersecurity activities in Ghana.

International Cyber Threat Task Force (ICTTF)

International Cyber Threat Task Force (ICTTF)

The International Cyber Threat Task Force is a not-for-profit initiative promoting the ecosystem of an International independent non-partisan cyber security community.

Obrela Security Industries

Obrela Security Industries

Obrela provides security analytics and risk management services to identify, analyze, predict and prevent highly sophisticated security threats in real time.

EdgeWatch

EdgeWatch

EdgeWatch is a platform that helps information accredited security practitioners discover, monitor, and analyze devices that are accessible from the Internet.

Mantodea Security

Mantodea Security

Mantodea Security is an industry-agnostic powerhouse backed by extensive experience and expertise in the realm of IT security.

VT Group (VTG)

VT Group (VTG)

VTG delivers force modernization and digital transformation solutions that expand America’s competitive advantage in the modern battlespace.

Identifid

Identifid

Identifid offers a suite of fraud prevention and identity authentication solutions to businesses and governments using the latest advances in AI, vision processing, and biometric recognition.

SignPath

SignPath

SignPath provides leading-edge software and SaaS services that ensure code integrity from development to distribution.

ColCERT

ColCERT

ColCERT is the national cybersecurity emergency response team of Colombia.