Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Building a Safe, Efficient, Cost-Effective Security Infrastructure
Newest First  |  Oldest First  |  Threaded View
OtherKen
50%
50%
OtherKen,
User Rank: Author
7/16/2018 | 2:25:10 PM
Re: hi
Paul

Thank you taking time to read my article. You are right that IoT is all about communication between things, people and the data. The challenge is how to manage all this new data and to determine what is important and what is not. I do not beleive we have that figured out yet but I am excited about the future of machine to machine communications and the edge compute architectures that it drives. This combined with 5G should make for an exciting time in tech over the next 10 years. 

Thanks again for the reply.

Ken
RetiredUser
50%
50%
RetiredUser,
User Rank: Ninja
7/13/2018 | 4:10:36 AM
Real-Time Video/Audio Scanning w/Shape Detection & Adaptive Pattern Recognition
One of the things we see often in suspense thrillers is the "eye in the sky" concept. In fact, IoT is absolutely at the heart of what is possible in terms of securing public and private safety. By putting focus on Internet and Cellular infrastructure to increase bandwidth, accessibility and interoperability, security specialists utilizing specialized software can bring a true sense of real-time security not based on intel (a slow process often taking years to gather, months to analyze and response times to events often too late) but based on shape detection and pattern recognition, for a start, that suggest or conclusively identify risk. Putting AI behind access to real-time video feeds may reveal illegal activities not obvious to the naked eye, or hidden from view to human eyes but captured in cell and camera video feeds or even audio feeds.

Such an infrastructure meets the 1) "safe" and 2) "efficient" criteria. Such technology is no longer just in the hands of the military or agencies like the CIA. One need only scan papers written in 2017 and 2018 on IEEE or Springer, for instance, to see the technology is already here, in some cases in piece-meal spread across different projects and disciplines, but ready to bring together. Often only policies and laws are keeping such a fully realized security system from coming to fruition. However, one element that could be preventing it is the "cost-effective" factor. For, even if privacy laws were adjusted and put into effect to allow such a system to be properly designed and implemented, cost could delay it.  A good portion of that cost would be divided between hardware (of course) and security - yes, such a system would need to be incredibly secure to prevent it from being turned from a safeguard into a weapon.

There are options, of course. One of the early projects I admired related to the "Internet anywhere" idea was FreedomBox. Acting as a wireless access point, you could theoretically plug this in anywhere and give access to anyone to WiFi for free. Imagine a distribution of video/WiFi access point units strategically placed throughout cities and camouflaged such that 90% of the boxes would remain untouched annually. These would then be accessible to AI-driven apps that would scan live video and in real-time perform the functions previously described. Add to that scans of live news broadcasts, Facebook and Instagram live feeds, and so on. Here would be one component of a security infrastructure that could become essential to future public security.

Now, how to solve the myriad privacy concerns that would slow down such a project?
PaulChau
50%
50%
PaulChau,
User Rank: Strategist
7/12/2018 | 10:59:12 PM
hi
Right now, the most important commodity in the world is the ability for swift and efficient communication. Not just amongst people but amongst things to, and that's why this whole internet of things thing has come about isn't it? I'm sure that people will figure out a way to get better at collecting data from different points in a system and when that happens, you'll be surprised at what we can achieve with everything moving smoothly from process to process.


COVID-19: Latest Security News & Commentary
Dark Reading Staff 10/27/2020
Chinese Attackers' Favorite Flaws Prove Global Threats, Research Shows
Kelly Sheridan, Staff Editor, Dark Reading,  10/27/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-25516
PUBLISHED: 2020-10-29
WSO2 Enterprise Integrator 6.6.0 or earlier contains a stored cross-site scripting (XSS) vulnerability in BPMN explorer tasks.
CVE-2020-27652
PUBLISHED: 2020-10-29
Algorithm downgrade vulnerability in QuickConnect in Synology DiskStation Manager (DSM) before 6.2.3-25426-2 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via unspecified vectors.
CVE-2020-27653
PUBLISHED: 2020-10-29
Algorithm downgrade vulnerability in QuickConnect in Synology Router Manager (SRM) before 1.2.4-8081 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via unspecified vectors.
CVE-2020-27654
PUBLISHED: 2020-10-29
Improper access control vulnerability in lbd in Synology Router Manager (SRM) before 1.2.4-8081 allows remote attackers to execute arbitrary commands via port (1) 7786/tcp or (2) 7787/tcp.
CVE-2020-27655
PUBLISHED: 2020-10-29
Improper access control vulnerability in Synology Router Manager (SRM) before 1.2.4-8081 allows remote attackers to access restricted resources via inbound QuickConnect traffic.