Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Building a Safe, Efficient, Cost-Effective Security Infrastructure
Newest First  |  Oldest First  |  Threaded View
OtherKen
50%
50%
OtherKen,
User Rank: Author
7/16/2018 | 2:25:10 PM
Re: hi
Paul

Thank you taking time to read my article. You are right that IoT is all about communication between things, people and the data. The challenge is how to manage all this new data and to determine what is important and what is not. I do not beleive we have that figured out yet but I am excited about the future of machine to machine communications and the edge compute architectures that it drives. This combined with 5G should make for an exciting time in tech over the next 10 years. 

Thanks again for the reply.

Ken
RetiredUser
50%
50%
RetiredUser,
User Rank: Ninja
7/13/2018 | 4:10:36 AM
Real-Time Video/Audio Scanning w/Shape Detection & Adaptive Pattern Recognition
One of the things we see often in suspense thrillers is the "eye in the sky" concept. In fact, IoT is absolutely at the heart of what is possible in terms of securing public and private safety. By putting focus on Internet and Cellular infrastructure to increase bandwidth, accessibility and interoperability, security specialists utilizing specialized software can bring a true sense of real-time security not based on intel (a slow process often taking years to gather, months to analyze and response times to events often too late) but based on shape detection and pattern recognition, for a start, that suggest or conclusively identify risk. Putting AI behind access to real-time video feeds may reveal illegal activities not obvious to the naked eye, or hidden from view to human eyes but captured in cell and camera video feeds or even audio feeds.

Such an infrastructure meets the 1) "safe" and 2) "efficient" criteria. Such technology is no longer just in the hands of the military or agencies like the CIA. One need only scan papers written in 2017 and 2018 on IEEE or Springer, for instance, to see the technology is already here, in some cases in piece-meal spread across different projects and disciplines, but ready to bring together. Often only policies and laws are keeping such a fully realized security system from coming to fruition. However, one element that could be preventing it is the "cost-effective" factor. For, even if privacy laws were adjusted and put into effect to allow such a system to be properly designed and implemented, cost could delay it.  A good portion of that cost would be divided between hardware (of course) and security - yes, such a system would need to be incredibly secure to prevent it from being turned from a safeguard into a weapon.

There are options, of course. One of the early projects I admired related to the "Internet anywhere" idea was FreedomBox. Acting as a wireless access point, you could theoretically plug this in anywhere and give access to anyone to WiFi for free. Imagine a distribution of video/WiFi access point units strategically placed throughout cities and camouflaged such that 90% of the boxes would remain untouched annually. These would then be accessible to AI-driven apps that would scan live video and in real-time perform the functions previously described. Add to that scans of live news broadcasts, Facebook and Instagram live feeds, and so on. Here would be one component of a security infrastructure that could become essential to future public security.

Now, how to solve the myriad privacy concerns that would slow down such a project?
PaulChau
50%
50%
PaulChau,
User Rank: Strategist
7/12/2018 | 10:59:12 PM
hi
Right now, the most important commodity in the world is the ability for swift and efficient communication. Not just amongst people but amongst things to, and that's why this whole internet of things thing has come about isn't it? I'm sure that people will figure out a way to get better at collecting data from different points in a system and when that happens, you'll be surprised at what we can achieve with everything moving smoothly from process to process.


COVID-19: Latest Security News & Commentary
Dark Reading Staff 5/22/2020
How an Industry Consortium Can Reinvent Security Solution Testing
Henry Harrison, Co-founder & Chief Technology Officer, Garrison,  5/21/2020
Is Zero Trust the Best Answer to the COVID-19 Lockdown?
Dan Blum, Cybersecurity & Risk Management Strategist,  5/20/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-13485
PUBLISHED: 2020-05-25
The Knock Knock plugin before 1.2.8 for Craft CMS allows IP Whitelist bypass via an X-Forwarded-For HTTP header.
CVE-2020-13486
PUBLISHED: 2020-05-25
The Knock Knock plugin before 1.2.8 for Craft CMS allows malicious redirection.
CVE-2020-13482
PUBLISHED: 2020-05-25
EM-HTTP-Request 1.1.5 uses the library eventmachine in an insecure way that allows an attacker to perform a man-in-the-middle attack against users of the library. The hostname in a TLS server certificate is not verified.
CVE-2020-13458
PUBLISHED: 2020-05-25
An issue was discovered in the Image Resizer plugin before 2.0.9 for Craft CMS. There are CSRF issues with the log-clear controller action.
CVE-2020-13459
PUBLISHED: 2020-05-25
An issue was discovered in the Image Resizer plugin before 2.0.9 for Craft CMS. There is stored XSS in the Bulk Resize action.