Embedded World 2017 – Rambus is showcasing its IoT security service and technology in Qualcomm’s booth (3-141) from March 14-16, 2017. The Rambus demo utilizes the security capabilities in Qualcomm chipsets to facilitate secure IoT communication and lifecycle management.
Image Credit: Embedded World
Security features in the demo are also powered by Rambus’ CryptoManager platform, highlighting how IoT devices can provide increased protection to significantly reduce service vulnerability to Distributed Denial of Service (DDoS) attacks. In addition, the demonstration illustrates the benefits of moving hardware-based security into an integrated circuit, which effectively replaces external security chips and helps lower costs.
In terms of specifics, the Rambus demo spotlights a smart city application and includes the Qualcomm® SnapdragonTM 820 processor and QCA4010 Wi-Fi chip which connects to an IoT cloud service using a protected link. The Rambus technology enables seamless security-focused features that includes mutual authentication and encrypted communication to protect IoT devices from being exploited by hackers in malicious botnets. The technology is also designed to help prevent the IoT cloud service from being attacked by cloned devices.
As we’ve previously discussed on Rambus Press, the danger of nefarious attackers exploiting unsecured devices looms ever larger as more and more “things” connect to the Internet. Indeed, DDoS flooding attacks – which seek to disrupt legitimate access to online services – have been deemed “one of the biggest concerns” for cyber security professionals.
Protecting Internet infrastructure companies and services from DDoS attacks can be quite challenging, as it is often difficult to shield the IP layer from a concerted cyber offensive. However, it is important to note that the impact of DDoS attacks can be significantly mitigated by safeguarding vulnerable IoT endpoints. Put simply, protected IoT endpoints act as a critical bulwark against nefarious botnets that exploit and recruit hundreds of thousands of defenseless “zombie” devices.
For instance, an attacker cannot add a device to a botnet without establishing an unauthorized communication channel. Allowing only legitimate, verified cloud services to communicate with IoT devices will help prevent the creation of such rogue channels. This paradigm, facilitated by a hardware root-of-trust, ensures that each IoT device is uniquely and cryptographically verified to determine if it is authorized to connect to a specific service. Infected and hijacked devices that are not authenticated are denied access to the service – reducing the overall effectiveness (and damage) of a DDoS attack on a provider and other services.
It should be noted that an embedded hardware root-of-trust can also be used to help minimize vulnerabilities discovered in IoT products after deployment by providing a secure device management framework to push over-the-air (OTA) patches and firmware updates.
Interested in learning more about IoT security? You can check out our CryptoManager platform product page here and our white paper below.