This article was originally featured as a guest post on Venafi’s blog. Thales eSecurity and Venafi are technology partners.
One of the biggest threat to machine identities today is the integrity of the software that runs within them, and that dictates their programed function. Whereas many machines worked independently in the past, the availability of ubiquitous communications is making it possible for networks of machines - including sensors, cloud applications, and distributed controls - to work in concert. This change has significantly expanded the data available to machines and the number of distributed actions they can affect.
Protecting the identities of applications is one of three major challenges that must be addressed to ensure trust and facilitate the adoption of transformational technologies employing the use of connected devices (machines) in the rapidly growing Internet of Things (IoT) and DevOps environments.
1 - We need to be able to trust the data that comes from applications
Because machines increasingly talk to each other and exchange important data that they collect, strong mutual authentication and trust between these is critical. This is the first challenge, strong authentication requires trusted identities. If one cannot trust the machines, there is no point in collecting, running analytics, and executing decisions based on that data they collect.
2 - We need to be sure that data flows freely from application to application
The second challenge is the protection of the integrity and confidentiality of the data collected as it flows from machine to machine, including applications which execute decisions (often without human intervention) based on that data. Because machines collect sensitive and personal data, privacy and regulatory compliance must also be a concern.
3 - We need to constantly verify the integrity of the applications themselves
The third challenge, and the one I believe to be most concerning, is the threat to the integrity of the software. As machines (devices and applications) require regular updates as part of their lifecycle, the legitimacy and integrity of the downloaded code must be preserved to protect from potentially damaging malware and other attacks.
The reason this is such a critical issue is that the machine identity might remain intact, but its execution might become compromised. Think of this as a trusted soldier going rogue. The individual is still the same person, but they may shift their allegiance. If software upgrades are not properly signed to give them a verifiable identity, they can provide a conduit through which malware can be introduced to collect and re-direct sensitive data, compromise users’ privacy, and perform functions that are damaging to the enterprise.
Machine/device credentialing and code signing are fundamental aspect to consider when developing a comprehensive security strategy that addresses the increasing use of machines, and this is why code signing is so important. Enterprises embarking in digital transformation initiatives need to be cognizant of the potential threats to machine identities, including the identity of the software that machines run.
This is especially true in DevOps and other Fast IT environments. Because software is developed and deployed more quickly, attackers who want to assume the identity of a trusted enterprise are stealing the certificates that organizations use to sign their code. If an organization’s code-signing key or certificate is compromised, attackers can use it to authenticate malware so it can be distributed widely.
To address this challenge at scale, we need to offer applications the same protections that we provide for machines. Automated and secure cryptographic key orchestration is required to safeguard the identities of our applications.
To learn more visit Thales Booth 1222 and Venafi Booth 144 at Black Hat USA 2018 in Las Vegas. Or follow me on Twitter @asenjojuan