Intel Beyond The Horizon

David Durham, Principal Engineer, Security & Cryptography Research at Intel Labs, explains some of the issues facing his team in the demanding field of IT security as Intel strives towards a completely safe Internet.

The Internet remains full of promise but also peril. As the world becomes increasingly interconnected, barriers are breaking down: information can travel virtually anywhere in the blink of an eye and be accessible to almost anyone. However, as commerce, content, and personal information move en masse online, the motives for malice follow.

We are now encountering threats that are fundamentally unique to the virtual world. While the physical world of brick and mortar deals effectively with malicious individuals who have to abide by the constraints of space and time, online, botnets are forming vast overlay networks of zombie machines ready to do the bidding of a single master. Blended threats combine the best-known methods for individual attacks into entirely new composite forms, constantly changing to stay a step ahead of security solutions. Meanwhile, the inherent need for information replication, search, and dissemination creates ample opportunities for eavesdropping and identity theft. Intel is taking steps to help stem this tide of attack.

The first task before us is redefining the network endpoint itself. Leaving nowhere for malware to hide, under-the-OS security solutions can detect the stealthy rootkits and viruses that would otherwise infect and then lie dormant, waiting for commands to distribute spam, spread malware, steal information, or launch denial-of-service attacks. Using Intel® TXT™ it is possible to validate individual programs thereby enabling remote entities to trust the specific software services with which they are communicating. Finally, like a series of airlocks, Intel® VT™ based partitioning and compartmentalising of software components reduces exposure to a single failure, helping to fundamentally contain a point of compromise.

Intel is also improving the power and performance of computing in general - and cryptographic operations and algorithms in particular. Securing every network connection is becoming a real possibility. Data can be cost-effectively protected in transit and while at rest. New cryptographic instructions, simultaneous multithreading, and optimised cryptographic algorithms help to make the choice between security and no security obvious.

Another challenge is scaling trust within the vastness of the Internet. Intel is developing new algorithms that provide anonymous attestation, preserving an individual's privacy while still establishing trust at a distance. Revocable group identities can vouch for systems and software anonymously, scaling trust by removing the need for establishing individual identities for everything in the Internet. Also, even as attacks become increasingly distributed, so can the solutions. Intel’s research demonstrates that enlisting a broad array of endpoints to detect, report, and analyse anomalies in traffic patterns could be the answer to botnets in the Internet. Finally, community-based security solutions improve awareness and establish reputations in ad hoc infrastructures, absent of central administration.

While the vision of a completely safe Internet will likely remain elusive, much progress is being made. To learn more about these efforts, read the current edition of the Intel Technology Journal on Advances in Internet Security at www.intel.com/technology/ITJ.