Home  |  Newsletter | Feedback | Advertise - Online  | Help
Google
Web dqindia.com
Search by issue  | Sitemap

• Visit pcquest.com to know all about the business benefits of IT infrastructure outsourcing • Ad : Play and Plug ERP by IBM

 
 RSS |  Follow Us on twitter
Home > Security

New Technologies : From Prison Guard to Tour Guide
New security products evolve with the recent changes in threat species
Pratima Harigunani
Thursday, May 21, 2009
Print Comment Email DiggDigg DeliciousDel.icio.us RedittReddit TwitterTwitter

Whitelisting, virtualization based endpoint security (VIBES) and positive fingerprinting are soon going to mark their place in the security shelves. The driver would shift from protecting information and users by building a fort around, to a format of equipping them with bullet-proof protection instead.

As notoriety and publicity oriented mass-target attacks are being replaced by money oriented, small-multiple attacks in the new online threat landscape, we can also see criminals now looking at browsers as their new quarry. Attackers today are not targeting a device or a computer but information. This information as a target trend would be the underpinning of new security softwares and solutions too, explains Shantanu Ghosh from Symantec.

Information as a Target
So far all the malwares detected were through fingerprinting the bad guys, for instance, he illustrates, Through signatures of malicious programs, the anti-virus vendors used the same logic as cops do with fingerprints. But as the total number of malwares keeps ballooning at overwhelming rates, the same approach can turn into a performance killer with heavy loads of downloads every time. So there is a new approach of fingerprinting the good guys. The whitelisting approach is already showing its presence is Symantecs products.

There would be new technologies combining blacklisting and whitelisting, as well as for files which fall in none of these categories. This cool technology would work by using the repertoire of information of past actions and extrapolate to surmise a files genuine degree. says Ghosh.

Apart from this, Symantec is also working on browser-oriented technology of VIBES, which is in R&D mode and will appear as multiple products. VIBES stands for virtualization based endpoint security. VIBES leverages virtualization technology to protect end users by preventing sensitive data entered in online transactions from being stolen, and mitigating the risks associated with executing malicious content downloaded from the Internet. It transparently sets up multiple isolated virtual execution environments, each with its own level of trust, and this new approach significantly improves browser security by enabling users to seamlessly use different virtual execution environments to carry out different web transactions, says Ghosh.

The three virtual execution environments in the current VIBES prototype are user virtual machine, trusted virtual machine and playground machine. The first one handles browser based online transactions in the HTTP mode. The second one handles more sensitive transition in the HTTPS mode, while the third one is where more adventurous, untrusted activities are carried out, such as visiting unknown websites or downloading unknown applications.

The new security scenario will, in addition, see the challenging task of handling collision between enterprises and consumers. The next generation is growing up with digital devices and its a part and parcel of their everyday life. At the same time, enterprises have to put access barriers for employees devices. Add to that the issues of mobile workforce, anywhere workforce, etc. The way we do our jobs today is different than yesterday. Balancing security with productivity is going to be a challenge. End-point devices can allow high degrees of intelligence to juggle between security concerns and productivity issues.

Commenting about the recent changes in storage landscape with technologies like de-duplication, thin provisioning and Solid State Disks (SSD), Ghosh agrees that the magnitude is huge. Even more people are spending on storage due to the increase in information. Large parts of IT budgets are being used in storage, he says. He also point out that sophistication of new ways is affecting the utilization rates which are as low as 30%. Visibility and dashboards for users is what is needed along. Its time to change from a prison guard format of security to a tour-guide one that is helpful to users in a more hands-on and mobile way. This trend is what our software and products are moving towards. Our features and releases ahead will see multiple different products along these requirements. Ghosh says.

Pratima Harigunani
maildqindia@cybermedia.co.in

Page(s)   1  

Print Comment Email DiggDigg DeliciousDel.icio.us RedittReddit TwitterTwitter



ZTE:Leading CDMA Technology

Extraordinary Networks:Freedom of Choice





Collective Intelligence @ Work

Analysts: Guiding Stars or Shepherds?

How's the 'pitch' looking?

What's your Everest?

 

 

 

 

 

 

Magazine Subscription | Sitemap | Contact Us | About Us | Advertising Print | Mediakit Print | jobs@cybermedia
Other CyberMedia web sites
  [Voice&Data]  [CIOL]  [PCQuest]  [Living Digital]  [IDC India]
  [CIOL Shop]  [DQ Channels]  [DQweek]  [CyberMedia Events]
  [Cybermedia Digital]  [CyberMedia India]   [Cyber Astro
  [Global Services Media ]  [BioSpectrum]  [BioSpectrum Asia]

Copyright © CyberMedia. All rights reserved.
Reproduction in whole or in part in any form or medium without express written permission is prohibited.
Usage of this web site is subject to terms and conditions.