Position paper download

Sustainable device security: Breaking the hacker business model with software security

> Download our paper on Sustainable device security: Breaking the hacker business model with software security for full text

This position paper is for mobile phone and consumer electronics (CE) manufacturers and their reference design suppliers who are enabling devices to play back premium content.

Effective device security

An effective security solution for smartphones should address Integration, Attack Resistance and Attack Mitigation, which together enable sustainable device security and break the hacker business model. Any form of security—hardware or software—can eventually be cracked. Relying solely on tamper-resistant hardware for security may provide strong initial attack resistance but does nothing to reduce the impact of the inevitable successful attack.

Software security solutions are unique in that they enable diversity and renewability that together increase initial attack resistance and minimize the scope and longevity of a successful attack. This combination reduces hacker incentive and minimizes the hacker’s impact on the smartphone. Only through the flexibility of software security can manufacturers achieve sustainable device security while quickly bringing new products to market.

The hacker threat

Device security is increasingly important as digital content becomes pervasive. An increasing amount of personal information, confidential corporate information, trade secrets, and premium paid content must be protected from theft and alteration.

There has been and will continue to be an explosion of devices handling, storing, and transferring valuable digital information. These devices often run standard operating systems on widely available hardware platforms. The combination of a well-understood operating system and a familiar hardware platform exposes the device to a wider range of attack tools and hackers, dramatically increasing the probability of device security being compromised.

The content industry depends on premium (or paid-for) digital content to be securely distributed, stored and played by the consumer. Hacking and piracy cost the media industry hundreds
of millions of dollars each year. The onus is on the device manufacturer to create secure devices that meet anti-piracy requirements. When a device does not adequately protect content,
the capability to play back premium content on that device may be revoked.

To combat such attacks and reduce the risk of revocation, device manufacturers are looking for robust technical solutions that protect their revenues, their customers and their brand. This paper describes how device manufacturers can achieve sustainable and cost effective device security.

Breaking the hacker business model

Commercial hackers exist because it is financially attractive for them to be in business: the benefits of a successful attack exceed the cost to develop and implement the attack.

If a device manufacturer can make it difficult for hackers to have a sustainable business, the vast majority of hackers will focus their attention elsewhere—for example, on other devices. There are several ways to break the hacker’s business model:

• Make the hacking process more difficult and time consuming
• Limit the scope of a successful attack to a subset of the overall installed base
• Limit the longevity of a successful attack

Making it more expensive to successfully compromise a device is a useful and common approach in hardware and software security models. However, making it difficult for hackers to gain significant revenues from an exploit is more effective. Cloakware believes that only solutions that address all three of the points above provide a sustainable competitive advantage in the war against hackers. In the end, it is not about perfect security, but making hacking uneconomical.

Hardware-based security is sometimes harder to break in the first place, but once a successful attack is found, the whole device class is susceptible to the attack. Recovering from such an attack requires a significant amount of time and money. In short, hardware is often subject to a “class attack” and does not address the second and third points.

Cloakware’s software protection technology makes software structurally diverse in an automated fashion (1). Software diversity ensures that an automated attack (for example, a utility) cannot be applied broadly. There are many ways to deploy diversity: between customers, between devices, between software releases, and between end users. All such approaches reduce the benefit gained by a successful attack. The incentive to attack a system decreases significantly as diversity increases, as shown in Figure 1 (included in full paper).

Requirements for sustainable security

Digital media devices consist of both hardware and software components. At some location in the system architecture, the processing hardware interfaces with the operating system and device drivers. These interface points are typically the weakness in the security architecture and they require software-based security mechanisms. As all devices become more complex and full-featured, there is no question that sensitive software will eventually operate on valuable data.

The history of device security suggests that most platforms are eventually compromised, and both hardware and software can be successfully attacked given enough time and resources. For experienced device manufacturers, it is not a question of “if”, but rather “when” the security will be compromised. Thus, to create a sustainable security model, it is useful to separate the security requirements into the following three phases, as shown in Figure 4...

> Download our paper on Sustainable device security: Breaking the hacker business model with software security for full text.