Advertisment

From prison guard to tour guide

author-image
DQW Bureau
New Update





Advertisment

Whitelisting, virtualization-based endpoint security (VIBES) and positive

fingerprinting are soon going to mark their place in the security shelves. The

driver would shift from protecting information and users by building a fort

around, to a format of equipping them with bullet-proof protection instead.

As notoriety and publicity oriented mass-target attacks are being replaced by

money oriented, small-multiple attacks in the new online threat landscape, we

can also see criminals now looking at browsers as their new quarry. “Attackers

today are not targeting a device or a computer but information. This

'information as a target' trend would be the underpinning of new security

softwares and solutions too,” explained Shantanu Ghosh from Symantec.

Information as a target



So far all the malwares detected were through fingerprinting the bad guys,

for instance, he illustrates, “Through signatures of malicious programs, the

anti-virus vendors used the same logic as cops do with fingerprints. But as the

total number of malwares keeps ballooning at overwhelming rates, the same

approach can turn into a performance killer with heavy loads of downloads every

time. So there is a new approach of fingerprinting the good guys.” The

whitelisting approach is already showing its presence in Symantec's products.

Advertisment

There would be new technologies combining blacklisting and whitelisting, as

well as for files which fall in none of these categories. “This cool technology

would work by using the repertoire of information of past actions and

extrapolate to surmise a file's genuine degree.” said Ghosh.

Apart from this, Symantec is also working on browser-oriented technology of

VIBES, which is in R&D mode and will appear as multiple products. VIBES stands

for virtualization-based endpoint security.

The three virtual execution environments in the current VIBES prototype are

user virtual machine, trusted virtual machine and playground machine. The first

one handles browser-based online transactions in the HTTP mode. The second one

handles more sensitive transition in the HTTPS mode, while the third one is

where more adventurous, untrusted activities are carried out, such as visiting

unknown websites or downloading unknown applications.

Advertisment

The new security scenario will, in addition, see the challenging task of

handling collision between enterprises and consumers. “The next generation is

growing up with digital devices and


it's a part and parcel of their everyday life. At the same time, enterprises

have to put access barriers for employees' devices. Add to that the issues of

mobile workforce, anywhere workforce, etc. The way we do our jobs today is

different than yesterday. Balancing security with productivity is going to be a

challenge. End point devices can allow high degrees of intelligence to juggle

between security concerns and productivity issues.

Pratima Harigunani



(Courtesy: CMN)

Advertisment