Sensor network data integrity gets help from a new blockchain solution
|Christian Hargrave in Security Wednesday, November 21, 2018|
To be actionable, sensor data must be truthful, accurate, complete, retrievable, and verifiable, said Phil Ressler, CEO of Sixgill.
Sixgill, LLC unveiled its new breakthrough blockchain or distributed ledger-based solution for sensor network data integrity. Sixgill Integrity is a ledger-agnostic solution and is designed from the ground up to solve the fundamental need for an end-to-end, real-time sensor data authenticity system. With Integrity, organizations are assured that their emitted data, transmitted data, ingested data, and acted-upon data are the same.
Sixgill is taking a fresh approach to fundamental industry challenges of data security and authenticity:
- Cloud processing multiplies intrusion vulnerabilities in complex networks. Proliferation of connected devices can vastly expand system surface area for attack opportunities. And hardware vulnerabilities such as Meltdown and Spectre compound cloud systems’ susceptibility to intrusion and malfunction. Distributed Ledger Technology can protect data when security fails.
- Sensor data streams can be tampered with, hacked or changed without an organization ever knowing, or not knowing soon enough to prevent serious error. The immutable nature of Distributed Ledger Technology (DLT) can be applied to ensure information integrity, veracity and auditability.
- Until now, blockchain foundations have been too slow and encumbered to achieve critical, real-time operations performance. Sixgill Integrity applies a hybrid architecture to combine the immutability of DLT with the high performance of modern, distributed database technologies.
As the volume and velocity of sensor data traversing complex networks exponentially grows, system vulnerabilities become increasingly consequential. Current and future automated sensor data networks face potentially disastrous malfunctions, if transmitted data is compromised and wrongly trusted. Already, Thales reports that 71% of enterprises are now gathering data for IoT initiatives while security remains a major concern and impediment to their IoT deployments.1
Security is an Illusion; Data is Defensible
The thesis behind Sixgill Integrity is that security is an illusion and despite best efforts, bad actors can and likely will eventually intrude in any system. If the cat-and-mouse game of security cannot be conclusively won, Sixgill asserts that sensor data itself is defensible. Further, a propensity for data silos in the enterprise necessitates an increasing number of middlemen and brokers, creating more fissures for intrusion.
Security vendors should keep trying to deny access to bad actors, but Sixgill will presume failure and focus on assuring the intactness of data streams, and on immediately exposing any successful compromises so people and automated systems do not act on inauthentic data. Integrity for data includes not only the data itself, but also assuring authentic sequencing of time-series data that predominates in sensor-informed processes.
On-chain / Off-chain Innovation
By uniquely combining DLT and edge computing (where possible), Sense Integrity uses blockchain and cryptography to provide authenticity of data origin and verification of data content and chronology. Integrity is built with a public on-chain, and distributed off-chain, hybrid architecture.
This combines the unparalleled security, transparency and immutability of public blockchain networks, with a distributed off-chain architecture capable of verifying, storing and processing vast amounts of data centrally or at the edge of the network using data handling and storage methods that can be chosen for maximum performance. This gives enterprises continuous, automated knowledge that their data has not been changed or otherwise compromised, and allows them to more easily contain the costs associated with high volume data processing and storage.
Ponemon Institute reports that the average time to resolve a data breach is 191 days,2 an unacceptable lag between incidence and repair. Integrity is a real-time system designed to slash awareness intervals and speed correction. Whether a network is compromised by a bad actor, a defective or hacked sensor, or a faulty algorithm, Sixgill Integrity is designed to make sensor data automation progressively more resistant to attack and resilient in response, such that it is exceedingly difficult to undermine data integrity or conceal same if successful.
“Today’s sensor-populated networks are intrinsically unsecure. The potential for processes dependent on millions of devices and billions of data records to be compromised by corrupted or planted data is becoming a reality for many, with an especially worrisome horizon for utilities, communications providers, the industrial internet, public safety agencies, heavy manufacturers, and the like.” Ressler added, “The future of the Internet of Everything and its IoT subset depends on trusting the integrity of actionable data.”
Sixgill Integrity answers the needs of organizations that rely on the mission-critical data they gather. Use cases are not restricted to, but include:
Healthcare Permanent auditability, traceability and certainty for medical data and clinical trials.
Insurance Rate-setting and claim-settling based on dynamic data collected from smart devices, smart homes, sensor-intensive vehicles, smart buildings, etc.
Utilities Ensure widely-distributed, automated infrastructure informed by sensor inputs and powered by programmatic action triggers do not act on suspect data.
Continuous Auditing for Regulation, Finance, Compliance Add completely trustless audit trails to any enterprise data ecosystem.
Sixgill Integrity is tightly-integrated with Sixgill Sense, the company’s sensor data automation platform and its companion SDKs, APIs, partner gateways and dashboard. Integrity functions are both cloud and edge-resident and can be run with Sense or independent of it. Like Sixgill Sense, Integrity is optimized end-to-end for the unique processing requirements imposed by prolific time-series data generation and related real-time operations. However, Sixgill Integrity is a discrete product that can provide blockchain-based integrity to a wide variety of other data chains where veracity, immutability and auditability are vital. Sixgill Integrity provides:
- Easy implementation with Sixgill Sense
- Edge availability in the Sixgill Reach SDK & Edge Agent
- Comprehensive Data Integrity Dashboard including rules and operations monitoring
- Proactive, automated alerting when data compromises are detected
- A live, trustless audit trail for any Sense-enabled data ecosystem
Sixgill Integrity is beginning test engagements and is expected to be generally available in Q2 2019.
Become a subscriber of App Developer Magazine for just $5.99 a month and take advantage of all these perks.
MEMBERS GET ACCESS TO
- - Exclusive content from leaders in the industry
- - Q&A articles from industry leaders
- - Tips and tricks from the most successful developers weekly
- - Monthly issues, including all 90+ back-issues since 2012
- - Event discounts and early-bird signups
- - Gain insight from top achievers in the app store
- - Learn what tools to use, what SDK's to use, and more