Going To The Next Level
If you have been reading about Bear, you will know that we go through a ton of effort to ensure that a given installation can never be removed from its physical device – we call this Seating. This feature enables the type of peer-based authentication required for large IoT systems. One of the core aspects of this process is utilizing a key part of the processor/CPU which is called the Trust Zone. This area allows only local services to securely store information in a manner that cannot be readily extracted from the outside.
One of the biggest innovations in recent processors has been the inclusion of encryption algorithms in the CPU itself. These hardware-accelerated encryption approaches are magnitudes of order faster than the best software options and use considerably fewer resources. That said, they suffer from being static, fixed in place and unable to change over time.
Going to the next level, however, Bear can solve the static challenge for these processors while the CPU companies can further enhance the level of protection for Bear. To this end, a CPU can provide an updateable series of Seating and Encryption algorithms that can interact with a Bear client. Bear, on the other hand, can provide a highly-secure mechanism to send updates to these processors in order to enable extremely safe update mechanisms that change out algorithms and processes.
Better yet, Bear operates at such a level that the entire operating system can be disengaged while these updates occur and only Bear is running. Given this interaction, Bear can readily extend its secure policy sets to provide a new, low-level of setup interactions for a given CPU that set its registers before an operating system spins up. These pre-processing instructions can determine how to handle encryption/decryption requests, enable multiple encryption options, and allow for the static determination of more complex behaviors such as Bear’s local identity validation.
This CPU-based enhancement approach is just the beginning of what Bear has envisioned as traditional software becomes more integrated with hardware. Using this approach, the static weakness found in hardware, and the relative slowness of hosted software, can be mitigated. Bear has created a new logical layer between traditional hardware and software boundaries, enabled policy control over behavior in this layer and this CPU example represents one of a multitude of fascinating options moving forward that can exist within this layer.
If you are a CPU company or a manufacturer (our client is FREE by the way) – please contact us to discuss the possibilities!