Complete Protection
Across All Connected DevicesUnlike other providers that either do not offer device-level security or reduce security to simple encryption, Bear injects full-stack security directly above a network driver and provides virtualized management to deliver strong device-level protection. Bear has created the first-ever virtual Security Kernel that is completely controlled by external policies. This Security Kernel provides a full stack of security including device identity, authentication, communications authorization, configuration control and secure communications.
Communications Authentication
Bear has created a new type of device blockchain that is lightweight, locally autonomous and streamlined for largescale connected device deployments. This blockchain system utilizes policies to authorize communications, using a method that is similar to Access Control Lists (ACLs). Instead of controlling access to resources, Bear uses a secure, Communication Control List (CCL) to determine which devices can communicate with each other, how those communications occur and all other aspects of data flow.


Authentication
Bear assigns each device its own identity and then leverages this dynamic self-identity to self-authenticate rather than relying on certificates for authentication. In contrast to self-signed certificates, Bear’s dynamic approach cannot be copied and moved to other devices. Moreover, the actual authentication for any connection is completely independent of any other connection. By leveraging a tokenization system similar to Kerberos, Bear optimizes these distinct connections through local controller exchanges.

Device Identity
Security must start with identity. Bear assigns identity to each device and continuously monitors the system to ensure its integrity. Once Bear is installed on a device, it cannot be removed and reinstalled on another device. This prevents hackers from spoofing a device.


Secure Communications
Bear uses algorithmic and security key control that randomizes the usage of each, at packet level, to ensure that communications are as secure at time zero as they will be in year five. Whereas other options use one key of a fixed size and one algorithm (e.g., AES 255 bit), Bear randomizes the size of the keys, leverages multiple algorithms and rotates each set independently, and randomly, at the level of each packet.

Configuration Control
Bear’s cross-device secure boot verifies the integrity of each device’s operating system and application configuration before an operating system and it applications ever start up.
