Security Archives | Ericsson Research Blog

Ericsson Research Blog

Research, insights and technology reflections

Learning from scratch

I’m Niilo Lehtikuja, an intern in the security team at the Ericsson Research and Development Center in Jorvas. The summer offered a really wide spectrum of tasks – from coaching kids at a code camp to helping with a patent application!

Students from many different fields join Ericsson Research for internships or thesis work. You could be next. Follow our blog to learn more about the students at Ericsson Research during the summer of 2018.

Read more

Security for connected devices

Cyber-attacks are on the rise. The number of attacks is increasing, and sophisticated hacker tools enable more complex attacks. The Internet of Things (IoT) is rapidly emerging, bringing new security challenges with serious consequences from any successful attacks. The sheer quantity of the billions of connected devices gives an adversary a large potential attack surface.

SECONDS is a research project run by Lund University with Ericsson as one of the industry partners. The project aims to develop techniques and practices to facilitate relevant, cost-efficient vulnerability analyses for specific products in specific environments. In this context, Ericsson has developed a machine-learning-based threat intelligence service connected to a client tool for customized ranking and recommendations of reported vulnerabilities.

Read more

LURK at the IETF 102

In our previous post, we talked about the role of IETF in shaping the future of the internet and the exciting IETF meeting Montreal will host this summer. One topic we consider important in this context is the design of cryptographic protocols with formal proofs. We believe that formal methods have an important role to play; they should be more systematically applied in standardization to prove important security properties.

One of the items we from Ericsson Research will work on during the IETF 102 is the Limited Usage of Remote Keys (LURK) protocol. Bearing in mind that formal validations are a prerequisite for high levels of security assurance, we design and develop LURK by relying on formal methods to prove security guarantees.

Read more

Building the Internet of tomorrow @ IETF 102 in Montreal!

In about two weeks, it’s time for the Internet Engineering Task Force 102 meeting in Montreal. The IETF is a large community that aims at making the internet better, and the IETF meeting is a prime opportunity to contribute to building the internet of tomorrow. Even more so since several other, related events are also taking place.

We’ve put together an overview of what will happen and how it all contributes to the internet evolution – with some extra advice to newcomers.

Read more

Smart Contracts for Identities

In the digitally connected world of Internet-of-Things (IoT), secure identities are crucial to achieve trustworthy generation and management of information. When facing tens of billions of devices, though, we can no longer rely on the means for managing devices and identities that are used today, where a substantial amount of manual intervention is required.

In our latest post in a series on secure identities, we will talk about smart contracts and digital identities and show how identity brokering facilitates identity and trust management for IoT devices.

Read more

5 tech trends you need to know about

Being an engineer has probably never been more interesting than it is today, with such rapid advances in technology and how this impacts both our daily life and our work at Ericsson. New devices, inventions, solutions, and tools appear every day alongside the ongoing digitization of all kinds of industries.
It’s hard for anyone to be updated, but to help, our CTO, Erik Ekudden, has just published a new article examining what he sees as the five most significant trends in technology evolution.

Inspired by his list, I have some personal reflections on technology evolution.

Read more

High Assurance Virtualization for ARMv8

To save cost and increase usability and capability, there is an increased demand for reusing the same ICT hardware for multiple functionalities. A fundamental security requirement is to provide isolation between the components providing these functionalities, including the associated data.

Ericsson has co-developed a high-assurance hypervisor and secure boot, codenamed HASPOC, for the latest ARM architecture, ARMv8. In this post, we provide details about the technologies of our platform.

The requirement to provide isolation has become relevant for most types of ICT devices. Not only for mainframes in data centers, but also for smart phones and computationally very limited devices such as embedded systems and sensors.

Read more