Cyber-attacks are on the rise. The number of attacks is increasing, and sophisticated hacker tools enable more complex attacks. The Internet of Things (IoT) is rapidly emerging, bringing new security challenges with serious consequences from any successful attacks. The sheer quantity of the billions of connected devices gives an adversary a large potential attack surface.
SECONDS is a research project run by Lund University with Ericsson as one of the industry partners. The project aims to develop techniques and practices to facilitate relevant, cost-efficient vulnerability analyses for specific products in specific environments. In this context, Ericsson has developed a machine-learning-based threat intelligence service connected to a client tool for customized ranking and recommendations of reported vulnerabilities.
In our previous post, we talked about the role of IETF in shaping the future of the internet and the exciting IETF meeting Montreal will host this summer. One topic we consider important in this context is the design of cryptographic protocols with formal proofs. We believe that formal methods have an important role to play; they should be more systematically applied in standardization to prove important security properties.
One of the items we from Ericsson Research will work on during the IETF 102 is the Limited Usage of Remote Keys (LURK) protocol. Bearing in mind that formal validations are a prerequisite for high levels of security assurance, we design and develop LURK by relying on formal methods to prove security guarantees.
In about two weeks, it’s time for the Internet Engineering Task Force 102 meeting in Montreal. The IETF is a large community that aims at making the internet better, and the IETF meeting is a prime opportunity to contribute to building the internet of tomorrow. Even more so since several other, related events are also taking place.
We’ve put together an overview of what will happen and how it all contributes to the internet evolution – with some extra advice to newcomers.
The state of Internet security is a constant battle between newly understood threats and the defences designed to deal with them. In recent years, the focus has been on improving the security of transport layer connections, resulting in significant security improvements in the Internet. What additional things should we focus on in the future?
The EU General Data Protection Regulation (GDPR) is one of the hottest topics in privacy, as 5G is within communications. Interestingly, both the EU GDPR and the first release of a 5G standard will arrive in 2018. In this blog post we discuss important impacts of the EU GDPR on 5G.
In the digitally connected world of Internet-of-Things (IoT), secure identities are crucial to achieve trustworthy generation and management of information. When facing tens of billions of devices, though, we can no longer rely on the means for managing devices and identities that are used today, where a substantial amount of manual intervention is required.
In our latest post in a series on secure identities, we will talk about smart contracts and digital identities and show how identity brokering facilitates identity and trust management for IoT devices.
Being an engineer has probably never been more interesting than it is today, with such rapid advances in technology and how this impacts both our daily life and our work at Ericsson. New devices, inventions, solutions, and tools appear every day alongside the ongoing digitization of all kinds of industries.
It’s hard for anyone to be updated, but to help, our CTO, Erik Ekudden, has just published a new article examining what he sees as the five most significant trends in technology evolution.
Inspired by his list, I have some personal reflections on technology evolution.
To save cost and increase usability and capability, there is an increased demand for reusing the same ICT hardware for multiple functionalities. A fundamental security requirement is to provide isolation between the components providing these functionalities, including the associated data.
Ericsson has co-developed a high-assurance hypervisor and secure boot, codenamed HASPOC, for the latest ARM architecture, ARMv8. In this post, we provide details about the technologies of our platform.
The requirement to provide isolation has become relevant for most types of ICT devices. Not only for mainframes in data centers, but also for smart phones and computationally very limited devices such as embedded systems and sensors.
As quantum computers are being developed, the research regarding post quantum cryptography is being intensified. In this post you can read about Iggy and how he, with the use of his studies in mathematics, got to take a closer look at cryptography improvements.
Students from many different fields join Ericsson Research for internships or thesis work. You could be next. Follow our blog to learn about the students at Ericsson Research this summer.