Harbor Research - Designing Security for the Internet of Things & Smart Devices

SECURING THE FUTURE White Paper

Harbor Research, Inc.S A N F R A N C I S C O | Z U R I C H

After a decade of rampant growth, we see that the Internet’s architecture has been both a blessing and a curse. It has evolved to become the fundamental platform for all intelligent devices to share information. The dliemma lies in the fact that the network of networks is still quite vulnerable to security issues and the IT community who we trust are working to resolve these challenges are still operating with outdated models that cannot serve the needs of a truly connected world.

One company, Mocana has developed a unique approach to networked device security that offers a proven foundation for the complexity of a global information economy.

Designing Security For The Internet of Things

When it comes to preparing for the global information economy of the 21st century, most people assume that the existing IT community and its army of technologists are taking care of all the “details” – particularly securing the devices

and data that will continue to grow exponentially. They take it on faith that the best possible tools and designs for securing transactions and managing information are already in place. That is potentially a huge unfounded assumption. This paper examines a new and unique approach to securely enabling the growing number and diversity of devices connecting to the Internet. Mocana demonstrates that it is possible to migrate gracefully and securely to “the Internet of billions upon billions of things” if we first accept that the tools available today were not designed for the tasks they are now routinely performing.

IS OUR NETWORK GETTING TOO CROWDED !ur society is at the cusp of a "perfect storm# of network connectivity$ %e concept of network e&ects states that the value of a network grows exponentially with the number of nodes connected to it$ 'long with the value( however( so too grows the complexity of managing the network( the di)culty of securing it( and the reliance of people and orga*nizations on these networks functioning properly$

%e +nternet was designed in the ,-./s to allow the incompatible data networks and computing systems of the time to share information—to "talk to each other#$ %e +n*ternet is literally a "network of networks$# 's we know it today( the public +nternet is a worldwide embodiment of those original data communications protocols—which are( by design( extremely simple$ %e original designers made very few assumptions about the data being sent and about the devices connecting to the network to send and receive data$

+t is this extensible( technology*neutral basis of the +nternet that has allowed it to scale so dramatically and gracefully since its inception( with minimal central administration$ %e massive volume of data*points coming from the growing number and diversity of smart

2

Securing The Future - White Paper Designing Security For The Internet of Things

© 2007-2008 Harbor Research, Inc. All rights reserved. http://harborresearch.com/

[email protected]

devices presents an unprecedented information management challenge$ 0o too does the evolution of +1 devices to network platforms capable of delivering and consuming +1 applications and services$ %at data will require scrubbing( filtering( compression( ware*housing( analysis( reporting( and perhaps more importantly( securing$ %e astronomical growth of connected devices that continues today and is predicted well into the future pushes the bounds of what the designers of the +nternet had in mind$

%e growth of devices on the +nternet today is chiefly occurring in two distinct ways$ %e first is that previously separate networks – such as video( voice( cellular( etc$( * are all migrating toward shared +1$ 's opposed to organic growth of devices on the periphery( this trend requires the +nternet to absorb wholesale transi*tions of full*scale networks into its existing framework$

't the same time( new classes of devices are becoming net*work enabled$ %e types of devices being connected today extend far beyond the laptops and cell phones we have be*come so accustomed to$ 'ny manufactured object has the potential to be networked$ 2oday( virtually all products that use electricity * from toys and co&ee makers to cars and medical diagnostic machines * possess inherent data processing capability$

+t thus follows that virtually all electronic and electro*me*chanical products are being designed with more and more capabilities$ %e fact that many common devices have the capability to automatically transmit information about sta*tus( performance and usage and can interact with people and other devices anywhere in real time points to the in*creasing complexity of these devices$ 3or example( today the average mobile phone contains just over 4 million lines of code5 this is expected to rise to ,/ million by 4/,/$ 'n automobile on average has 67 million lines of code5 this is predicted to grow to over ,// million by 4/,/$

!bjects that operate completely independent of human interaction are being networked as part of the growing trend in 848 9machine*to*machine: communication$ 0ecurity cameras transmitting digital video( electric meters sending regular usage readings( even

Device Growth Statistics

There are approximately 2.8 billion

million new ones added daily - Projected

the global network will need to accommodate one trillion devices, most of which will be wireless devices.

M2M communications are projected to surpass human-to-human

3

Securing The Future - White PaperDesigning Security For The Internet of Things


[email protected] • 800.595.9368 • 415.615.9400 • +41 435 000 153

simple sensors and circuit breakers are being +1*enabled so they can talk to us and to each other$

%is phenomenon is not just about the dichotomy between people communicating with people or machines communicating with machines; it also includes people communicat*ing with machines 9e$g$ a networked '28:( and machines communicating with people 9e$g$ automated stock ticker alerts on your 1<':$ %e +nternet=s most profound potential lies in its ability to connect billions upon billions of smart sensors( devices( and ordinary products into a global "digital nervous system# that will allow every business the ability to achieve undreamed*of e)ciency( optimization( and profitability$ >owever( the nature and behavior of a truly distributed global information system are concerns that have yet to take center stage * not only in business communities( but in most technology com*munities( too$

WHY WE NEED TECHNOLOGY TO SAVE US FROM TECHNOLOGY 'fter more than a decade of rampant growth( we see that the +nternet=s inherent archi*tecture has been both a blessing and a curse$ ?ith the rapid growth of wireless networks – from cellular to ?i3i to @igAee – connecting these devices to the +nternet has never been easier$ ?hat we need is a remarkably agile global network that can comfortably scale to trillions of nodes—some of them hardware( some software( some purely data( many of them coming into and out of existence or changing location constantly$ !bvi*ously( such a network cannot be "designed# in any ordinary sense$ Bertainly( it cannot be designed "top*down$#

0ome basic design principles must be put in place to guide the growth of this vast( distrib*uted technological organism$ +t demands that we design not only devices and networks but also information interaction in ways not addressed by current +2$ %e reader may ask( don=t we already have a vast public information space called the ?orld ?ide ?ebC <idn=t the ?eb completely revolutionize human communicationC 'nd isn=t the ?eb working and scaling quite handsomelyC

'lmost everyone will answer with a resounding "DesE# Aut consider this analogy from Auckminster 3uller; 0uppose you are traveling on an ocean liner that suddenly begins to sink$ +f you rip the lid o& the grand piano in the ballroom( throw it overboard( and jump on it( the floating piano lid may well save your life$ Aut if( under normal circumstances( you set about to design the best possible life preserver( are you going to come up with the lid of a grand pianoC

4



[email protected]

%e growing scale of interactions between devices with more and more features and the antiquated clientFserver architecture of the web is like that piano lid$ +n a period of great change and tumult( it worked—in the sense that it kept us afloat$ Aut that does not make it the best possible design( or qualify it to be something that we should plan to live with forever$

Det( in the course of one mere decade( the world has become so dependent upon the ?eb that most people( inside +2 and out( cannot bring themselves to think about it with any critical detachment$ Gven high*tech business people use the terms "the ?eb# and "the +nter*net# interchangeably without giving it a thought$

Aut the ?eb is not the +nternet$ %e +nternet itself is a simple( elegant( extensible( scalable( technology*neutral networking system that will do exactly what it was designed to do for the indefinite future$ %e same cannot be said of the ?eb( which is essentially an applica*tion running on top of the +nternet$ +t is hardly the only possible +nternet application( nor is it the most profound one conceivable$

Moore’s Law - Transistors Per Intel Chip Drive Growing Complexity

5



[email protected] • 800.595.9368 • 415.615.9400 • +41 435 000 153

%e 'chilles heel in this story does not originate in browser software( or markup lan*guages or other superficial aspects that most users touch directly$ %ose inventions are not necessarily ideal( but they are useful enough for today( and they can be replaced over time with better alternatives$

Hather( the growing bottleneck lies in the relationship and interactions between ever more complex devices and the antiquated clientFserver architecture of the web$ ?ith memory and processor capabilities getting cheaper by the day( product designers are em*bedding feature upon feature into their designs$ ?hat may finally bring 8oore=s law to its knees is the sheer complexity of software driving infinite interactions$

%e growing disparity of devices on networks is diluting the ability of technicians to ef*fectively manage them$ +t is extremely di)cult to keep up with the unique requirements of each new device and all its advanced features$ +ncreasingly what is needed is a means of creating an abstraction layer that unifies common tasks and manages the complex*ity of implementation down to the device$ Bustomers expect networked devices to be functional( ubiquitous( and easy*to*use$ ?ithin this construct( however( the first two expectations run counter to the third$ +n order to achieve all three( the network must be loaded with intelligence$

?hen telephones first came into existence( all calls were routed through switchboards and had to be connected by a live operator$ +t was long ago forecast that if telephone tra)c continued to grow in this way( soon everybody in the world would have to be a switchboard operator$ !f course that has not happened( because automation was built into the network to handle common tasks like connecting calls$

?e are quickly approaching analogous circumstances with the proliferation of connected devices( or device networking$ Gach new device that comes online now requires custom*ization and maintenance just to exist safely on the network and perform the same basic tasks 9securing( provisioning( reporting( etc$: as most others$ ?e must develop methods to automate and facilitate these common functions( otherwise the lack of technical ex*pertise will only get worse( and will continue to hold back device networking from the truly astronomical growth that many have forecast$

6



[email protected]

THE INTERNET OF THINGS: HOW MANY THINGS & WHERE ARE THE THINGS? +ntelligent device networking is a global and economic phenomenon of unprecedented proportions$ +t will radically transform customer service( resource allocation and pro*ductivity$

>arbor Hesearch expects that by 4/,/ there could be anywhere from 7// million to over one billion devices communicating continuously$ %ese devices will drive new net*worked applications and services such as status monitoring( usage tracking( consum*able replenishing( automated repairing( and new modes of entertainment whose value together could reach beyond I7// billion in value*added revenues from services$ %ese new services are based upon the convergence of networks( embedded computing( control( and content$

' casual but informed observer may say that is preposterous( particularly considering some of the flu&y prognostications from the Je= era$ ?ell( consider that depending on your definition of a sensor( there are already more sensors on earth than people$ 2o the

Global Device Networking Market Growth is Exponential

7



[email protected] • 800.595.9368 • 415.615.9400 • +41 435 000 153

well informed( the potential scale of device connectivity and value added network services is less a question about whether it will happen and more often a question about when$

0oon( any device that is not networked will rapidly decrease in value( creating even great*er pressure to be online$ <evices will blend into every venue and vast opportunities will arise for companies delivering( managing and responding to the rich media and data being generated$

%is is not an isolated phenomenon by any means$ Ko matter what means are used to segment markets( growing device networks have applications in every venue across the global economy$

'nything that operates over +1 – cell phones( computers( Lo+1 phones( car navigation systems – is capable of intercommunicating with other +1 devices$ %is is relatively easy to conceive of in the familiar contexts of consumer and business devices like these( but the chart helps illustrate some of the devices being connected in other less familiar areas$ 0ophisticated( expensive devices are among the first to get connected( so that they may be closely monitored and report information about their status$ ?indmills( pipelines(

Any ‘Thing’ On A Network Can Communicate With Other ‘Things’ Across Global Venues

8



[email protected]

construction equipment( oil rigs( harvesters( mass spectrometers( and mass production equipment – any piece of high*value capital built within the past twenty years has some kind of embedded electronics( and the newer it is the greater the intelligence$

Gven in developing areas( new networking technologies are keeping up with and even outpacing growth here in Korth 'merica$ %ey have "late*mover advantage(# which allows them to design infrastructures with new requirements and capabilities in mind$ <eveloping regions tend to skip steps that seem standard in first*world countries$

3or example( many developing countries use cell phones as their dominant means of com*munication( as the wireless infrastructure is easier to set up than running telephone lines to every house$ Bonsequently data communications must also operate predominantly wirelessly( raising the importance of developing technologies like ?i8ax and cellular broadband$ Macking many preconceived notions for how certain products and devices have functioned in the past( these markets may well be among the most receptive to new service*centric o&erings from networked product manufacturers and their partners$

's 8oore=s law persists and the price of embedding intelligence and connectivity into de*vices continues to fall( networked devices push further and further into the mainstream$ %is process is somewhat self*reinforcing as low prices are driven by high quantities( and vice versa( making these devices increasingly prevalent in our lives and businesses$ ?hile the growth is spread through all areas of our lives( it is concentrated on the same global network$ %e immense growth that is just now beginning will continue to accelerate( creating new strains on existing infrastructure and skill sets$

A DAY IN THE NEW NETWORKED LIFE Nust consider the number of devices that exist with the potential to be networked$ ?alk through a typical day and note the variety of electronic devices with which you interact$ Gach device=s uses and functions have the potential to be expanded with networking$

Gach of these devices can benefit from connected services( and this is just the tip of the iceberg$ %is phenomenon has far*reaching e&ects the likes of which have never before been seen in business or our everyday lives$ %e +nternet versions ,$/ and 4$/ had broad implications on how people and businesses interact with computers and other new in*formation devices( but did not necessarily change every aspect of our lives$ <evice Ket*working represents version 6$/ of the +nternet( and it will be felt in everything that we

9



[email protected] • 800.595.9368 • 415.615.9400 • +41 435 000 153

touch and do$ Ko matter who you are( what industry( or what job function( this tidal wave of change will be inescapable$

Network Devices In Everyday Life Will All Drive New Services

THE STAKES ARE HIGH FOR BOTH INDIVIDUALS AND THE ENTERPRISE 2oday=s enterprises are evolving at a pace unseen before in human or business history$ ?hile they grow( they fall subject to an intriguing paradox; as they become ever more connected( they also get more dispersed( and visa versa$ Olobalization and outsourcing( penetration of broadband networking( and pressures to be financially lean have all con*tributed to the trend of distributing organizational resources$ ?hether it is managing a work*from*home sales force( or teleconferencing with clients on a di&erent continent( organizations are relying on networks to keep them connected as they grow ever more di&use$

's their prey evolves( so do the predators( so as enterprises improve and expand their networks( hackers are constantly developing new tools for breaking into them$ Kot only

10



[email protected]

does this growth mean more endpoints for organizations to secure( but even devices thought to be protected are increasingly susceptible to attack$ ' skilled hacker can eas*ily circumvent security measures that are old( weak( or not properly configured$

Borporations invest millions of dollars on physical perimeter security for their o)ces( but what is the point if the information flowing constantly to and from the building is not secureC ?ith the increasing use of streaming media over +1 networks( like 2elecon*ferencing and Lo+1( more and more valuable and potentially sensitive information is be*ing transmitted( often unprotected$ Det with these real*time communication services( latency is misguidedly the main concern( not security$ 3or fear that security measures will slow down transmissions( many are not secured properly( if at all$ G&ectively secur*ing these devices requires a solution that is highly optimized and can operate e)ciently without introducing latency and disruption to the communications process$

?hile corporations face security concerns over ever*growing corporate networks( simi*larly individuals must deal with concerns over their increasing vulnerabilities$ Bonve*niences like wireless credit cards( cell*phone payments( online banking and more( leave us increasingly exposed to information interception and identity theft$ ?hether for home or for enterprise( no matter what type of business( security is a common concern( and one that will be discussed in detail later in this paper$

STRANGE BEDFELLOWS ! THE RISKS OF CONNECTEDNESS AND OPENNESSKetworked devices providing and consuming real*time data and services will be the hallmark of our new "Ketworked 0ociety$# %ese new devices will become portals into other network resources in which device users will gain utility not only from the devices themselves( but from a variety of adjacent value added service providers$ 's it evolves( this infrastructure will amount to nothing less than a "global digital nervous system# for commerce—indeed( for society itself$

Bonsider the implications of pervasive networked devices not just on the user experi*ence but on the organization of businesses aligned to deliver value to these users$ %e "value chain# for a non*networked device has remained relatively consistent for hun*dreds of years$ 3rom raw materials to components to finished products( the obligations of the manufacturer and their relationship with their customer essentially began and ended at the point of sale$

8ost businesses have been built around this product*centric paradigm – it is ingrained in their culture and organizational structure to focus all of their e&orts on selling a

11



[email protected] • 800.595.9368 • 415.615.9400 • +41 435 000 153

physical product$ Aut now device connectivity is changing the entire structure of value delivery( threatening long*standing business models( and forcing all companies to con*sider how to participate in service delivery and building ongoing relationships with their customers$

Hather than owning declining*profit commodities( companies will aggressively need to seek innovation in value added services( and ensure that they maintain some control over access to their devices in the field( and the stream of device data coming in through them$ 8ost importantly( thanks to that device data( companies will "own# their relationships to customers in ways never before imagined$ ?hat happens after that point depends upon the strategy adopted$ ' company could( for example( lease part of its stream of customer information—and thus part of the customer relationship—to another company wishing to provide value that is not part of the first company=s business$ !ther relationship own*ers could lease relevant parts of their own customer information back( or share informa*tion in a joint venture or some other contractual arrangement$

Kew capabilities will bend the traditional linear value chain into a loop of complex in*terdependencies that will demand new thinking and will require new alliances with the many new participants in the chain$

Ausinesses that create the best ecosystem of alliance partners * from complementary de*vice manufacturers to third party application software providers – will be the most suc*cessful$ <evice manufacturers( network service providers( new software and value added services players will all combine to create significant business and customer service value or devolve into an environment of strange "bedfellows$#

Gven if a device manufacturer decided that it did not want to build an ecosystem and instead wanted to vertically integrate and own all aspects of device networking for a particular class of devices( it must still embrace the concept of value added services and recognize that it is the combination of hardware( software and value added online ser*vices that define the ultimate value to end customers$ Dou need look no further than 'pple=s i1od device and i2unes service for a present day example$ +n a very short period of time( 'pple has rocketed to become the third largest music retailer in the world( while also creating a billion dollar revenue device business ** all with a device that connects to a networked service$

12



[email protected]

Kow with the introduction of the i1hone( 'pple is entering a market that many would consider saturated; the cell phone market( whose structure is the definition of linking de*vices and services$ Kot only must a cell phone plan match the capabilities of the device( often the ongoing service fee is used to o&set the upfront cost of the device$ +n 'pple=s case( they feel they can be successful here both for the revolutionary capabilities of their device( and for the range of new services it will allow$ 3or the first time the i1hone al*lows uncompromised access to web content from a cell phone$ ?hile not fully open( the i1hone will allow third party developers to write web*based applications for the device$ %is is sure to cause significant disruption to the market( as a broad range of new partici*pants start gravitating towards delivering new functions and services to cell phones( all of which will deliver enhanced value to users of the devices$ 2aken to the extreme( this all has the potential to redefine the definition of a cell phone$

Expanding Constituents In The Networked Value Chain Create New Value & New Risks

13



[email protected] • 800.595.9368 • 415.615.9400 • +41 435 000 153

?ith all of this cooperation and collaboration( not just around cell phones but all net*worked devices( it is a foregone conclusion that the device networking community must agree upon universally accepted( open communication standards$ ?hile historically( proprietary protocols have dominated in some arenas( the pervasive nature of +1 is eroding these proprietary boundaries$ +1 will over time be the dominant transport for device networking$

's revolutionary and far*reaching as the device*networking paradigm shift is( this does not change everything( and the eternal truths remain eternal$ ?hen you open yourself to relationships( and connect to other people or devices( you can get hurt$ 'nd the greatest opportunities usually involve the greatest risk$ %e real*world risks of open technology and asset connectedness include possible breaches of secure systems that can have catastrophic impact$

WAITING FOR THE WAKE UP CALL YOU HOPE WILL NEVER COME <espite a growing awareness of the presence of connected devices and their importance as a phenomenon( there is quite little understanding within most device manufacturers( service providers and enterprises as to how best to secure them and the services they enable$ <evice security is usually handled on an ad*hoc basis surrounding a device or network specific project$ Harely are there horizontal( organization*wide security solu*tions from which a device manufacturer and device network might benefit$ +nstead( security design and implementation decisions occur deep within organizations$ !ften times( individual developers are left to port software designed originally for 1B and server security to their burgeoning devices and device networks$ Aesides being labor*intensive( this is not a scalable solution( nor does it provide adequate functionality or an acceptable level of protection$

8any companies today have let their connectivity outpace their security$ %e focus of most companies= security e&orts is on devices with which humans interact directly$ %ey fail to realize that each newly connected device represents another potential point of weakness through which hackers can gain unauthorized access to sensitive informa*tion$ %ese customers must demand more complete security from their device manu*facturers$ !ften( device manufacturers will do the bare minimum( claiming security support that is in reality very narrow and only provides protection along a very limited dimension$ %e practical consequences of the resulting under*investment and trivializa*tion of security can be devastating$

14



[email protected]

Hecently the major retail chain( 2NP Bo$( operator of such stores as 2N 8axx( 8arshall=s( and Aob=s( incurred a security breach that reportedly resulted in the exposure of at least Q7$R million customers= debit and credit card information$ Heportedly( hackers accessed the network wirelessly while parked outside using a laptop$ 's a consequence the com*pany is facing backlash and lawsuits that( according to some estimates( have potential to cost nearly I, billion( and may jeopardize the entire company itself$

'ccording to some reports( nearly -S percent of laws that include personal information have an express encryption standard written into the definition$ %ey define personal in*formation under the law as data being unencrypted or they use a harm standard stating that if there is an encryption there is no probability of identity theft or harm to the vic*tim$ +t started with house bill ,6S. in Balifornia( approximately five years ago$ Kow 67 states have similar laws and there are provisions as well for financial institutions( which are federally administered$ +n those industries where the level of connectedness and the value of the data are both high( such as financial services( the costs of security breaches have proven to be so substantial( that many of these enterprises are already carrying "data breach insurance$# %ese same dynamics will absolutely play out in device networking( perhaps even to a greater degree$ ?hile the example above illustrates the huge potential for financial liability associated with security breaches( device networking has potential to take this one step further$ ' device network security breach can have devastating real world( life and death consequences$

%e problem with securing today=s device networks is one of human nature – one of mo*tivation and incentives$ +nvesting in security is sometimes viewed as buying insurance( and unfortunately many companies do not face up to the risk until after they=ve already experienced the impact$ Nust as airport security increased after -F,,( or a household will finally invest in an alarm system after a break*in( it often takes some kind of "wake*up call# to get motivated to upgrade device network security$

3urther( corporate structures( and the segregation of expertise therein( means that usu*ally the person in charge of investment decisions related to security is not the person with the keenest understanding of the present risks and protection level$ ' technician who calls for a security upgrade out of the blue is easily ignored$ 'n engineering manager in a device manufacturer is only concerned with satisfying minimally specified requirements( regardless of how naïve those specified requirements are$ +n the absence of any problems( managers are quick to assume that present measures are working adequately$ Det that reasoning is inherently flawed and dangerous$ Ay that logic( it could be claimed that this

15



[email protected] • 800.595.9368 • 415.615.9400 • +41 435 000 153

white paper is coated in tiger*repellent$ 'nd because there aren=t currently any tigers around to prove otherwise( we can assume the tiger*repellent is working$ %e days of leaving well*enough alone have passed( and it is imperative now more than ever not just to fix problems but to preempt them$

?hen evaluating any type of risk( there are two main considerations that must be weighed$ %e first is the likelihood or chance that a particular undesired outcome would occur$ +n the security context( this comes down to an assessment of a device or network=s vulnerability or protection level$ %e second consideration is the size of the impact that would occur if such a risk were to materialize$ +n the realm of security( the potential consequence could be just a few hours of network downtime( or it could be millions of dollars worth of credit fraud( or a device that is rendered inoperable and must be returned to the manufacturer( all of which can cause irreparable damage to the brand and customer confidence$

Aoth of these dimensions weigh into a person=s decision of how to approach risk mitigation$ 's they relate to device networking( one must also realize that both risk factors grow quickly with the size of the network that must be protected$ ' larger network means more nodes and endpoints( and more potential points of weakness$ +t also means more information that has a higher value being transmitted on the net*work and consequently a greater impact if that network is compromised$ 's networks grow( so too must the focus on security( and as they begin encompassing new types of devices( that becomes increasingly di)cult$

%e net of this analysis is that a functional and elegantly simple security solution for devices and device networks becomes the "silver bullet# of sorts – the catalyst that will allow organizations to comfortably deploy large device networks while also al*lowing them to operate safely$ ' catalyst like this may be all that is needed to spur the enormous growth that has been forecast$

THE ANSWER LIES IN A DEVICE SECURITY FRAMEWORK ' solution that e&ectively manages the security requirements of disparate devices must have two main qualities; automation and homogeneity$ +t must handle com*mon tasks without human intervention( and it must provide a single platform and interface for interaction with a wide range of devices$ ?hat is needed is new infra*structure software plus centralized business processes for dealing with security within and across device manufacturers and service providers$ %is software solution would

16



[email protected]

be a combination of resident software embedded in the devices( plus capabilities deliv*ered as applications across the network$

's this is describing the unique needs of an entirely new type of network( it stands to reason that this solution does not fall within the specialties of any current mainstream software companies$ +n fact( the <evice 0ecurity 3ramework being described is best viewed as an entirely new market category$

?ith the disjointed( patchwork security solutions presently in place and the lack of general market understanding( particularly among larger software players( of what is needed for device security( the field is wide*open for any viable solution$ Kevertheless(

Mocana Device Security Framework

17



[email protected] • 800.595.9368 • 415.615.9400 • +41 435 000 153

this solution must not be a stopgap measure$ +t must create a platform that is extensible and will be able to solve tomorrow=s problems as well as today=s$

't a minimum( a <evice 0ecurity 3ramework should address the following security*centric demands across any connected device;4 0ecure remote device access4 0ecure data communications between devices4 <evice identity management4 'uthentication of devices and device applications on the network( including wireless networks4 8echanism for simplified key management4 'dvanced connection handling capabilities4 %ird party validated cryptography library4 %e ability to fully leverage advancements in silicon( including multi*core pro cessors and hardware acceleration

ENTER MOCANA

!ne company fully understands the needs of these networks and has begun creating a solution that meets the needs described above$ 0an 3rancisco based 8ocana Borpora*tion has positioned itself as one of the lone players in this new market( and while they could rest on their foresight and the advantage of being the first to recognize the needs of this market( the company continues to develop its <evice 0ecurity 3ramework so that it meets the aforementioned requirements and more$

8ocana=s solution is fully H3B*compliant with 3+10 validated cryptography algo*rithms( meaning it will interoperate with all applicable standards$ 8ocana=s <evice 0ecurity 3ramework contains software that gets embedded into devices at the time of manufacture( as well as capabilities delivered across the network( known as Ketwork 'pplications$

?hile philosophically a major supporter of open standards( 8ocana realizes that many companies build their devices on proprietary operating systems( using a wide variety of chips$ 2o scale across these disparate platforms( all components of 8ocana=s <evice 0ecurity 3ramework leverage a common abstraction layer that has two integration axes( one dealing with !0 integration( and the other with B1T integration$

18



[email protected]

0implistically( if chips ?( P( D and @ are supported( along with !0 # ,( then a port to !0 #4 will inherit support for chips ?( P( D and @ automatically by only modifying the !0 abstraction axis$ Bonversely if !0 #,( 4 and 6 are supported( along with chip P( then a port to chip D will immediately inherit support for this chip on all three !0=s by only modifying the chip abstraction axis$

%is approach provides maximum coverage of !0 and B1T combinations and maxi*mum flexibility for device manufacturers and service providers to make !0 and B1T decisions independent of 8ocana=s <evice 0ecurity 3ramework$

8ocana=s 3ramework has another major benefit – it can meet the extremely diverse needs of disparate wired and wireless operating environments$ 0ome end devices( such as those involving voice and video( require high performance$ !ther devices on the periphery may have intense restraints on power consumption to prolong battery life$

0till others have constraints on memory and processing capabilities$ 8ocana=s solution can meet the needs of all of these devices because it possesses three distinct qualities;

,: %e Ketwork 'pplications are themselves network and device independent$

4: %e embedded software is designed to leverage the capabilities being built into new chips( such as hardware acceleration( and multicore asynchronous

The Real World - Operating System & CPU Independence

19



[email protected] • 800.595.9368 • 415.615.9400 • +41 435 000 153

processing( providing a higher level of performance and scalability than much of today=s mainstream software making it ideal for voice( video and data applications$

6: %e embedded software has a very small footprint( making it ideal for any +1 connected device – even resource constrained ones$

'dditionally( 8ocana=s <evice 0ecurity 3ramework is capable of extending to address emerging threats as well$ %e 3ramework takes full advantage of network connectivity and the benefits this brings in being able to have additional intelligence reside in the net*work versus only in the connected device$ +t provides a holistic approach to security( and can also enable an entirely new class of end customer( network and device independent applications and services( as described below$

INITIAL BEACHHEAD: DEVICE SECURITY !nce a <evice 0ecurity 3ramework is in place( it can be used to perform a number of functions necessary for securing and operating device networks$ 8ocana provides not only the 3ramework itself( but also several initial applications necessary for nearly all de*vice network deployments$ 'mong the first of these network applications is a solution for Bertificate 8anagement( allowing its customers to provide certificate*level security and identification for devices on their networks$

2o understand the value of Bertificate*based security takes a brief description of the pro*cedure itself$ +f a theoretical entity( 'lice( wants to receive secured communications over a network( she uses her own unique algorithm to create both a 1ublic Uey and a 1rivate Uey$ ?hile these two encryption devices are related( one cannot be used to determine the other$ 's an analogy( if 'lice wanted to receive a secure object in the mail from her friend Aob( she might first send him an open padlock( the key to which she kept herself$ Aob could then use that lock to secure his message before sending it( knowing that only 'lice using her key can open it$ +n this analogy( the key 'lice kept is her 1rivate Uey( and the lock she sent out is her 1ublic Uey$ 'lice could make these open locks available for anyone who wants to send her a message( knowing that the messages( once locked( will only be readable by her$

?hile this structure seems secure( it creates another problem; how does Aob know for sure that the lock he=s using to secure his message is actually 'lice=sC +n the digital realm where 1ublic Ueys abound( it is even more conceivable that a malicious hacker could publish a 1ublic Uey claiming it to be 'lice=s( when in fact it is not$ 2o solve this problem

20



[email protected]

requires a 2rusted %ird 1arty( or Bertificate 'uthority( known and acknowledged by both 'lice and Aob$ %is third party would know exactly what 'lice=s 1ublic Uey should look like( and by confirming with its own "<igital 0ignature# that the 1ublic Uey Aob is receiving matches that which they have on record for 'lice( could verify her identity so that the secure transaction may proceed$ %is is exactly what a Bertificate does – it is an electronic document containing the digital signature of a trusted third party that links a public key with an identity$

Bertificates are typically issued with expirations dates in the range of about one year( so they do not need to be issued for each transaction5 they can be re*used for a period of time as long as the identification information of either party has not changed$ ?hile cer*tificate*based security is among the most e&ective methods for securing communications on a network( it also leads to several accompanying tasks that are often labor intensive$ 2raditionally( certificate management – including enrollment V renewal( revocation( expiration( query( etc$ – is a manual process$ Aut with the size and growth of device networks( manually managing these tasks does not scale$ Auilt on the 0imple Bertificate Gnrollment 1rotocol 90BG1:( an evolution of the protocol developed for traditional 9non*device*centric: networks by Lerisign and Bisco 0ystems( 8ocana=s Bertificate 8anage*ment application allows for automation of these and other common tasks$

Bertificate*based security for networked devices completely shifts the paradigm of how manufacturers and users may conceive of their devices$ 3rom an information perspective( once a device and its identity are trusted( so too is any other information it might convey about itself and its environment$ %is might range from location information( to usage data( to information about or from other devices near it$ 0imilarly( once a user=s identity can be tied to a device in a secure fashion( user names and passwords become unneces*sary$ %e ability to incorporate and transmit this accompanying information opens the door for the creation of a whole new class of services to end*users$ +n addition to basic services required for device network operation( such as certificate management( a tidal wave of yet inconceivable applications is just over the horizon$

DEVICE SECURITY FRAMEWORK FUTURES Balling this new platform a <evice 0ecurity 3ramework is somewhat restrictive$ ?hile security is its first and most important capability( the 3ramework allows for the secure delivery of any services or applications to devices on the network$ +n a broader context(

21



[email protected] • 800.595.9368 • 415.615.9400 • +41 435 000 153

this trend of linking devices with accompanying services has been in the marketplace for some time now$ Nust consider the previously mentioned i1od and i2unes( 2iLo service and the 2iLo box( H+8 Alackberry handhelds with data service plans$ %ese are all examples of traditional product manufacturers that have distinguished themselves by pairing their devices with high*value services$ >arbor Hesearch has been tracking this market trend for several years( and while it has been gaining recognition( device*centric services have not yet seen the explosive growth that has been predicted$

Kow it is apparent that di)culties with security and identification of devices on a net*work – and the secure scalability of those networks themselves – have thus far hampered their growth( both in a literal sense and in the broader market$ ?ith the combination of its technology and its relationship with device makers and chip manufacturers( 8ocana is in the unique position to remove this significant obstacle from the equation and spur the growth of this burgeoning service industry$ Ay doing this( 8ocana has the potential to capture enormous value for itself and its ecosystem$ %e success of the i1od created a billion*dollar side industry for accessories( while keeping its network services proprietary$ +n the near future( we will see an abundance of devices on open networks( allowing the creation of an enormous new side industry – that of third party device*centric service providers$

8ocana has a keen awareness of this potential( as demonstrated by their ongoing e&orts to build partnerships within the device networking community$ %eir support of open standards shows that the company realizes that the real value of device networks will only be revealed upon arrival of those pervasive device applications and services$ ?hile security is most certainly a prerequisite to that( and a catalyst for much initial growth( it will be the applications delivering tangible value to device users that will bring device networking to the mainstream$ %e di)culty here is that these future device services will not be uniform$ ?hile there are a large number of horizontal Ketwork 'pplications( each device type( each customer segment( each industry will demand its own end cus*tomer facing device applications and services$ %e requirements are so far*reaching that no single company could ever anticipate and meet everybody=s needs$ Mike the networks themselves( the customer facing applications provided over them will be fragmented$ ?hat 8ocana does is provide the platform on which a whole new class of secure( identity based( device and network independent applications and services can be built$ 8ocana is getting the ball rolling by providing some initial necessary Ketwork 'pplications$ 3rom here they are open to partnering with third*party software developers wishing to build these applications of the future$

22



[email protected]

MOCANA NOW <espite the futuristic overtones to much of this analysis( it is most important to realize that this device networking trend is happening right now$ Kowhere is this exemplified better than by the fact that 8ocana has already built a substantial base of customers( some of which are listed below( including several 3ortune 7// companies( and many others of equal significance in their functional areas$

3rom major device manufacturers( to communications companies( to chip vendors( 8ocana=s <evice 0ecurity 3ramework is already being embedded into many of the de*vices we see every day$ %ese customers range from consumer and industrial device manufacturers( to makers of network infrastructure products( to communication provid*ers$ ?ithin this mix also sits several extremely significant adopters of components of 8ocana=s <evice 0ecurity 3ramework and its components( including Kortel Ketworks( >oneywell( 1hilips( 0iemens( and more$

Ay adopting 8ocana=s software( or even incrementally exploring the option( all of these companies are demonstrating to customers( investors( and the broader market that they have a grasp on the coming wave of device networking$ Kot only do they understand the phenomenon( but they are showing their commitment to securing the communication of these devices( and to doing so in an open( extensible fashion that will allow them to

Sample Adopters of Mocana’s Technology Are Diverse

23



[email protected] • 800.595.9368 • 415.615.9400 • +41 435 000 153

be active participants in the growing corporate communities providing smart products and services$

WHERE IT IS VERSUS WHERE IT’S HEADED %is white paper has discussed the evolution of device networking( and the phenome*non=s scale upon arrival$ +t has highlighted some of the benefits of our new Ketworked 0ociety( but also its potential dangers$ +t has explained the details of how these networks will operate technically( architecturally( and organizationally$ %e net of this analysis brought to light the need for creating a <evice 0ecurity 3ramework in order to scalably manage( e&ectively secure( and reliably identify devices on our shared global network$

Aut management( security( and identification are just the tip of the iceberg$ %ese are the absolutely necessary prerequisite functions that must be in place in order for our Ketworked 0ociety to begin to bloom$ !nce established( a wide range of new applica*tions will begin to be developed$ 0ome will run behind the scenes( addressing emerging bottlenecks around e)ciency and scalability$ !thers will be more visible( delivering a new level of personalized information to us and to our devices 4QxR$

?hile most of this value will be created by a vast ecosystem of companies and develop*ers making their way into the realm of <evice Ketworking( 8ocana will continue to develop and add to the <evice 0ecurity 3ramework enabling it all$ ?hether by giving us confidence through continuing to strengthen security( or by creating new uses for the certainty of device identification( 8ocana will continue to be a catalyst for development of <evice Ketworking( and a driving force behind one of the most disruptive yet benefi*cial phenomena of ours or anyone=s lifetime$

24



[email protected]

About Harbor Research, Inc.Harbor Research Inc. has more than twenty years of experience providing strategic consulting and research services to high technology clients. Harbor’s strategy and business development work is organized around emergent and disruptive opportu-nities, with a unique focus on the impact of the Pervasive Internet—the use of the Internet to accomplish global device networking that will revolutionize business by unleashing entirely new modes of system optimization, customer relationships, and service delivery.

Harbor Research’s clients are leaders in communications, computing, control, and content. Harbor Research has built extended relationships with larger multi-line companies including AT&T, ABB, Agilent, General Electric, Danaher, Eaton, Emerson, Hewlett Packard, Hitachi, Honeywell, Hughes, IBM, Intel, Invensys, Motorola, Rock-well, Siemens, and Texas Instruments, as well as with growth companies such as EMC, Cisco Systems and Qualcomm. We also work with a broad array of emergent start-ups and pre-IPO technology ventures. We have built relationships with a number of signi!cant Pervasive Internet players, including Ember Corporation, Questra Corpo-ration, GridAgent, DeepStream Technologies and Dust Networks, to name a few.

CONTACTGlen Allmendinger, PresidentHarbor Research, [email protected]

25



[email protected] • 800.595.9368 • 415.615.9400 • +41 435 000 153