David Gell, Chief Strategy Officer
When it comes to ensuring safety and reliability of connected devices, organizations with a stake in IoT are well aware of the significance of a robust security solution—the foundational enabler of IoT. The challenge has always revolved around finding the most effective ways of implementing IoT security at device, network, and system levels. While traditional certificate-based (PKI) security models purposed to provide a protective shield were initially successful, their centrally-administered architectures limited them from scaling as companies’ IoT networks diversified. Additionally, PKI systems are not equipped to provide rapid and frequent updates to security credentials at multiple endpoints.
The question, “What if it was possible to secure the different IoT communication links of an organization with unique security credentials that could be updated frequently?” kindled the idea behind Olympus Sky’s exceptional IoT security approach: an end-to-end, autonomous, decentralized network security solution.
David Gell, CSO of Olympus Sky, expounds the benefits of employing a decentralized security approach. Firstly, because of the distributed, autonomous nature of their security architecture, no human intervention is needed to provision, revoke, or refresh security credentials—reducing the administrative overhead significantly. “Secondly, as each communication node has its own unique set of security credentials and node security can be refreshed frequently, the threat surface is significantly decreased,” states Gell.
Built on this distinctive security technology approach is Olympus Sky’s connected security solution—Zeus. “Zeus’ core is a decentralized cryptographic authentication protocol known as Autonomous Key Management (AKM), which is designed to negate the complexity and scalability setbacks of PKI-based network architectures,” remarks Bart Shields, CEO/CTO of Olympus Sky.
By eliminating public key exchanges, Zeus enables encrypted network communications with negligible latency. Further, as the security credentials are never exchanged between nodes within a Zeus security mesh, it is exceedingly difficult for cybercriminals to breach a network or intercept information. Even if a breach occurs, Zeus networks dynamically and automatically re-establish new security credentials across the security mesh to repulse the intrusion.
The implementation process of Zeus involves integrating Zeus Kernels—small code apples—across each IoT endpoint or device. “It is the Zeus Kernel that enables us to provide our decentralized, distributed IoT security model,” says Gell. Another important element of Zeus’ security suite is the administration and provisioning toolkit, a server-based solution where a client-defined trusted IT environment is used for initial provisioning. Following this preliminary step, the toolkit is utilized for continuous evaluation and management of security parameters such as credential adjustments or node additions at various endpoints. Gell mentions that initial provisioning is extremely important in making security systems stronger and more reliable. Olympus Sky works in tandem with numerous vendors of hardware security modules to continuously strengthen their provisioning system. Alternatively, Olympus Sky employs a hybrid provisioning model, leveraging existing PKI investments of a customer to acquire all the necessary information for initial provisioning, without needing to define any trusted environment. “Presently, we are also devising an intrusion detection system as an added feature within the administration toolkit to enable organizations to detect and report malicious behaviors in real time (self-healing),” adds Shields.
Olympus Sky’s commitment lies not only in providing exceptional security modules but also in ensuring its solutions are economical. Gell foresees a big opportunity in analytics-driven security and intends to continue foraying in that direction, thus, bringing significant changes to the IoT security space.