What future for the security of communications?
No need to remind our readers that our world is going through an intense digitalization, only accelerated by the recent pandemic… And communications are at the heart of this digital transformation. Indeed, information continuously travels back and forth, between devices, objects and servers, in the shape of digits forming bytes, parts of packets and datagrams.
In the “Future of secure communications” series of blog posts, our experts explore several challenges that are shaping or will shape the security of those communications. Those challenges range from the emerging promises of cryptography, to the particular risks satellite communications and 5G/6G technologies are facing, not forgetting connected objects (Internet of Things and Industrial systems).But, before going into those detailed blog posts, let us think about the basics : can we find common security pain points and challenges that characterize all digital communication technologies? Can we break them down to a set of basic, interlinked principles?
The basic principles for secure communications
Every Information Security professional will think, immediately, about Confidentiality, Integrity and Availability, known as the CIA triad. But many other aspects have been extensively discussed as missing in the triad, like Non-repudiation, which is the capacity to prevent the source to falsely deny their actions, Authorization, which many will embed as part of confidentiality, or Authenticity, which ensures the source identity. The later was one of 3 additional principles, with Possession (aka Control) and Utility, added to the triad by Donn B. Parker in 1998, in what is since known as the Parkerian Hexad. Both these models are interesting, because they don’t simply consider their principles (respectively 3 and 6) as individual, parallel, concepts, but as totally interlinked, like the feet of a stool or table. Information or communication security cannot stand if one of them is missing, but these principles often also compete against each other : for example, you could strengthen confidentiality at the detriment of availability, by having your data unreachable, even for your business users. So, it is about finding the best possible balance. And this balance, like every stool or table, depends on its materials and objective. It means that every organization might establish a different balance between all the basic principles according to its business, priorities, “raison d’être” and risk appetite.
One first step : Identity Proofing
More pragmatically, when two, or more, entities communicate together, you need first to ensure that you are certain of the other parties identity. This will relate partly to confidentiality, but also authenticity and non-repudiation. It can also take many different forms and present various challenges. Indeed, the future communications will be greatly automated, or won’t be. Automated, means that humans will take lower stake in the communications themselves. Proving, without a doubt, the identity of an object, sensor, vehicle or of an application or technical service might seem similar in principle than for a human but in terms of underlying technology you cannot challenge the object or service as you challenge a human. In the most secure systems, it often relies on asymmetric cryptography, also called, public key cryptography and secrecy of the object or service private key. Our experts will explore these notions in their blog posts and highlight why Post Quantum Cryptography is so important, not only for data confidentiality and integrity but for objects authenticity and non-repudiation as well.
Information continuously travels back and forth, between devices, objects and servers, in the shape of digits forming bytes, parts of packets and datagrams. Explore several challenges that are shaping or will shape the security of those communications, from the emerging promises of cryptography to the particular risks satellite communications and 5G/6G technologies are facing, not forgetting connected objects.
A second step: securing access
Once you are certain of the identities of the communication parties, you need to align their capabilities to what they are authorized to do, enforcing these authorizations according to least privilege strategies (ensuring a “need to know/do” principle), and maintaining them over time. Indeed, no system should ever be designed as static, it will evolve, the role of actors will also evolve and so their authorizations should continuously be aligned.
And now, is your network safe?
So, now you are sure you know who communicates with whom and what they are entitled to do. Is it enough? Of course not, as highlighted in zero trust concepts and ideas, you cannot trust the communication network to be safe, your information could be read (confidentiality), modified (integrity), or disrupted (availability) by unauthorized third parties. Again encryption can save you (confidentiality and integrity) as long as it is properly managed. If not, you can expose the availability and utility of the communicated data. It is also important to consider that, in many situations (if not all of them) you cannot fully, blindly, trust the other communication entity even though you are certain of its authenticity and authorizations. It could (it does) have different objectives than yours, but it could also, simply be less secured thus be compromised. Some experts call it the admissibility problem, the fact that the source, although legitimate could be compromised. This problem is frequently exploited by hackers through phishing. Finally, the trust problem, also touches the area of “data in use” which is currently a huge challenge, addressed by areas of research known as “Privacy-enhancing technologies”, amongst which, Fully Homomorphic Encryption, or FHE, is considered the Holy Grail.
Zero trust, security by design & dynamic security: the way forward?
Although we now know who speaks with whom and we have protected their communications, are we safe ? Is that it? Unfortunately, as strong as your security controls could be, there is no perfect security measure. You have to assume that you will be breached. The consequence is that you have to constantly monitor the communications for signs of misbehavior, be it an unauthenticated party (external intrusion or communication error) or an authenticated party (malicious, compromised or, again, a communication error). Again, zero trust concepts and ideas come at the rescue. They claim that above discussed protections should be able to change dynamically and your system able to adapt, even during a communication session, at every request, not forgetting to reduce the attack surface of your systems and communications through hardening. It is worth noting however that once the communication system is in place, it is difficult to adapt it to the above principles, if those have not been taken in consideration during the design. This is why security by design is so important to the future of communications. 5G/6G, satellite protocols and other future communication systems should plan for those principles since their design.