This week’s Smart DevOps roundup features developments that aims to intensify the security of the Internet of Things.

BlackBerry’s CHACE security initiative

BlackBerry Ltd. has introduced BlackBerry Center for High Assurance Computing Excellence (CHACE), which is an initiative that aims to expand the company’s research and development with regards to the security of the connected world. The initiative will extend the company’s state-of-the-art competencies in vulnerability prevention and enable the application of high assurance security research to real-world products and services.

“There’s a belief that the key to the world’s security issues is to patch faster, but this hamster wheel fails to address the root issue,” said David Kleidermacher, Chief Security Officer, BlackBerry. “Systems that require regular patching always contain vulnerabilities unknown to developers, and some of these vulnerabilities are in fact known by would-be attackers. It’s clear we must build systems that are provably devoid of security flaws. The software and security engineering required to meet this objective is sadly rare today and must become commonplace. CHACE is BlackBerry’s initiative towards this goal, and we welcome all who wish to join the fight.”

 .

HYPR 3-factor biometric security for IoT

HYPR Corp. has developed a security platform that utilizes three-factor authentication to keep the Internet of Things properly secured. It provides military-grade security for consumers, developers, the enterprise, small and medium-sized businesses as well as government agencies that utilizes connected devices.

HYPR is an open platform that enables device-to-cloud three-factor security by leveraging existing biometric processors in devices. The three factors are:

1. Something I have – the biometric trusted execution zone located on biometric devices.
2. Something I am – the actual biometric signature of the user (face, retina, fingerprint)
3. Something I know – the application layer pin, password, or any other form of knowledge-based credentials.

HYPR developed a biometric security developer kit that can be bought as an individual purchase for $50 which will start shipping in July.

 .

GuardRail for IoT

ScriptRock Inc. has partnered with Ninja Blocks Pty Ltd. to pioneer security and support for the Internet of Things by shipping GuardRail on chip in the new generation of Ninja Spheres smart home hub. GuardRail is the DevOps system of record and is already used by enterprises to continuously test complex, fast-moving infrastructure. GuardRail ensures the Sphere is secure by continuously monitoring and validating the state of the device so intrusive changes can be immediately detected and remotely resolved.

photo credit: Marika via photopin cc