Your SlideShare is downloading. ×
0
What is wrong with the Internet? [On the foundations of internet security, fundamental flaws, and the way forward] | Turing100@Persistent
What is wrong with the Internet? [On the foundations of internet security, fundamental flaws, and the way forward] | Turing100@Persistent
What is wrong with the Internet? [On the foundations of internet security, fundamental flaws, and the way forward] | Turing100@Persistent
What is wrong with the Internet? [On the foundations of internet security, fundamental flaws, and the way forward] | Turing100@Persistent
What is wrong with the Internet? [On the foundations of internet security, fundamental flaws, and the way forward] | Turing100@Persistent
What is wrong with the Internet? [On the foundations of internet security, fundamental flaws, and the way forward] | Turing100@Persistent
What is wrong with the Internet? [On the foundations of internet security, fundamental flaws, and the way forward] | Turing100@Persistent
What is wrong with the Internet? [On the foundations of internet security, fundamental flaws, and the way forward] | Turing100@Persistent
What is wrong with the Internet? [On the foundations of internet security, fundamental flaws, and the way forward] | Turing100@Persistent
What is wrong with the Internet? [On the foundations of internet security, fundamental flaws, and the way forward] | Turing100@Persistent
What is wrong with the Internet? [On the foundations of internet security, fundamental flaws, and the way forward] | Turing100@Persistent
What is wrong with the Internet? [On the foundations of internet security, fundamental flaws, and the way forward] | Turing100@Persistent
What is wrong with the Internet? [On the foundations of internet security, fundamental flaws, and the way forward] | Turing100@Persistent
What is wrong with the Internet? [On the foundations of internet security, fundamental flaws, and the way forward] | Turing100@Persistent
What is wrong with the Internet? [On the foundations of internet security, fundamental flaws, and the way forward] | Turing100@Persistent
What is wrong with the Internet? [On the foundations of internet security, fundamental flaws, and the way forward] | Turing100@Persistent
What is wrong with the Internet? [On the foundations of internet security, fundamental flaws, and the way forward] | Turing100@Persistent
What is wrong with the Internet? [On the foundations of internet security, fundamental flaws, and the way forward] | Turing100@Persistent
What is wrong with the Internet? [On the foundations of internet security, fundamental flaws, and the way forward] | Turing100@Persistent
What is wrong with the Internet? [On the foundations of internet security, fundamental flaws, and the way forward] | Turing100@Persistent
What is wrong with the Internet? [On the foundations of internet security, fundamental flaws, and the way forward] | Turing100@Persistent
What is wrong with the Internet? [On the foundations of internet security, fundamental flaws, and the way forward] | Turing100@Persistent
What is wrong with the Internet? [On the foundations of internet security, fundamental flaws, and the way forward] | Turing100@Persistent
What is wrong with the Internet? [On the foundations of internet security, fundamental flaws, and the way forward] | Turing100@Persistent
What is wrong with the Internet? [On the foundations of internet security, fundamental flaws, and the way forward] | Turing100@Persistent
What is wrong with the Internet? [On the foundations of internet security, fundamental flaws, and the way forward] | Turing100@Persistent
What is wrong with the Internet? [On the foundations of internet security, fundamental flaws, and the way forward] | Turing100@Persistent
What is wrong with the Internet? [On the foundations of internet security, fundamental flaws, and the way forward] | Turing100@Persistent
What is wrong with the Internet? [On the foundations of internet security, fundamental flaws, and the way forward] | Turing100@Persistent
What is wrong with the Internet? [On the foundations of internet security, fundamental flaws, and the way forward] | Turing100@Persistent
What is wrong with the Internet? [On the foundations of internet security, fundamental flaws, and the way forward] | Turing100@Persistent
What is wrong with the Internet? [On the foundations of internet security, fundamental flaws, and the way forward] | Turing100@Persistent
What is wrong with the Internet? [On the foundations of internet security, fundamental flaws, and the way forward] | Turing100@Persistent
What is wrong with the Internet? [On the foundations of internet security, fundamental flaws, and the way forward] | Turing100@Persistent
What is wrong with the Internet? [On the foundations of internet security, fundamental flaws, and the way forward] | Turing100@Persistent
What is wrong with the Internet? [On the foundations of internet security, fundamental flaws, and the way forward] | Turing100@Persistent
What is wrong with the Internet? [On the foundations of internet security, fundamental flaws, and the way forward] | Turing100@Persistent
What is wrong with the Internet? [On the foundations of internet security, fundamental flaws, and the way forward] | Turing100@Persistent
What is wrong with the Internet? [On the foundations of internet security, fundamental flaws, and the way forward] | Turing100@Persistent
What is wrong with the Internet? [On the foundations of internet security, fundamental flaws, and the way forward] | Turing100@Persistent
What is wrong with the Internet? [On the foundations of internet security, fundamental flaws, and the way forward] | Turing100@Persistent
What is wrong with the Internet? [On the foundations of internet security, fundamental flaws, and the way forward] | Turing100@Persistent
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

What is wrong with the Internet? [On the foundations of internet security, fundamental flaws, and the way forward] | Turing100@Persistent

454

Published on

Sanjay Deshpande, CEO and Chief Innovation Officer, UNIKEN Inc talks about - "What's exactly wrong with the Internet?"

Sanjay Deshpande, CEO and Chief Innovation Officer, UNIKEN Inc talks about - "What's exactly wrong with the Internet?"

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
454
On Slideshare
0
From Embeds
0
Number of Embeds
4
Actions
Shares
0
Downloads
0
Comments
0
Likes
1
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. 1 © Copyright 2010 UNIKEN Inc. All rights reservedInnovation CenterProductByThe Core ProblemWhat’s exactly wrong with theinternet?
  • 2. 2© Copyright 2012 UNIKEN Inc. All rights reservedwww.uniken.comSo what’s wrong with it!! Nothing!!!• It’s cheap• Anyone can use it (no permissions required for accessing it!)• It’s available and pervasive (almost everywhere now)• Anyone can create any website, put any content, on a server, with an IPaddress with absolutely NO GOVERNMENT CONTROL!• Its freedom and democracy at its best!w w w. u n i k e n . c o m
  • 3. 3© Copyright 2012 UNIKEN Inc. All rights reservedwww.uniken.comThe Internet Classificationwww.uniken.comResources thatREQUIREAccess Control[Online Banking][www.bankofamerica.com]Resources that DONOT require AccessControl[News][www.cnn.com]Users who wantprivacy and identityprotectionUsers who DO NOTwant privacy andidentity protectionNeedsSecurePrivateCommunicationDoes not needSecurePrivateCommunication
  • 4. 4© Copyright 2012 UNIKEN Inc. All rights reservedwww.uniken.com
  • 5. 5© Copyright 2012 UNIKEN Inc. All rights reservedwww.uniken.comTHE CORE PROBLEMTHE CURRENT INTERNET INFRASTRUCTURE CANNOTGUARANTEE THAT THE USER IS CONNECTING TO THEDESIRED AUTHENTIC SERVER AND THE SERVER IS TALKINGTO AN AUTHENTIC PRIVELEGED USERIT AT BEST PROVIDES ENCRYPTION WITH NO GUARANTEEON IDENTITY OF PARTIES INVOLVED IN THECOMMUNICATION!!!
  • 6. 6© Copyright 2012 UNIKEN Inc. All rights reservedwww.uniken.comInternet Evolution – A simplified view[ARPANET]TCP/IPDNSRoutersTLS/SSLBrowsersHTMLUDPWeb2.0IPSECDNSSECEvolutionDigitalCertificates Tokens (OTP)Site-Key
  • 7. 7© Copyright 2012 UNIKEN Inc. All rights reservedwww.uniken.comCustomer PChostsINTERNETISP DNSServerISPINTERNETCertificateAuthorityFraudster’sMachineFraudster’sMachineFraudster’sMachineMan-in-the-middleSession HijackingReplay AttacksPhishingPharmingBankDatacenterDomainRegistrarRegistrar /OtherDNS ServerMan-in-the-browserMan-on-the-machineModemThe Result!
  • 8. 8© Copyright 2012 UNIKEN Inc. All rights reservedwww.uniken.comThe Internet is being used for something that it was NOTdesigned for in the first place (Online Banking, Online Sharetrading, Enterprise Web-Applications, Mobile InternetBanking! )Its’ designers never claimed the Internet (i.e. the packetswitched network – TCP/IP/UDP) was meant for secure privatecommunications!!
  • 9. 9© Copyright 2012 UNIKEN Inc. All rights reservedwww.uniken.comThe current application services deliverymodel is inherently vulnerable from a securitystandpoint [Download Browser (from anysource) -> Type URL -> Give Password -> Hopefor the best!]
  • 10. 10© Copyright 2012 UNIKEN Inc. All rights reservedwww.uniken.comURL (domain name) (and corresponding DNSinfrastructure) CANNOT be used as identityelements (identity look-up stores)(!)
  • 11. 11© Copyright 2012 UNIKEN Inc. All rights reservedwww.uniken.comSSL/Digital Certificate based Identity/TrustModel is broken and has failed to deliver onits original promise (of providing identity toenterprises) – since it is based on a flawedtrust model
  • 12. 12© Copyright 2012 UNIKEN Inc. All rights reservedwww.uniken.comAvailable end-user identity technologies arenot geared up to tackle the current attackvectors (OTP 2FA /Biometric became obsoletewith the advent of MITM kind of attackvectors)
  • 13. 13© Copyright 2012 UNIKEN Inc. All rights reservedwww.uniken.comThe current Mutual Authentication basedprotocols like IPSEC and the correspondingapplications IPSEC/VPN are not scalable (e.g.Bank and Customers - Million end-points??)
  • 14. 14© Copyright 2012 UNIKEN Inc. All rights reservedwww.uniken.comEnd-Point Computing Environment is the newthreat frontier - What can AV do if theprocessor cannot differentiate between anauthorized and unauthorized machine code(!)
  • 15. 15© Copyright 2012 UNIKEN Inc. All rights reservedwww.uniken.comWHAT IS A PRIVATE(INTERNET)APPLICATIONECOSYSTEM?
  • 16. 16© Copyright 2012 UNIKEN Inc. All rights reservedwww.uniken.comSIMPLIFY ANDSECUREAPPLICATIONECOSYSTEMCREATE A TECHNOLOGY ENABLEDSECURE SERVICE DELIVERYPLATFORM TO ENABLE FASTER TIMETO MARKET AND INCREASED COSTEFFICIENCIESDevice Channel ApplicationsEnterpriseEnd-UserOn PremiseOn CloudDesktop/LaptopSmart PhoneTabletInternet/IntranetEmployeesCustomersPartnersECOSYSTEM CONTEXT
  • 17. 17© Copyright 2012 UNIKEN Inc. All rights reservedwww.uniken.comPUBLIC (mobile) APP ECOSYSTEMSApple (iOS)BlackberryThey are consumer centric and focus ONLY onmobile devices and mobile AppsWhile Apple and Blackberry ecosystems areclosed (controlled store and proprietarydevices) the rest are openEnterprises obviously cant use these consumercentric, platform dependent ecosystems fordistribution, access, control and security forenterprise applications[App Store +(Proprietary) Devices]Google (Android)Windows[App Store + OS]
  • 18. 18© Copyright 2012 UNIKEN Inc. All rights reservedwww.uniken.comPrivate Internet Circuits18BankUsersBankUsers BankUsersUsersmerchantUserseMailUsersSocial NetworkingUsersmerchantOnline Bank and its customersOnline Merchant and its customersOnline Collaboration tools (email, chat etc) and itsusersSocial Networking Websites and its usersOnline News Websites and its readersEnterprises, their employees, their customersand vendorsOnline Government Services and its citizens
  • 19. 19© Copyright 2012 UNIKEN Inc. All rights reservedwww.uniken.comFeatures of a Private Internet Circuit• Safety– Before any communication begins between entities in a PIC, their respective identities are verified byboth entities– All communication is confidential and tamper proof (encrypted)• Privileged and Exclusive– An entity (user, software etc) not having the PIC identity relative to a given online service and the PICaccess system on his/her device will not be able to access the Online Service in the PIC• Moderated and Controlled– A central PIC server will control and enable the online services available to all the users of the PICecosystem– The PIC Server will provision and broker identity relationships in real-time• Open and Extensible– Developers can create PIC compatible Online Services and register it with the Central PIC server fordistribution to the users of the PIC ecosystem19
  • 20. 20© Copyright 2012 UNIKEN Inc. All rights reservedwww.uniken.comPrivate Internet (and Application) EcosystemApplication Store[Manage, Distribute]UserDevice Manager[Manage, Control]User Device ProtectionTechnologyAuthenticationInfrastructureChannel SecurityInfrastructure[Internet/Intranet]Secure ApplicationViewer[Application Renderer]Data SecurityTechnology[Control, Protect]Access ManagementTechnology[Closed, Private]PUBLIC INTERNET SERVICES (B2C)ENTERPRISE APPLICATION SERVICES (B2B or B2E)End-Point ContainerTechnology[Security, Control]
  • 21. 21© Copyright 2012 UNIKEN Inc. All rights reservedwww.uniken.comPRIVATE [CLOSED] INTERNETECOSYSTEMPrivateInternetEcosystemIdentityDeviceSecurityDataSecurityChannelSecurityAccessManagementDeviceManagementAppManagementIdentity ProtectionPersonal Online Identity is secured and protectedClosed and PrivateShould not be accessible/visible from outside of the ecosystemPlatform, Device and Application Type IndependentSupport Multiple OS’s, Laptops/Desktops/Mobiles/Tablets,Web-Apps and Mobile AppsDevice, Application and Data SecurityApplication and Device Management
  • 22. 22© Copyright 2012 UNIKEN Inc. All rights reservedwww.uniken.comEND-USERREQUIREMENTS
  • 23. 23© Copyright 2012 UNIKEN Inc. All rights reservedwww.uniken.comHow do I ?Protect my login credentials of various critical websites (e.g. OnlineBanking, Share Trading)Protect from MITM/PHISHING and other sophisticated attacksProtect my credit card/debit card information while doing ecommercetransactionsManage and Secure my personal Mobile Devices (e.g. Smart Phones,Tablets and Latops)Protect my personal data (e.g. contacts, files)
  • 24. 24© Copyright 2012 UNIKEN Inc. All rights reservedwww.uniken.comMultiple PlatformsWindows, iOS, Android,BlackberryPlethora ofDevicesDesktops, Laptops, MobilePhones, TabletsIdentity ClutterToo Many PasswordsSophisticatedAttacksMITM/PHISHING/PHARMINGSensitive DataPersonal Contacts, Financial dataSecureCommunicationChat/File TransfereMoney SafetyCredit Card/Debit CardEcommerce Transaction Safety
  • 25. 25© Copyright 2012 UNIKEN Inc. All rights reservedwww.uniken.comCIO CHALLENGES
  • 26. 26© Copyright 2012 UNIKEN Inc. All rights reservedwww.uniken.comHow do I ?Protect Enterprise Data from leaking outQuickly deploy and rapidly roll-out new enterprise application servicesManage and Secure Mobile DevicesManage Enterprise Web-Apps and Mobile AppsProvide Secure Remote Access to Enterprise Applications to partners and customers and not just employeesProtect enterprise information/applications from MITM/PHISHING and other sophisticated attacksProtect Online and Offline ContentProvide Authentication to End-Users [2FA and 3FA]Provide remote support to enterprise devicesReduce the total cost of application infrastructureAnd many more such critical security and application management requirements..
  • 27. 27© Copyright 2012 UNIKEN Inc. All rights reservedwww.uniken.comMultiple PlatformsWindows, iOS, Android,BlackberryMultiple User TypesCustomers, Partners, ExecutiveManagement, EmployeesPlethora ofDevicesDesktops, Laptops, MobilePhones, TabletsIdentity ClutterToo Many PasswordsComplex EnterpriseApplication LandscapeOn-Premise Web-Apps, Mobile Apps,Hosted/Cloud Based AppsMultiple NetworkTypesIntranet and InternetShorter CyclesQuick Development and Launch,increasing business speed anddecreasing budgets!
  • 28. 28© Copyright 2012 UNIKEN Inc. All rights reservedwww.uniken.comTHE REL-ID WIDGET Simple Client Side Softwarethat you download fromThe REL-ID GATE on yourdesktop/Laptop/MobilePhones/Tablets Configure your web-siteson the REL-ID widget andenter your private secureinternet world! The REL-ID Widget connectsto your configured web-sites through the REL-IDGATE (a cloud or on-premise based PrivateInternet Infrastructure)Gate MyDataConnect MyCardSettings Exit
  • 29. 29© Copyright 2012 UNIKEN Inc. All rights reservedwww.uniken.comVISUALS(LAPTOPS/DESKTOPS)
  • 30. 30© Copyright 2012 UNIKEN Inc. All rights reservedwww.uniken.com
  • 31. 31© Copyright 2012 UNIKEN Inc. All rights reservedwww.uniken.com
  • 32. 32© Copyright 2012 UNIKEN Inc. All rights reservedwww.uniken.comEnter previously set DevicePin
  • 33. 33© Copyright 2012 UNIKEN Inc. All rights reservedwww.uniken.com
  • 34. 34© Copyright 2012 UNIKEN Inc. All rights reservedwww.uniken.comIB User Id will getprepopulated
  • 35. 35© Copyright 2012 UNIKEN Inc. All rights reservedwww.uniken.comVISUALS(MOBILE PHONES AND TABLETS)
  • 36. 36© Copyright 2012 UNIKEN Inc. All rights reservedwww.uniken.com
  • 37. 37© Copyright 2012 UNIKEN Inc. All rights reservedwww.uniken.com
  • 38. 38© Copyright 2012 UNIKEN Inc. All rights reservedwww.uniken.com
  • 39. 39© Copyright 2012 UNIKEN Inc. All rights reservedwww.uniken.comREL-IDSecure ClientAppContainersWeb-Apps are visible andaccessible only if they areprovisioned in REL-IDGATETMDesktop/Laptop REL-ID WidgetREL-ID Web App Viewer(Micro-Web-Apps)REL-ID Mobile APP ContainerREL-ID Widgetsecurely connects to theWeb-Apps via R-PCCREL-ID Web App-Viewer
  • 40. 40© Copyright 2012 UNIKEN Inc. All rights reservedwww.uniken.comREL-IDGATEREL-IDGATEApp ManagementIdentity ManagementDevice ManagementAuthentication(2FA/3FA)Access ManagementR-PCC* Over Intranet R-PCC* Over InternetSecureChannelEnterprise Web-Apps[Virtual Image]Enterprise Mobile Apps3rd Party Web-Apps[Virtual Image]3rd PartyMobile AppsCommand CenterSecureChannelEmployeePartnerCustomerREL-ID Widget(Secure ClientApp Container)Mobile Phones,Tablets,Desktops andLaptops*R-PCC:REL-ID Private Communication Channel (Encrypted)THE REL-ID ECOTMInternetPrivateDataCenter
  • 41. 41© Copyright 2012 UNIKEN Inc. All rights reservedwww.uniken.comNetworkREL-ID Private Communication Channel (R-PCC)Mutually Authenticated Communication Handshake (MITMProof)Encrypted Communication (optional), High-Speed andConcurrentHorizontally Scalable (Millions of End-Points)Assets behind R-PCC are not visible to the Internetand hence protected from various attacksRequires zero admin privileges on end-user devicesIs created ON-DEMANDIs agnostic to the underlying NETWORK (Internet orIntranet)RPCC Agent can be embedded in any third party applicationstack (both software and firmware)Application ApplicationREL-ID PCCAgentR-PCC (REL-ID Mutually Authenticatedand Encrypted Channel)Internet or Intranet
  • 42. 42© Copyright 2012 UNIKEN Inc. All rights reservedwww.uniken.comNetworkEnd-User DeviceLaptopMobile PhoneTabletDesktopREL-ID Secure Container(Safe Zone)REL-ID Secure (encrypted)Data Zone3rd PartyBrowserREL-ID Web-AppViewerEnterprise AppsDesktop/Laptop/MobileREL-IDMulti-FactorAuthentication2FA/3FAR-PCC AgentR-PCCREL-ID Secure Container Technology (R-SCT)REL-ID Device Fingerprinting andBindingREL-IDDeviceManagementAnd ControlModule

×