It’s time for security provisions to catch up with software development

Posted By: Nick Smith, Thales e-Security
15 Feb
2017
Categories : Data Security            1Comments           

As Marc Andreessen once said, “software is eating the world”.

As technology becomes a differentiator in all market segments, we’ve seen an explosion in the development and use of software over the past decade. Driving this innovation is the ease of consumption afforded by the roll-out of high speed internet connections everywhere as well as the miniaturisation of devices that can consume digital services.

Verifying the state of your on-premise or in-cloud digital infrastructure on you iPhone whilst ordering a skinny latte from Starbucks is the new normal. Software is enabling a change in the way in which we work, as well as in our personal lives.

The ability to digitise the world is driven by many factors. From a software standpoint, embracing the architecture of the world-wide web, as well as the development of new frameworks and languages that make network services first class concerns, have collectively made the development of digital services quicker and easier to integrate.

When we think of storage for new services we now look to a thinly provisioned network connected to Object Stores, not to a local SAN.  Indeed, new architectures are now completely obfuscating all aspects of traditional IT systems. Server-less architectures are about code and APIs; Operating Systems and storage are no longer relevant.

In stark contrast to this trend, security services – particularly strong crypto services – have remained traditional in their offerings. They cower behind interfaces such as PKCS#11, designed in a time when C was the staple application programming language, and thus hindering modern applications from being able to consume and make use of strong application security services.

In the modern world, Javascript, Go and their ilk are what C was in the 90’s yet, as an industry, our interface de jour remains what it was, including abstractions which are no longer relevant and in a form that is no longer “native” to the modern application developer.

Thankfully, here at Thales e-Security, we’re trying to do something about that.

Over the past year the Technology Strategy team has been planning and contributing – both internally and to the open source community –  to provide new interfaces designed to be first class citizens of the modern world. This includes development of new security architectures and RESTful interfaces that are web-friendly for our next generation products, as well as making our existing interfaces integrate more seamlessly with new languages and frameworks.

A great example is our contribution to the Open Source Graphene project which aims to bring the functionality of PKCS#11 to a Node application whilst making the application binding feel native, re-using common patterns and practices you’d expect to see in a Javascript application.

Whilst increased digitisation is undoubtedly a good thing, we must remain cognisant that, as our lives become more “online”, we must protect our digital assets even more securely. To do this we must improve the consume-ability of strong security services to ease the burden for both enterprises and for customers so that we can have confidence going forward and to support future innovations.

Thales has unveiled a new cloud-ready HSM to deliver crypto services for modern applications – more details here.

Attending RSA and have crypto-related questions? Come visit us at booth #1007, South Hall, Moscone Center in San Francisco on February 13-17, 2017.

Quantum Resistance – Algorithm Flexibility Practicalities
RSA Conference 2017: Highlights and Innovations

Written by Nick Smith

View all posts by: Nick Smith
  • http://appsforsys.com/ vijayasimha

    I am truly delighted to glance at this blog posts which includes plenty mobogenie
    of valuable information, thanks for providing such information.