The annual conference of the Association of Anti Virus Asia Researchers, “AVAR 2010,” was held last November 17–19, 2010 in Bali, Indonesia. More than 30 papers were presented covering the latest threat landscape updates, the roles of governments in information security, mobile malware, testing methodologies, malware sample handling, polymorphic malware detection, sandboxing, and other topics of interest to the security industry.
Trend Micro presented on two topics during the conference. Software architect Liang-Seng Koh and I presented “Buckle Up Security Belt When Enjoying Ride on Internet of Things,” which talked about the security challenges in relation to the “Internet of things.” The Internet of things is a concept that refers to the idea of ordinary objects being wirelessly interconnected via technologies like radio frequency identification (RFID) tags and near field communication (NFC).
I talked about the opportunities and challenges that these emerging technologies posed and the security challenges that would accompany the said opportunities. To effectively protect users from the new threats that may take advantage of the Internet of things, we proposed a new security model to take into consideration the concept’s unique characteristics with the use of the power of cloud computing. One aspect of this new model requires outsourcing content security to the cloud. Another is authentication, for which a three-way authentication scheme based on public keys and the existing ISO 9798-2 standard was proposed to serve as the first layer of protection.
Read the rest of this entry »