牛牛|体育

                                        Get the ECT News Network Editor's Pick Newsletter » View Sample | Subscribe
                                        Welcome Guest | Sign In
                                        TechNewsWorld.com

                                        Linux-Powered Azure IoT Security Platform Arrives

                                        By Jack M. Germain LinuxInsider ECT News Network
                                        Feb 25, 2020 10:38 AM PT
                                        microsoft's azure sphere promises a new level of internet of things security


                                        lead genB2B Lead Generation Service
                                        Reach key decision makers with sales-ready leads that shorten your sales process. Move the needle by delivering funnel qualified leads to your sales team. Learn more.

                                        After several years of building and testing previews, Microsoft on Monday announced the general availability of its Azure Sphere secure IoT service.

                                        Microsoft first introduced Azure Sphere in 2018, opting to use its own version of a Linux operating system instead of Windows 10 to drive its new Azure Sphere OS to securely connect Internet of Things devices.

                                        Azure Sphere is a platform connecting microcontroller units embedded within IoT devices. The platform operates a new MCU crossover class that combines both real-time and application processors with built-in Microsoft security technology and connectivity.

                                        Each chip includes custom silicon security technology Microsoft developed. Azure Sphere leverages a custom Linux-based kernel. The kernel runs in supervisor mode, along with a boot loader, and is tuned for the flash and RAM capabilities of the Azure Sphere MCU.

                                        Security is one of the leading barriers to expanding IoT adoption safely. Microsoft hopes to lock down IoT device security with its cloud-based delivery solution. The company sees its mission as empowering organizations to create and connect secure, trustworthy IoT devices in order to encourage innovation.

                                        The number of connected devices is expected to reach 20 billion units this year. Microsoft expects IoT adoption to accelerate to provide connectivity to hundreds of billions of devices. Such massive growth would increase the risks for unsecured devices.

                                        General availability for Azure IoT is good news for the industry as enterprises will be most comfortable with platforms from companies like Microsoft, VMware and AWS, according to Patrick Moorhead, principal analyst at Moor Insights & Strategy.

                                        "The Azure folks need to make sure that its message of cross-platform and cross-vendor become true," he told LinuxInsider.

                                        Getting Ahead of the Curve

                                        Microsoft announced Azure Sphere two years ago as a program to improve security for the 41.6 billion Internet for things devices IDC expected to be connected to the Internet by 2025.

                                        This week's announcement demonstrates that the company is ready to fulfill that promise at scale, noted Halina McMaster, principal group program manager for Microsoft's Azure division.

                                        First, Azure Sphere software and hardware have completed rigorous quality and security reviews. Second, Microsoft's security service is ready to support organizations of any size. Third, operations and security processes are in place and ready for scale, McMaster said.

                                        "General availability means that we are ready to put the full power of Microsoft behind securing every Azure Sphere device," she noted.

                                        The general availability marks an opportunity for Microsoft to release a new product that addresses crucial and unmet needs as well as a new technology category to the Microsoft family, to the IoT market and to the security landscape, McMaster said.

                                        Testing Potential Significance

                                        The significance of the new technology is not clear at this point, but a major vendor that enters a still emerging market often can help speed the evolution of new products and services, according to Charles King, principal analyst at Pund-IT.

                                        "With Azure Sphere for IoT, Microsoft has identified and plans to address significant security issues that can restrain companies' interest in or willingness to deploy IoT solutions. If it works as advertised, Microsoft's offering could help boost IoT beyond pilot and experimental efforts," he told LinuxInsider.

                                        By offering an IoT security solution tied to cloud services, Microsoft aims to make it easier for IoT companies to develop commercial solutions that customers will find attractive. In a way, Azure Sphere for IoT is mainly about reducing the friction and impediments of security concerns that dog IoT, King said.

                                        Important Step Forward

                                        Services such as Azure Sphere are a step in the right direction. They simplify the implementation of architecturally complex security tasks through a tightly integrated stack, noted Jack Mannino, CEO of nVisium.

                                        "With the vast amount of services and components within IoT products and their supply chain, this helps development teams establish a secure foundation before addressing other security flaws within their design," he told LinuxInsider.

                                        Often, engineering teams will ship products without fully understanding the security impact of their design decisions or integrations, Mannino explained. So it is important to provide secure defaults and baseline security to build devices that will withstand the test of time when deployed in the field.

                                        How It Works

                                        Azure Sphere is a security system that protects IoT devices over time using its four-part system. One of its chief components is a new technology -- the Azure Sphere-certified chips -- that go into every device. Every Azure Sphere chip includes built-in Microsoft security technology to provide a dependable hardware root of trust and advanced security measures to guard against attacks.

                                        A second essential component is the Azure Sphere operating system itself. This is based on a Linux distribution developed by Microsoft that runs on the chips. The Azure Sphere OS is designed to limit the potential reach of an attack and to make it possible to restore the health of the device if it's ever compromised. It is a continually updated OS, proactively adding new and emerging protections.

                                        The third component is Microsoft's cloud-based Azure Sphere Security Service. This service reaches out and guards every Azure Sphere device. It brokers trust for device-to-cloud and device-to-device communication, monitors the Azure Sphere ecosystem to detect emerging threats, and provides a pipe for delivering application and OS updates to each device.

                                        A fourth component of Azure Sphere is the support team and its members' security expertise. The team provides ongoing security monitoring of Azure Sphere devices and the full ecosystem.

                                        Altogether, these layers of security prevent any single point of failure that could leave a device vulnerable, according to Microsoft.

                                        Complex, Not Complicated

                                        Microsoft built its Azure security system around seven properties that every IoT device must have in order to be secured. It states a clear view of what IoT security requires, McMaster said.

                                        These properties clearly outline the requirements for an IoT device with multiple layers of protection and continually improving security, she pointed out.

                                        "Complex doesn't mean complicated," McMaster remarked.

                                        The seven properties: Hardware-based Root of Trust, Small Trusted Computing Base, Defense in Depth, Compartmentalization, Certificate-based Authentication, Renewable Security and Failure Reporting.

                                        Any organization can use the seven properties as a roadmap for device security, McMaster said, but Azure Sphere is designed to give Microsoft's customers a fast track to secured IoT deployments by having all seven properties built-in.

                                        It makes achieving layered, renewable security for connected devices an easy, affordable, no-compromise decision, she added.

                                        Accessing Eligibility

                                        Microsoft will open sign-up opportunities for eligible customers soon. Azure Sphere does not have ongoing fees associated with its use.

                                        Customers will pay a one-time cost for a chip (as little as about US$8.65) that includes access to all of Sphere's components. The cost includes operating system updates for the lifetime of the chip.

                                        Alternatively, developers can license Visual Studio and Microsoft's Azure IoT services to develop apps for Sphere more efficiently, according to Microsoft.

                                        Disruptive Downsides

                                        It is arguable that the presence of major vendors such as Microsoft can reduce or restrict innovation in emerging markets like IoT security, noted Pund-IT's King. To its credit, Microsoft has become a far more agile and inventive organization under Satya Nadella's leadership, so this issue may be minimized.

                                        Clearly, Microsoft's shift to Linux over Windows 10 can be disruptive or innovating.

                                        "Certainly, it is difficult to imagine a similar effort (including the development of a Linux-based microcontroller OS) occurring under Microsoft's previous leadership," King observed.

                                        The Linux kernel provides a surface for preemptable process execution, and the driver model exposes MCU peripherals to OS services and applications, he previously pointed out, noting that its relative lightness and ability to support targeted processes make Linux a great choice for Azure Sphere.


                                        Jack M. Germain has been an ECT News Network reporter since 2003. His main areas of focus are enterprise IT, Linux and open source technologies. He has written numerous reviews of Linux distros and other open source software. Email Jack.


                                        Reader Comments
                                        Women in Tech
                                        Which cybersecurity risk is the greatest threat to organizations with remote workers?
                                        Data Breach or Leak
                                        Employee Misconduct or Negligence
                                        IoT-Based Attack
                                        Malware
                                        Phishing
                                        Ransomware
                                        Women in Tech
                                        Inside TechNewsWorld

                                                                              Mobile Games

                                                                              aviation

                                                                              image

                                                                              constellation

                                                                              Finance

                                                                              Foreign exchange

                                                                              Super League

                                                                              news

                                                                              aviation