Foundation of security : RoT

We are now in the era of technology where everything is connected to everything through internet.

And with this Internet of things (IOT) is born. With the help of IOT, The availability of information is at your backdoor. The IOT is what making interaction between objects in real life possible, regardless of physical distance. This is all good But, This connectivity opens up doors of malicious data corruption and contamination to occur. IOT devices are distributed, unsupervised, and physically exposed. Cryptography is the technique used in to resolve this vulnerability.

Security is the only topic which grows more popular in future. We are living in the smart world But the question comes “is this smart is really secure?” This smart wave of smart gadgets comes up with the cost: the rapid speed of product development does not always allow enough time for security considerations. With this much data flowing in and out of all these IOT devices, there is a significant opportunity for data to end up in wrong hand.

A Root of trust (Rot) is the component that performs one or more security specific functions, such as measurement, storage, reporting verification and/or update. It is ideally based on hardware validated boot process to ensure the system can be only started by using code from an immutable source.

What is Rot?

-Verification (authentication) of record installed, trusted boot code.

-Execution consistency.

-Provisioning of one o more security service.

-Establishing security from the root of system.

The first word in Rot is “root”- a Rot sits at the very beginning of a system. It is the root of a system where security belongs. There is no another element which can verify/authorize/attest to the validity of Rot. So it is important for the designers to understand their need for ROT. And to find the right one that is best fit to the need.