Security Innovation offers a range of services that help organizations resolve vulnerabilities and weaknesses in a portfolio of enterprise applications, a stand-alone application, an embedded software system, or within the software development process itself.
The use of hardware security such as TPM's or secure algorithms, as well as techniques such as encryption, digital signatures and message authentication does not ensure a secure system. Security primitives are just one piece of the puzzle - they must be deployed within a secure system to ensure that your product or infrastructure is protected against potential security risks.
Security Innovation's security architects have years of experience in secure embedded design, which includes:
We co-designed the standard for secure vehicle communications as part of a multi-year US Department of Transportation project. We considered bandwidth, performance, implementation cost, privacy concerns, and possible FIPS-140 certification of devices. This communication system will be part of all US-manufactured automobiles in 2014. We guided the design through the standardization process to become IEEE Std 1609.2.
Our engineers also built a software implementation of the system, with enhancements for remote key management, testability, and anonymity, in our Aerolink libraries.
We designed and wrote the communications security for IEEE 802.15.3, an ultra wide-band ad-hoc networking system. The system needed to support a rapidly-changing network, with devices frequently being added and removed, as well as high throughput that met stringent Quality of Service requirements.
We helped indentify weaknesses of biometric matching data on local machines, and helped our client develop and analyze the biometric data in a way which still led to good matching, but did not leave sensitive information in the clear. A better security story was critical for our customer, and their sales have since increased markedly.
Working with a leading provider of mobile databases, we provided a design for secure replication and backup that met the performance requirements for highly constrained mobile devices - whilst protecting the sensitive data stored in and transmitted from the database.