ICT Today

ICT Today March/April 19

Issue link: https://www.e-digitaleditions.com/i/1081695

Contents of this Issue

Navigation

Page 36 of 63

March/April 2019 I 37 NO USERS Unikernel architecture does not have the concept of users and passwords, because it does not need them. Most server and device systems deployed today have this concept because many are still using 40 to 50-year-old operating system designs when computers filled entire walls and cost $500,000 a pop. However, this concept is not relevant anymore, and it is a large reason why there are still so many attacks on these systems today. Consider this analogy. When patients ask a doctor why their foot hurts when they repeatedly hit it and the doctor says, "stop doing that," unikernels state the obvious by saying "let's stop doing that" as well. NO SHELLS The concept of a shell is a tool that engineers use on systems to poke and prod at systems. However, it is not a concept that is wanted in order to enable the deployment of tens or hundreds or thousands of devices. After all, technicians or engineers are not going to pop into these devices if they are acting up; that is not scalable. Once again, shells are just not present in unikernel systems and they stop a wide range of attacks simply by not being present. The botnets previously mentioned all rely on this concept too. REDUCED ATTACK SURFACE Unikernels have a dramatically reduced attack surface. Popular operating systems that sit on edge systems today, such as Linux, have a kernel — the core of the system — weighing in at a whopping 15 million lines of code with thousands of libraries. Ubuntu/Debian and other distributions of Linux add to this weight and can clock in at 50 million lines of code. Some unikernel-based systems are so small, they are in the tens of thousands of lines of code; at that number provably correct systems can be created. CLOSING REMARKS Edge computing is clearly transforming intelligent buildings as it seeks to make things like HVAC, alarms, fire systems and life safety systems more intelligent. The challenge is in how to install all these new computing capabilities, like machine learning, in a secure and manageable way, because the methods that are being used today might create value in one direction yet steal that value from another direction. Please do not build intelligent buildings with dumb security. AUTHOR BIOGRAPHY: Ian Eyberg is CEO of NanoVMs. A self-taught expert in Computer Science, specifically operating systems and mainstream security, Eyberg is dedicated to initiating a mass-upgrading of global software infrastructure, which for the most part is based on 40-year-old technology. Prior to cracking the code of unikernels and developing a commercial viable solution, Eyberg was an early engineer at Appthority, an enterprise mobile security company. He also worked for Bluff.com doing poker analytics and studied Computer Science at the University of Missouri-Rolla. Ian can be reached at ian@nanovms.com. Unikernel architecture does not have the concept of users and passwords, because it does not need them.

Articles in this issue

Links on this page

Archives of this issue

view archives of ICT Today - ICT Today March/April 19