Light Reading

Kontron Capitalizes on Security Jitters

Carolyn Mathas
News Analysis
Carolyn Mathas
2/20/2014
50%
50%

Is it true that telecom equipment companies are basing their purchasing decisions on where the design and development of components and modules takes place?

According to embedded computing platform developer Kontron AG , which undertakes its design and R&D processes in Montreal, Canada, it's already happening: The company, best known for its AdvancedTCA (ATCA) range of modules, claims it's wrestling business away from (unidentified) competitors that have design and development exposure in Asia/Pacific, particularly China.

And if that's more than just a one-off, the implications could be huge for telecom systems vendors and their suppliers.

Sven Freudenfeld, Business Development, Telecom for North America at Kontron, says that, increasingly, customers initiate discussion on where engineering takes place. "As we go further into cloud computing, trust is necessary to build platforms that will be deployed in the cloud. Moving the central office to the cloud where carriers no longer have access to hardware, they're forced to rely on what they don’t control," says Freudenfeld.

"When carriers owned their network hardware, they could handle situations as they arose -- they could see and identify an actual breach," adds Freudenfeld. "Now, with discovery left to third parties, reaction time is stretched out substantially. Carriers are demanding all network platforms -- interfaces, software, firmware, hardware -- be secure."

And for some (many?), China is regarded as posing a security threat, either directly or indirectly. Huawei Technologies Co. Ltd. and ZTE Corp. (Shenzhen: 000063; Hong Kong: 0763) know all about that: They are on the 'not trusted' list in the US, preventing them from supplying telecom equipment to the federal government or US companies. The main concern is that technology developed in China might include hidden back doors that would be used to either eavesdrop or disrupt networks, though no concrete evidence has been forthcoming. (See Nearly Everyone Trusts Us – Huawei CEO, US vs Huawei/ZTE: The Verdict and China Lashes Out at 'Cold War Mentality'.)

Customer concerns are not limited to just steering clear of China, though. Systems vendors are delving deeper into basic design methodology -- how network products are developed. Freudenfeld says there's a need for greater focus on: the design and creation of platforms with security as a central element; regulatory compliance; and the ability to identify weak points in a network.

There are many such weak points, he claims, and these will become more obvious with the introduction of virtualization, for example, or machine-to-machine (M2M) implementations, as each layer and each machine becomes a potential weakness.

And virtualization is going to happen: Indeed, Kontron is embracing it. (See Kontron Integrates OpenStack.)

There's reason to believe that virtualization is a major security concern. At the 2013 RSA Conference in San Francisco, the Cloud Security Alliance identified the Notorious Nine -- the top nine cloud computing threats for 2013. Of the top three concerns, number one is data breaches. In this case, a virtual machine, for example, could use side-channel timing data to extract private cryptographic keys in use by other virtual machines on the same server. The report indicated that one single client application flaw could allow a hacker access to all of the data -- not just that one client's.

The second top concern is data loss -- the kind where data is here and, then, well, it's not. Finally, account or service traffic hijacking. Once a hacker accesses credentials, eavesdropping on transactions and activities, data manipulation, information falsification, and moving clients to illegitimate sites, are all possible.

What cloud computing has done by concentrating a wealth of assets is magnify the consequences of breaches. On one hand, it's a bastion of data sharing -- on the other, a potential nightmare.

"Regulation will be especially important with telecom equipment and delivering the cloud. While there's great potential for software-defined anything --infrastructure, radio, networks -- there’s always a security element," Freudenfeld explained. While working groups and regulatory bodies exist, more progress will be necessary over the near and long term.

The security threat perception isn't limited to China, though, especially amid the NSA headlines and the FBI’s request for Facebook and Google to enable access for US government surveillance. (See Obama Weighs In on NSA Data Collection, Euronews: Merkel's Mad as Hell at NSA and NSA Humor Tops Congressional Hubris.)

Actually implementing back doors, or deliberately compromised telecom equipment, is very rare. It's the accidental vulnerabilities that are more common. But it's not that difficult to believe that Kontron customers are indeed citing security fears for a shift in procurement processes, especially as technology developments move faster than security advances and implementations can keep up with. Technical defenses may still be inadequate or not sufficiently implemented -- and that may leave non-technical ones, such as specifying that design and development take place in a more trusted environment, as the only immediate way to begin to alleviate fears.

— Carolyn Mathas, contributing editor, special to Light Reading

(0)  | 
Comment  | 
Print  | 
Newest First  |  Oldest First  |  Threaded View        ADD A COMMENT
Flash Poll
From The Founder
Anshul Sadana answers questions from Steve Saunders, Light Reading's founder and CEO, about Arista's CloudVision, a global cloud network controller for workload orchestration and workflow automation delivering a turnkey solution for cloud networking.
Live Streaming Video
CLOUD / MANAGED SERVICES: Prepping Ethernet for the Cloud
Moderator: Ray LeMaistre Panelists: Jeremy Bye, Leonard Sheahan
LRTV Custom TV
End-User or Enterprise Benefits to the New IP

7|30|15   |   04:27   |   (1) comment


Andrew Coward discusses what the New IP means to end users or enterprise customers. He explains compelling reasons, including how every customer can get their own network, from the transformation to the New IP.
LRTV Custom TV
Network Visibility & the New IP

7|30|15   |   02:23   |   (0) comments


Mukund Srigopal provides an explanation of what network visibility is and how it is essential as service providers transition to the New IP. In addition, the importance of the network packet broker is discussed.
Between the CEOs
Video Exclusive With Basil Alwan, Alcatel-Lucent

7|24|15   |   26:44   |   (5) comments


Basil Alwan, President of IP Routing & Transport at Alcatel-Lucent, discusses virtualization, cultural challenges, the capex crunch and more with Light Reading founder and CEO Steve Saunders.
LRTV Custom TV
VDF: Enable the Financial With Mobile Money

7|20|15   |   06:53   |   (0) comments


Ian Ravenscroft discusses how operators can expand to occupy the entire digital services value chain through service innovation.
LRTV Custom TV
Telefónica on OSS Transformation

7|20|15   |   06:01   |   (0) comments


Jose Gonzales discusses the details of Telefónica's operation transformation program.
LRTV Custom TV
Judi Achmadi on Huawei's Cloud Storage Solution

7|20|15   |   03:33   |   (0) comments


Judi discusses the key business goals of TelekomSigma's public cloud service and how Huawei's solution helps them address challenges.
LRTV Custom TV
KPN Enlightening Digital Business & IT Transformation

7|20|15   |   06:19   |   (0) comments


Rob de Beer discusses the changes that operators need to make with service innovation now coming from the Internet world.
LRTV Custom TV
Stratus Telco-Grade Cloud Solutions & NFV

7|20|15   |   07:34   |   (0) comments


Ali Kafel from Stratus Technologies addresses high-availability concerns within the telco industry with a solution that enables telcos to provide high-availability and stateful fault-tolerance using a software-based approach.
LRTV Documentaries
The Six Million Dollar Business Man

7|20|15   |   01:52   |   (0) comments


Steve Saunders, publisher. A man barely alive after an acquisition malfunction imploded the company he founded. Gentlemen, we can rebuild Light Reading. Better, faster, stronger.
Between the CEOs
CEO Chat With Anukool Lakhina, Guavus

7|20|15   |   38:51   |   (1) comment


Guavus CEO Anukool Lakhina talks to Light Reading founder and CEO Steve Saunders about the role of operational analytics in the communications services and networking sectors, particularly in relation to IoT.
LRTV Custom TV
IBM's Flash Storage With Intel QuickAssist

7|20|15   |   03:18   |   (0) comments


Intel's Bev Crair and IBM's Eric Herzog discuss how IBM's V9000 Flash Storage System has helped customers around the world. Featuring real-time compression powered by Intel QuickAssist Technology, the V9000 is a next-gen flash storage solution.
LRTV Huawei Video Resource Center
Thailand's AIS: Transforming to an FMC Operator

7|17|15   |   4:53   |   (0) comments


Saran Phaloprakarn, Senior VP of Fixed Broadband Business Management of Thailand's AIS, was a keynote speaker at the first Asia-Pacific Ultra Broadband Summit in Bangkok. In this video, he talks to Heavy Reading about transforming into an FMC (FBB+MBB+Content) operator.
Upcoming Live Events
September 16-17, 2015, The Westin Galleria Dallas, Dallas, TX
September 16, 2015, The Westin Galleria Dallas, Dallas, TX
September 16, 2015, The Westin Galleria Dallas, Dallas, TX
September 29-30, 2015, The Westin Grand Müchen, Munich, Germany
October 14-15, 2015, New Orleans Ernest N. Morial Convention Center, New Orleans, LA
November 5, 2015, Hilton Santa Clara, Santa Clara, CA
November 17, 2015, Santa Clara, California
December 1, 2015, The Westin Times Square, New York City
All Upcoming Live Events
Infographics
Network operators start seeing savings from NFV in the first year, according to a study by Affirmed Networks and ACG.
Hot Topics
Robbins Succeeds Chambers as Cisco Changes CEOs
Mitch Wagner, West Coast Bureau Chief, Light Reading, 7/27/2015
Cable Feuds With Senate Dems Over STBs
Alan Breznick, Cable/Video Practice Leader, 7/31/2015
RJio to Launch Its Own 4G Devices Brand
Gagandeep Kaur, Contributing Editor, 7/27/2015
Easing the Tech Pains for the Homeless
Carol Wilson, Editor-at-large, 7/28/2015
Like Us on Facebook
Twitter Feed
September 22, 2015
Media Begins With “Me”
Webinar Archive
BETWEEN THE CEOs - Executive Interviews
Basil Alwan, President of IP Routing & Transport at Alcatel-Lucent, discusses virtualization, cultural challenges, the capex crunch and more with Light Reading founder and CEO Steve Saunders.
Guavus CEO Anukool Lakhina talks to Light Reading founder and CEO Steve Saunders about the role of operational analytics in the communications services and networking sectors, particularly in relation to IoT.
Cats with Phones
Comes With Free Phone Stand Click Here
Who says cats don't have any skills?