Light Reading
Security concerns are changing procurement strategies, claims ATCA platform vendor.

Kontron Capitalizes on Security Jitters

Carolyn Mathas
News Analysis
Carolyn Mathas
2/20/2014
50%
50%

Is it true that telecom equipment companies are basing their purchasing decisions on where the design and development of components and modules takes place?

According to embedded computing platform developer Kontron AG , which undertakes its design and R&D processes in Montreal, Canada, it's already happening: The company, best known for its AdvancedTCA (ATCA) range of modules, claims it's wrestling business away from (unidentified) competitors that have design and development exposure in Asia/Pacific, particularly China.

And if that's more than just a one-off, the implications could be huge for telecom systems vendors and their suppliers.

Sven Freudenfeld, Business Development, Telecom for North America at Kontron, says that, increasingly, customers initiate discussion on where engineering takes place. "As we go further into cloud computing, trust is necessary to build platforms that will be deployed in the cloud. Moving the central office to the cloud where carriers no longer have access to hardware, they're forced to rely on what they don’t control," says Freudenfeld.

"When carriers owned their network hardware, they could handle situations as they arose -- they could see and identify an actual breach," adds Freudenfeld. "Now, with discovery left to third parties, reaction time is stretched out substantially. Carriers are demanding all network platforms -- interfaces, software, firmware, hardware -- be secure."

And for some (many?), China is regarded as posing a security threat, either directly or indirectly. Huawei Technologies Co. Ltd. and ZTE Corp. (Shenzhen: 000063; Hong Kong: 0763) know all about that: They are on the 'not trusted' list in the US, preventing them from supplying telecom equipment to the federal government or US companies. The main concern is that technology developed in China might include hidden back doors that would be used to either eavesdrop or disrupt networks, though no concrete evidence has been forthcoming. (See Nearly Everyone Trusts Us – Huawei CEO, US vs Huawei/ZTE: The Verdict and China Lashes Out at 'Cold War Mentality'.)

Customer concerns are not limited to just steering clear of China, though. Systems vendors are delving deeper into basic design methodology -- how network products are developed. Freudenfeld says there's a need for greater focus on: the design and creation of platforms with security as a central element; regulatory compliance; and the ability to identify weak points in a network.

There are many such weak points, he claims, and these will become more obvious with the introduction of virtualization, for example, or machine-to-machine (M2M) implementations, as each layer and each machine becomes a potential weakness.

And virtualization is going to happen: Indeed, Kontron is embracing it. (See Kontron Integrates OpenStack.)

There's reason to believe that virtualization is a major security concern. At the 2013 RSA Conference in San Francisco, the Cloud Security Alliance identified the Notorious Nine -- the top nine cloud computing threats for 2013. Of the top three concerns, number one is data breaches. In this case, a virtual machine, for example, could use side-channel timing data to extract private cryptographic keys in use by other virtual machines on the same server. The report indicated that one single client application flaw could allow a hacker access to all of the data -- not just that one client's.

The second top concern is data loss -- the kind where data is here and, then, well, it's not. Finally, account or service traffic hijacking. Once a hacker accesses credentials, eavesdropping on transactions and activities, data manipulation, information falsification, and moving clients to illegitimate sites, are all possible.

What cloud computing has done by concentrating a wealth of assets is magnify the consequences of breaches. On one hand, it's a bastion of data sharing -- on the other, a potential nightmare.

"Regulation will be especially important with telecom equipment and delivering the cloud. While there's great potential for software-defined anything --infrastructure, radio, networks -- there’s always a security element," Freudenfeld explained. While working groups and regulatory bodies exist, more progress will be necessary over the near and long term.

The security threat perception isn't limited to China, though, especially amid the NSA headlines and the FBI’s request for Facebook and Google to enable access for US government surveillance. (See Obama Weighs In on NSA Data Collection, Euronews: Merkel's Mad as Hell at NSA and NSA Humor Tops Congressional Hubris.)

Actually implementing back doors, or deliberately compromised telecom equipment, is very rare. It's the accidental vulnerabilities that are more common. But it's not that difficult to believe that Kontron customers are indeed citing security fears for a shift in procurement processes, especially as technology developments move faster than security advances and implementations can keep up with. Technical defenses may still be inadequate or not sufficiently implemented -- and that may leave non-technical ones, such as specifying that design and development take place in a more trusted environment, as the only immediate way to begin to alleviate fears.

— Carolyn Mathas, contributing editor, special to Light Reading

(0)  | 
Comment  | 
Print  | 
Newest First  |  Oldest First  |  Threaded View
Flash Poll
From The Founder
It's clear to me that the communications industry is divided into two types of people, and only one is living in the real world.
LRTV Documentaries
Optical Is Hot in 2015

1|23|15   |   01:56   |   (2) comments


Optical comms technology underpins the whole communications sector and there are some really hot trends set for 2015.
LRTV Custom TV
Policy Control in the Fast Lane

1|22|15   |   2:57   |   (0) comments


What's making policy control strategic in 2015 and beyond? Amdocs talks with Graham Finnie from Heavy Reading about some of the key factors driving change in the data services landscape. Find out what his policy management research reveals about the road ahead for policy control.
LRTV Documentaries
Highlights From the 2020 Vision Executive Summit

1|21|15   |   4:33   |   (2) comments


In December 2014, Light Reading brought together telecom executives in Reykjavik, Iceland to discuss their vision for high-capacity networks through the end of the decade. The intimate, interactive meeting was set against the backdrop of Iceland's spectacular natural beauty. As one of the event's founding sponsors, Cisco's Doug Webster shared his company's ...
LRTV Huawei Video Resource Center
Huawei Pay-TV Partner Harmonic, Helping Carriers Accelerate 4K Video Deployment with Huawei

1|20|15   |   5:42   |   (1) comment


At IBC, Peter Alexander, Senior Vice President & CMO at Harmonic, speaks about the growing interest in pay-TV service and its branching into multiple devices.
LRTV Huawei Video Resource Center
Sony Marketing Director Olivier Bovis Discusses the Outlook for 4K and Cooperation With Huawei at IBC 2014

1|20|15   |   6:50   |   (0) comments


At IBC, Olivier Bovis, Marketing Director of Sony, speaks about the coming of the 4K era.
LRTV Huawei Video Resource Center
Huawei Pay-TV Partner Envivio, Helping Carriers Accelerate 4K Video Deployment

1|20|15   |   2:57   |   (0) comments


At IBC, Olivier Bovis, Marketing Director of Sony, speaks about the coming of the 4K era.
LRTV Huawei Video Resource Center
Pay-TV's Networked Future

1|20|15   |   6:29   |   (0) comments


At IBC, Jeff Heynen, Principal Analyst at Infonetics, speaks about the future of the pay-TV industry and its transition.
LRTV Huawei Video Resource Center
Jeff Heynen: Distributed Access Will Help MSOs Compete in the Future

1|20|15   |   2:26   |   (0) comments


At IBC, Jeff Heynen, Principal Analyst at Infonetics, speaks about moving to distributed access and the future trend of cable business.
LRTV Interviews
Cisco Talks Transformation

1|20|15   |   13:02   |   (0) comments


In December 2014, Steve Saunders sat down with Cisco VP of Products & Solutions Marketing Doug Webster at Light Reading's 2020 Vision executive summit in Reykjavik, Iceland. They spoke about Cisco's approach to network virtualization as well as how service providers can begin to monetize high-capacity networks through the end of the decade.
LRTV Interviews
Bob Wilson, Arsenal Legend: The Light Reading Interview

1|16|15   |   35:36   |   (3) comments


Arsenal goalkeeping legend Bob Wilson was Light Reading's guest interviewee at the 2020 Vision Executive Summit in December. See what the former soccer star and sports broadcaster had to say when he took to the stage in Iceland.
LRTV Custom TV
What MEF Third Network Initiative Means for SDN & NFV

1|14|15   |   6:13   |   (0) comments


Vitesse Semiconductor CTO Martin Nuss discusses the importance of the MEF Third Network initiative and why it's good news for SDN/NFV industry initiatives.
LRTV Huawei Video Resource Center
Frank Miller: Distributed Solutions are the Best Build for the Future - Part II

1|9|15   |   2:46   |   (0) comments


At SCTE, Frank Miller, Global CTO of MSO at Huawei, speaks about Cable 2.0 and its innovative future.
Upcoming Live Events
February 5, 2015, Washington, DC
February 19, 2015, The Fairmont San Jose, San Jose, CA
March 17, 2015, The Cable Center, Denver, CO
April 14, 2015, The Westin Times Square, New York City, NY
May 12, 2015, Grand Hyatt, Denver, CO
May 13-14, 2015, The Westin Peachtree, Atlanta, GA
June 9-10, 2015, Chicago, IL
September 9-10, 2015, The Westin Galleria Dallas, Dallas, TX
September 29-30, 2015, The Westin Grand Müchen, Munich, Germany
November 11-12, 2015, The Westin Peachtree Plaza, Atlanta, GA
December 1, 2015, The Westin Times Square, New York City
December 2-3, 2015, The Westin Times Square, New York City
Infographics
Hot Topics
Cuomo Unveils Broadband Aid Program
Alan Breznick, Cable/Video Practice Leader, 1/19/2015
BlackBerry Wants Net Neutrality Protection -- That's Just Sad
Mitch Wagner, West Coast Bureau Chief, Light Reading, 1/22/2015
FiOS Picks Up Pace Again
Alan Breznick, Cable/Video Practice Leader, 1/22/2015
Indiana Carrier Takes Fiber to the Farm
Jason Meyers, Senior Editor, Gigabit Cities/IoT, 1/22/2015
Verizon Ready for Google MVNO Challenge
Dan Jones, Mobile Editor, 1/22/2015
Like Us on Facebook
Twitter Feed
Webinar Archive