So you think your code in the cloud is safe just because it’s encrypted? Not always. Hackers can actually modify this code so when it gets downloaded to a mobile device – poof – you are infected. Sometimes the code is inadvertently changed, which is usually not a security problem, but can create unstable or unrunnable software. IBM isn’t announcing a product to solve this problem, but has a patent that does promise a solution.
IBM spends millions, make that billions, on R&D and much of this is pure research so there is no guarantee this technology will ever make it to market. But the concept is important to explore.
The invention is covered by U.S. Patent #8,341,747, “Method to provide a secure virtual machine launcher.” Here what it’s all about: “This patented invention will help organizations confidently and securely embrace the advantages of a mobile workforce while remaining protected against malicious content or intent,” said Andrew Cornwall, inventor and mobile software developer, IBM. “Our technique helps businesses prevent altered apps from running and unleashing their wrath on businesses, their networks and their customers.”
Aimed largely at BYOD, where workers run work apps on their own machines, most of which are mobile, the IBM patent makes it so users can only get at apps if it is proven the underlying hasn’t been changed or added to. “For example, if an app is modified after it has been encrypted—without being properly decrypted and re-encrypted—IBM’s patented security mechanism will recognize that the code was altered and prevent it from running. This approach is differentiated by detecting if an app has been modified before being executed, versus after, and provides businesses with additional control over which apps can be accessed,” IBM said.
The invention uses virtualization, which is already often deployed as a way to sandbox applications. The VMware Player is one example, and Microsoft offered Windows 7 users the ability to run XP apps and drivers in a virtual machine.
“IBM’s secure virtual machine (VM) launcher invention can address the complexity of deploying and ensuring the security of business-critical cloud-based apps,” IBM said. “While VMs are frequently used for enterprise tasks, such as remote backup and disaster recovery, they also are increasingly embedded in consumer devices such as mobile phones, tablets and portable game consoles to ease software updates and management.” In addition to protecting apps, the IBM invention can parse encrypted files, which can also be infected by hackers.
Invention Could Find Ready Market
If the IBM technology does turn into a product, it could be part of the increasing strong cloud security market.
Gartner is one many research houses tracking this area and it says security in the cloud will almost double to from this year’s $2.13 billion to hit $4.13 billion in 2017.
“The cloud-based security market remains a viable one, offering providers many opportunities for expansion,” said Ruggero Contu, research director at Gartner. Encryption will be a new area of growth, but it remains a complex activity. The strongest interest will be in encryption products from cloud security brokers, which are relatively easy to deploy and have options for on-premises encryption management.”
Managed Security is a particularly strong area; one Infonetics Research says will exceed $9 billion by 2017. This market is poised to grow over the next five years a rather remarkable 45 percent.
Edited by
Cassandra Tucker
