Embedding security into data management
November 01, 2012
Securing data is becoming more critical and more difficult to accomplish as embedded application development has increased in complexity, especially w...
Security is an important consideration when mobile devices and other embedded systems interoperate with other systems and components. Unauthorized access, eavesdropping, session hijacking, and other security threats can result in irreversible damages such as data loss, intellectual property theft, and malfunction.
Data management security is a fundamental requirement of applications developed for embedded systems. From industrial automation and medical devices to solar power inverters and even home entertainment systems, data must be protected both at rest on the device and during communication. But who bears responsibility for data security? All device components must employ a security-conscious design, from the application and embedded database down to the hardware.
Safeguarding embedded data
Embedded application development is becoming more complex, and developers are interested in learning how to manage data securely across all phases of development for embedded systems. Whether an engineer is building a mobile device, solar inverter, medical equipment, or any other embedded system, data security is the riskiest part of a design.
Authentication and encryption technologies are essential to secure data storage and distribution, but what does an embedded developer need to know to secure an embedded database? As securing data becomes more critical and regulators and consumers demand serious data protection, an application developer might ask: How do I ensure that my application will be secure? Should data be secured at the application level or at the database level? Can security be implemented by simply assembling the right combination of technologies?
As long as data remains local to an embedded system with no communication layer, security management is not very complex. However, as communication protocols such as TCP/IP are added to the design, security supervision becomes more problematic, and developers must learn about various options such as securing the socket layer so data can be accessed safely.
Securing data at the application level
Databases and applications can offer a safe haven to make data secure. Developers can encrypt data before it leaves the application and arrives in the database, but this is only viable for unsearchable data. For example, an embedded system that manages security for a gate will have a list of staff and their credentials, such as PINs or passwords. The credentials should be encrypted by the application so they can be verified individually. However, any information used to identify or list staff members must not be encrypted by the application.
Physical security is also important. A gate security system should not store data on removable flash media that could be easily replaced to circumvent security. However, even if data is stored internally, a dedicated attacker with physical access to the device can almost always access the data stored there. Storage-level encryption is necessary to protect sensitive data in this scenario.
Securing data at the database level
Encryption is a recognized security method where data is encoded with a specific encryption key and the same data can only be read by supplying the same key. File encryption is a way to keep the data secure, as it will block access to each database file until the application provides the correct key. This method protects data in case of media theft and, as long as access to data is limited to local connections, is a preferred method for offering security.
In the past, encrypting data before it left the system was a common way to manage and secure data. However, this approach can make it difficult to analyze data and search for individual information.
Securing remote access and data distribution
Database security is important to developers who are concerned with data confidentiality, integrity, and availability. While steps such as creating a procedure for end-user access can restrict physical access, database security requires special attention and greatly affects risk management for an embedded system. Developers of mission-critical applications and business intelligence systems experience critical safety vulnerabilities if malicious systems on the network or malware applications intercept access to confidential data.
How can a developer secure remote access from an unauthorized session? Remote access requires protection from unauthorized access, as well as eavesdropping and session hijacking. These faults can be caused by a lack of security for data management and data distribution.
When consumers access data remotely, they might connect to the database without authorization, allowing anyone to access this data online. Therefore, it is necessary to implement an authorization token so consumers can use passwords to access the database. This secures communications to prevent direct access to the database by an unauthorized party.
Embedded database security features
Some applications collect data locally and periodically post that data to a server on the Internet. Other computers on the Internet or local network can observe or tamper with that connection if it is not encrypted. Developers often look for security and authentication features in the embedded database to offer flexible data safety techniques that address these problems. Using database security features, developers can achieve data security in embedded applications by encrypting both network communications and storage media.
ITTIA DB SQL is a database software library for mobile devices and other embedded systems that offers secure file storage, remote access, and replication (see Figure 1). Whether a database file is only accessed locally or shared over a public TCP/IP network, the encryption features provided by ITTIA DB SQL ensure that data is protected from unauthorized access, eavesdropping, and session hijacking.
To protect data at rest on a device, each database file can be encrypted with an AES-128 or AES-256 key. Advanced Encryption Standard (AES) is a data encryption specification that has been adopted by the U.S. government and other governing bodies across the world. Even if the database is removed from the device, it cannot be read or modified without the encryption key. As a result, sensitive data can be stored on or backed up to the removable media on a consumer mobile device without compromising security.
Security becomes an even greater concern when an embedded device can share data with other devices and back-end systems. Whether data is shared over an active client/server connection or through passive replication, communications should be authenticated using a protocol such as Salted Challenge Response Authentication Mechanism (SCRAM) that does not require the database password to be transmitted over the network. This ensures that only authorized parties can initiate a connection and modify the embedded database.
Connections over a public network such as the Internet should also secure the communication channel with Transport Layer Security (TLS) or its predecessor, Secure Sockets Layer (SSL). This prevents eavesdropping from other devices on the network and man-in-the-middle attacks such as session hijacking that can compromise security even after an authenticated connection is established.
Whether an application targets Windows, Linux, Android, ThreadX, QNX, or one of the many other operating systems commonly found in embedded devices, software developers must consider the security implications of data sharing and storage. Selecting an embedded database that provides the required features is critical to the specification and design of secure applications. While it is ultimately up to the application to implement adequate security measures, an embedded database that offers the fundamentals for managing security is essential to protect embedded designs.
ITTIA [email protected] www.ittia.com