Better Living through a Protocol Break

Better Living through a Protocol Break

 by Carl Nerup

Protocol is the standard set of rules that allow all of us to communicate with each other using the proper procedure for conduct. Not that protocols do not change over time, or that they may be different by culture, but they do establish the norms for a safe and secure method for all of us to get along.

However, if you will allow, let me propose the counter-intuitive argument. Breaking protocol can lead to better living in one area – Ultra-Secure Mobility™.

As we look to how data is transmitted over a network, of course, it is governed by Protocol. This Protocol is a set of communication agreements, which ensure that as long as both sides of a communication channel adhere to it, the data gets delivered correctly. This protocol does two primary things: 1) that the data gets routed in the right direction; and 2) that it is chopped into parts where needed and reassembled again where possible. These protocols can also govern some other very complicated things like compression, tunneling, load balancing, authentication, caching, spooling, and all kinds of things to make the communication go smoothly.

However, these Protocols only work under the condition that both sides are cooperative. Security attackers leverage this ‘trust’ by not being cooperative for the express purpose of working to find an attack vector.

There is an answer. Introduce a Protocol Break.

A protocol break consists of two components that sit between the sender (upstream) and the receiver(downstream) of a message. The first component is a “catcher”, which, while adhering to the protocol, strips all traffic control data from the data it receives, and keeps only the payload data. The second component is a “thrower”. The thrower does the opposite: it takes bare payload data and sends the payload to another system by means of a chosen new protocol. To do this successfully, the thrower does all the complicated things that are necessary to adhere to this new Protocol specification.

For example, in a “protecting secrets” scenario it can generally be assumed that the attacker has access to the upstream network. From the upstream network, the attacker could attack the downstream network by abusing a design flaw in one of the systems on the downstream network. Though the attack may still cause harm in terms of availability on the downstream network, the Protocol Break effectively cuts out those attack vectors which live in the traffic control data from getting downstream.

In our view, Better Living through a Protocol Break can be achieved for the broader market – especially for IoT or Connected Devices.

At Cog Systems, we build solution that rely on a defense-in-depth resilience that includes an architecture that is layered, isolated, and modular, with commercial off-the-shelf hardware and software.