Sixgill backstops security with blockchain data integrity for IoE applications
Sixgill unveiled its blockchain or distributed ledger-based solution for sensor network data integrity. Sixgill Integrity is a ledger-agnostic solution and is designed from the ground up to solve the fundamental need for an end-to-end, real-time sensor data authenticity system. With Integrity, organizations are assured that their emitted data, transmitted data, ingested data, and acted-upon data are the same.
Sixgill is taking a fresh approach to fundamental industry challenges of data security and authenticity:
- Cloud processing multiplies intrusion vulnerabilities in complex networks. Proliferation of connected devices can expand system surface area for attack opportunities. And hardware vulnerabilities such as Meltdown and Spectre compound cloud systems’ susceptibility to intrusion and malfunction. Distributed Ledger Technology can protect data when security fails.
- Sensor data streams can be tampered with, hacked or changed without an organization ever knowing, or not knowing soon enough to prevent error. The immutable nature of Distributed Ledger Technology (DLT) can be applied to ensure information integrity, veracity and auditability.
- Until now, blockchain foundations have been too slow and encumbered to achieve critical, real-time operations performance. Sixgill Integrity applies a hybrid architecture to combine the immutability of DLT with the high performance of modern, distributed database technologies.
As the volume and velocity of sensor data traversing complex networks exponentially grows, system vulnerabilities become consequential. Current and future automated sensor data networks face potentially disastrous malfunctions, if transmitted data is compromised and wrongly trusted. Already, Thales reports that 71% of enterprises are now gathering data for IoT initiatives while security remains a major concern and impediment to their IoT deployments.
Data is defensible
The thesis behind Sixgill Integrity is that security is an illusion and despite best efforts, bad actors can and likely will eventually intrude in any system. If the cat-and-mouse game of security cannot be conclusively won, Sixgill asserts that sensor data itself is defensible. Further, a propensity for data silos in the enterprise necessitates an increasing number of middlemen and brokers, creating more fissures for intrusion.
Security vendors should keep trying to deny access to bad actors, but Sixgill will presume failure and focus on assuring the intactness of data streams, and on exposing any successful compromises so people and automated systems do not act on inauthentic data. Integrity for data includes not only the data itself, but also assuring authentic sequencing of time-series data that predominates in sensor-informed processes.
On-chain / Off-chain innovation
By combining DLT and edge computing (where possible), Sense Integrity uses blockchain and cryptography to provide authenticity of data origin and verification of data content and chronology. Integrity is built with a public on-chain, and distributed off-chain, hybrid architecture.
This combines the security, transparency and immutability of public blockchain networks, with a distributed off-chain architecture capable of verifying, storing and processing vast amounts of data centrally or at the edge of the network using data handling and storage methods that can be chosen for maximum performance. This gives enterprises knowledge that their data has not been changed or otherwise compromised, and allows them to contain the costs associated with high volume data processing and storage.
Ponemon Institute reports that the average time to resolve a data breach is 191 days, an unacceptable lag between incidence and repair. Integrity is a real-time system designed to slash awareness intervals and speed correction. Whether a network is compromised by a bad actor, a defective or hacked sensor, or a faulty algorithm, Sixgill Integrity is designed to make sensor data automation resistant to attack and resilient in response, such that it is difficult to undermine data integrity or conceal same if successful.
“To be actionable, sensor data must be truthful, accurate, complete, retrievable, and verifiable,” said Phil Ressler, CEO of Sixgill. “Today’s sensor-populated networks are intrinsically unsecure. The potential for processes dependent on millions of devices and billions of data records to be compromised by corrupted or planted data is becoming a reality for many, with an especially worrisome horizon for utilities, communications providers, the industrial internet, public safety agencies, heavy manufacturers, and the like.” Ressler added, “The future of the Internet of Everything and its IoT subset depends on trusting the integrity of actionable data.”
Sixgill Integrity answers the needs of organizations that rely on the mission-critical data they gather. Use cases are not restricted to, but include:
Healthcare — Permanent auditability, traceability and certainty for medical data and clinical trials.
Insurance — Rate-setting and claim-settling based on dynamic data collected from smart devices, smart homes, sensor-intensive vehicles, smart buildings, etc.
Utilities — Ensure distributed, automated infrastructure informed by sensor inputs and powered by programmatic action triggers do not act on suspect data.
Continuous auditing for regulation, finance, compliance — Add trustless audit trails to any enterprise data ecosystem.
Sixgill Integrity is integrated with Sixgill Sense, the company’s sensor data automation platform and its companion SDKs, APIs, partner gateways and dashboard. Integrity functions are both cloud and edge-resident and can be run with Sense or independent of it.
Like Sixgill Sense, Integrity is optimized end-to-end for the processing requirements imposed by prolific time-series data generation and related real-time operations. However, Sixgill Integrity is a product that can provide blockchain-based integrity to a wide variety of other data chains where veracity, immutability and auditability are vital. Sixgill Integrity provides:
- Implementation with Sixgill Sense,
- Edge availability in the Sixgill Reach SDK & Edge Agent,
- Data Integrity Dashboard including rules and operations monitoring,
- Alerting when data compromises are detected,
- Audit trail for any Sense-enabled data ecosystem.
Sixgill Integrity is beginning test engagements and is expected to be generally available in Q2 2019.