YOU ARE AT:OpinionReality Check: Wearable devices underscore need for secure design

Reality Check: Wearable devices underscore need for secure design

Security issues connected with consumer uptake of wearable devices and the ‘Internet of Things’ remains a significant hurdle for the market

Wearable computing devices are changing the way humans interact with technology and that shift has security implications that must be addressed.

Wearable fitness tracking devices – which intersect fitness and health data with wearable, networked technology – manifest old sources of risk, historically seen in desktop and Web applications, in novel ways. At the same time, consumers are increasingly embracing wearables and their capabilities. Nearly half of all consumers plan to buy wearable devices, including fitness trackers, by 2019, according to a 2014 Forbes article.

These devices, of course, don’t just read and display your vital signs, they transmit those intimately personal data to other devices and to the cloud. As the consumer market for wearables expands beyond fitness tracking devices and, particularly, as devices interact in increasingly complex ways, the potential attack surface presented by these devices will grow apace.

This growing source of risk highlights a truth across the software industry: today’s focus on finding and fixing security defects is insufficient. We must expand that focus to include secure design decisions before the first line of code is written and, by doing so we can prevent many of the worst security failures.

A fictitious design as proxy

The recent “WearFit: Security design analysis of a wearable fitness tracker” report is based on a fictitious fitness tracking device design, but mirrors actual devices on the market. The report begins with a system overview of the device’s hardware and software architecture, as well as detailing the mobile application used for communicating health data and the backend website that round out the device ecosystem. The balance of the report uses the top 10 software security design flaws – originally published in the IEEE report “Avoiding the top 10 software security design flaws” – to walk the reader through the security design decisions that are most important to the WearFit system. This work was accomplished under the auspices of the IEEE Cybersecurity Initiative and its offshoot the IEEE Center for Secure Design, whose mission is to shift the software industry’s focus from a reactive search for bugs to a more proactive focus on secure design that prevents vulnerabilities.

Consumer awareness and IoT

Although the report is written specifically for software security designers, we’d be pleased if a broad swath of stakeholders, including consumers, came to understand wearable device security is a very real concern with real-world implications. While consumers do not need to understand the arcana of secure software design, software architect and developers, even in nonsecurity roles, will benefit immensely from an understanding of and investment in addressing secure design considerations.

We’ve all read the headlines about data breaches. Consumers should be aware that wearable technology, from a security standpoint, shares the same basic risk vectors as other computing devices. How consumers choose and utilize devices can impact the severity and nature of risk. The privacy and security implications of a fitness and health data might not be immediately obvious to end users, but our report highlights why personal fitness information needs strong protections and some of the ways it can be abused if its confidentiality or integrity is compromised.

Baking security in

As you can imagine, space does not permit us to fully summarize the WearFit report’s findings, but it’s worth delving into one of the design flaws it covers as an example. Let’s use No. 8: Always consider the users.

“Avoiding the top 10 software security design flaws” mentions that:
“The security stance of a software system is inextricably linked to what its users do with it. It is … important that all security related mechanisms are designed [to make] it easy to deploy, configure, use and update the system securely. Security is not a feature that can simply be added to a software system, but rather a property emerging from how the system was built and is operated.”

As a consumer device, of course, the entire WearFit system is built around the end user. Many of the fundamental architecture decisions in the system were made to promote a positive user experience, the key to market success. But there’s always a trade off between ease-of-use and security.

For example, WearFit users interact most frequently with the Web application, and the user experience begins with authentication. New users must register a strong password with the site and access a secure recovery procedure if they forget their password. Password strength increases when 32 characters are required, but usability is increased when four-digit PINs are allowed. The middle ground calls for an eight character minimum with three distinct character types and no dictionary words allowed. Users can also authenticate using third-party services, including Google Plus and Facebook.

Looking beyond password policies for another example, the WearFit device is, of course, portable. That requires adequate battery life be paired with the modest memory, computational power, storage space and long-distance communication capabilities available in that form factor.

Because of these hardware limitations, the device seizes every opportunity to inexpensively upload activity data to the WearFit server. In some instances, data is transmitted over other WearFit devices running the WearFit mobile application, which requires additional security controls to ensure that users can’t see or tamper with other users’ data.

This link between the user and secure design decisions is critical to understand. WearFit users aren’t security professionals and often aren’t aware certain data is sensitive or how to secure them. Security architecture making it easy for users to do the right (most secure) thing is just one example of how strong security design decisions reduce risk.

Jacob West is chief architect for security products at NetSuite, a founding member of the IEEE Center for Secure Design and lead author of “WearFit: Security design analysis of a wearable fitness tracker.”

Editor’s Note: The RCR Wireless News Reality Check section is where C-level executives and advisory firms from across the mobile industry share unique insights and experiences.

ABOUT AUTHOR

Reality Check
Reality Checkhttps://www.rcrwireless.com
Subject to editorial review and copy edit, RCR Wireless News accepts bylined thought leadership articles, up to 1000 words, from industry executives. Submitted articles become property of RCR Wireless News. Submit articles to [email protected] with "Reality Check" in subject line.