While traditional security solutions focus on prevention and managing risks, they often inhibit the operations they seek to protect. Today, security must be a business enabler – empowering you to open up the enterprise to customers, suppliers and partners – yet in a way that helps you manage risk and ensure compliance. But the very thought of “opening up” your enterprise – and the multiple points of vulnerabilities that can occur as a result – may cause you to employ a “more is better” security strategy. In fact, some large companies may work with hundreds of security vendors to ward off an ever-increasing barrage of security threats. This approach isn’t just expensive, it’s exhaustive. To close the security gaps between these solutions that could leave you vulnerable, you must devote time and money to integrate them into your solutions. It’s also frustrating that, while all of these defensive actions can help make the business more secure, they may do little to move the business forward. That’s why we created HP Secure Advantage, a pre-integrated portfolio of hardware, software and services from HP and HP partners, designed to help you defend resources, protect data and validate compliance – from desktop to data center to cloud. Here are just a few examples of how we’ve worked with our Secure Advantage Alliance partners to do the integration work for you – to help you close security gaps, open the business for new opportunities and free your resources for more value-add activities that advance the business.Assess your risks
Security gaps can be like a leaky roof: You often don’t know where the holes are until it rains. All too often, companies find their security holes only after a virus or worm has wiggled through.
With an HP Information Security Risk Assessment Service, you can understand where the gaps are across your enterprise, the associated risks and where you’re over or under spending on security, to get a better handle on costs.
This “soup to nuts” service includes an assessment of the IT resources you use to deliver services; your data at rest, in use and in motion inside and outside your enterprise; and your compliance requirements. With HP, you don’t have to buy separate consulting and evaluation services for each area, because your assessment extends across your operations.
Using a standards-based HP Information Security Service Management (ISSM) reference model, HP security experts help you build a plan to manage and mitigate risks by deploying highly operationalized security controls throughout the business.
We help reduce the time and cost required for risk management and regulatory compliance by mapping each of these security controls into controls for people, policy, process, product and proof (auditability). By correlating these control points, we can help eliminate redundancies and highlight areas needing additional controls.To reduce complexity, we’ve also integrated the breadth of our services portfolio with the breadth of security products from HP and partners. So, it’s much easier to select the exact solutions you need to address specific security gaps and priorities. Knowing precisely where to devote security dollars can also help you avoid a “more is better” approach to security for better cost control.
Capture for compliance, analyze for action
The sheer volume of event log data – and the variety of sources it comes from across the enterprise – makes it difficult to manage for compliance and security. That’s where the HP Compliance Log Warehouse (CLW) appliance comes in as a way to automate and simplify compliance reporting and to transform activity log data into actionable information to help prevent security breaches.
Part of the HP Secure Advantage Portfolio, the CLW collects, retains, correlates and analyzes event log data from across your infrastructure for enterprise-wide risk and compliance visibility.
HP improves that view by integrating the CLW with security solutions from our Secure Advantage partners, such as McAfee’s ePolicy Orchestrator (ePO) software, a security management platform used by many companies today. Here’s how it works:
In a two-way exchange of event log information, CLW continuously collects raw log data from a variety of McAfee solutions. In a “daily news” style, ePO requests the latest summary data from CLW, which displays reports on the ePO dashboard for ad-hoc analysis and investigation. By improving risk visibility into actual events happening on the network, such as credit card activity, the CLW can also help simplify Payment Card Industry (PCI) compliance.
By pre-integrating security solutions like these, HP helps reduce the cost and complexity of do-it-yourself integration projects, as well as the risks of security gaps.
Simplify application security
Application security isn’t just about catching security defects in the development cycle or in isolated operational areas. And, it’s not about buying multiple tools that only complicate security management for today’s web applications.
That’s why we offer the HP Assessment Management Platform (AMP), part of the HP Application Security Center portfolio, as a more integrated approach to controlling application security.
This scalable, distributed scanning and enterprise application security platform is designed to extend web application security across the complete application lifecycle, so you can better manage application security risks across the enterprise.As a foundation for security testing and scanning throughout application development, quality assurance and pre- and post-production environments, the AMP solution can greatly increase your visibility into the state of application security at any point in time.By integrating AMP with your overall application lifecycle management process from the start, AMP can help you identify and address risks before they impact product release schedules and costs. In the production environment, AMP can continue to help maintain security by managing and automating regular scans of your entire web application environment, as well as the web services they provide, to uncover security vulnerabilities and deliver the remediation knowledge you need to protect your organization.As the integration point for managing application security data across the business, the AMP platform can help you discover trends, understand problems and make more informed decisions about application risks that could threaten the business. Further, an enterprise-wide view of application risks can help you set, control and mandate security policies and regulatory compliance to increase accountability.All this can help you decrease the risk, cost and complexity involved in protecting your applications, while helping to increase your application ROI.
HP Labs is developing a network of tiny, cheap, tough and exquisitely sensitive detectors that will make life more convenient and safer today while laying the groundwork for worldwide awareness tomorrow.
HP Labs Senior Reseacher
Peter Hartwell
The astronomer Carl Sagan once asked, “Who speaks for Earth?” Soon, the Earth may speak for itself. That’s the goal of HP Labs Central Nervous System for the Earth, or CeNSE. The research and development program aims to build a planetwide sensing network using billions of tiny, cheap, tough and exquisitely sensitive detectors.
“We’re surrounded by technological assets that are deaf, blind, can’t taste, can’t smell and can’t feel,” says Stan Williams, an HP senior fellow who leads the Information and Quantum Systems Lab (IQSL). “CeNSE is all about giving all this compute power the awareness of what’s going on in the environment around it,” says Peter Hartwell, senior researcher and project team lead.
Hartwell envisions sensing nodes about the size of a pushpin stuck to bridges and buildings to warn of structural strains or weather conditions. They might be scattered along roadsides to monitor traffic, weather and road conditions. Embedded in everyday electronics, CeNSE nodes might track hospital equipment, sniff out pesticides and pathogens in food, or even “recognize” the person using them and adapt.
Taken together, that awareness could “revolutionize human interaction with the Earth as profoundly as the Internet has revolutionized personal and business interactions today,” Williams predicts.
NERVES OF SILIC
For CeNSE to work, “we have to make sensors that are vastly more sensitive than anything else that have ever existed before, while being absolutely dirt cheap so that we can deploy them in very large numbers,” Williams says.
Hartwell is working on the first sensor to go into the field, a motion and vibration detector. More accurately called an accelerometer, Hartwell’s device is sensitive enough to "feel" a heartbeat. The source of that sensitivity is a 5mm-square, three-layer silicon chip. A portion of the center wafer is suspended between the two outer wafers by flexible silicon beams. When the chip moves, the suspended center lags behind due to its inertia. A measurement of that relative motion is used to calculate the speed, direction and distance the chip has moved.
This exquisitely sensitive accelerometer can detect a 10 femtometer change in the position of its center chip. That’s less than one-billionth the width of a human hair. As a result, it can measure changes to acceleration in the micro-gravity range. That’s about 1,000 times more sensitive than accelerometers used in a Wii, an iPhone or an automobile’s airbag system.
IQSL Lab researchers also plan to add sensors for light, temperature, barometric pressure, airflow and humidity.
While Hartwell’s accelerometer gives CeNSE its “feel,” the system’s “taste and smell” are just around the corner. Researchers in the group are using nanomaterials to boost a standard chemical and biological detection technology (Raman spectroscopy) to 100 million times its usual sensitivity rates. As sensitivity rises, sensor size can shrink. That could lead to detectors small enough to clip onto a mobile telephone. With a wave over produce, the sensor might warn consumers of salmonella on spinach leaves or pesticides present in “organic” produce, Hartwell says.
STRENGTH IN NUMBERS
Today, sensitive detectors are expensive. The few out there tend to return a lot of false alarms. Deploying sensors en masse helps sort out background noise and hone in on significant trends.
Monitoring a bridge like the San Francisco Golden Gate might take 10,000 nodes, says Hartwell. Figure a million or so for a big business application, such as cargo shipping. To enervate the Earth, about a trillion should do the trick. At that rate, sensor nodes must cost next to nothing, yet measure everything.
“The sensor node is a challenging integration problem," says Hartwell. "You have to put the sensor chip with a radio and a battery and a solar cell in a package that’s inexpensive, yet rugged enough to throw by the side of the road,” he says. As it happens, HP already manufactures hundreds of millions of similarly sophisticated, yet rugged and inexpensive devices today: inkjet printer cartridges.
That experience can be applied to CeNSE nodes: “In both cases you have a complex chip that must be exposed to the environment—to measure it or to squirt ink onto it—and packaged into a integrated unit,” says Hartwell
HP Lab’s memristor technology will also play a key role in getting that integrated sensor node into a tiny package: “The memristor is about doing memory and logic in a
technology that’s so small and so low power that a pushpin-sized sensor starts looking like something you can really build,” he says.
HP Labs senior researcher Peter Hartwell holds a prototype of a sensor network node incorporating the new MEMS accelerometer from HP. The first to be deployed as part of HP Labs’ Central Nervous System for Earth (CeNSE), it is about 1,000 times more sensitive than today’s mass-produced devices. Photo: Margie Wylie.
MASSIVE DATA
Sensor nodes, however, are only part of the challenge of CeNSE.
“How do you capture and use all that data?” asks Hartwell. At a typical data rate, one million sensors running 24 hours a day would require 50 hard disks running in parallel to capture the 20 petabytes of data created in just six months. “The amount of data we’re talking about here is ferocious,” says Williams.
Then it has to be crunched to extract meaningful information. No matter how many gigabytes of data a smart highway might deliver, for example, “you’re only interested in one bit when you walk out that door,” says Hartwell. “Just one bit: Which interstate highway will take you home fastest? If it saves you 20 minutes on your commute, that one bit is worth a lot,” he points out.
HP is approaching sensing networks not just as sensing or moving data or crunching it, but from a holistic perspective, says Hartwell. “We have the networking expertise in our ProCurve division, we have consulting and integration through our Enterprise Services division (formerly EDS),” not to mention business intelligence, storage and data center technologies. Williams agrees: “We’re the only company approaching this from soup to nuts.
LISTENING TO EARTH
CeNSE’s first applications will make living on the planet safer and more convenient. But as the network grows, the breadth and detail of information it gathers could be critical to Earth’s survival, says Hartwell.
“If we’re going to save the planet, we’ve got to monitor it,” says Hartwell. “We have to understand how we’re impacting the planet,” he says, pointing out that we don’t understand how wind farms may affect rainfall or how a cooling sea changes wind currents. Hartwell imagines people volunteering their sensors to feed data to climate change models, just as unused compute cycles are unfolding proteins and unraveling genomes today.
On an individual level, sensing could help people make everyday lifestyle changes: “We have to use this capability to figure out how to change the way we do things: You can tell the kids to turn off the lights, but it’s going to be a lot more effective if the lights turn themselves off.”
The Windows Azure platform offers a flexible, familiar environment for developers to create cloud applications and services. With Windows Azure, you can shorten your time to market and adapt as demand for your service grows.
Windows Azure offers a platform that is easily implemented alongside your current environment.
1.Windows Azure: operating system as a service
2.Microsoft SQL Azure: fully relational database in the cloud
3.Windows Azure platform AppFabric: makes it simpler to connect cloud and on-premises applications
