Recent Blog Posts
With 2015 in full swing, many of us are holding onto our resolutions, promising we will at least carry them into February. In recent years, technology has played a more central role in helping us keep our resolutions. From fitness … Read more >
The post Maximize Your 2015 New Year’s Resolution Success with an Intel-Powered Tablet appeared first on Technology@Intel.
I’m always in awe of great photographers. You see, I’m the kind of guy who just sets his camera on AUTO and hopes for the best. I keep meaning to sign up for that photography class but it never seems … Read more >
CES 2015 has come and gone. If you were lucky enough to be there and see the amazing Intel booth, you probably heard a lot about user experience, or “UX” for short. That’s because Intel is searching for ways to … Read more >
According to the Brookings Institute, 90 percent of Americans drive to work, a statistic that helps me understand why I seem to be stuck in traffic all the time. The numbers might be slightly lower globally, but it’s safe to … Read more >
The post New IoT Study Explores Security Solutions for ADAS appeared first on IoT@Intel.
Identifying and correcting security vulnerabilities in applications has become more increasingly vital with Static Code Analysis tools in conjunction with manual code reviews. Static Code Analysis includes an automated software tool that examines a program’s source code without actually executing it. This type of analysis is used to identify different kinds of security issues, obscure logic problems, bugs and defects, and more. Even more importantly, it is becoming common to have an organizational policy that includes the requirement. It is already a compliance requirement for organizations that must comply with Payment Application Data Security Standard (PCI PADSS).
There are a plethora of vendors with static code analysis tools that we won’t be comparing here but rest assured the most common development languages are supported. These tools can be very helpful in determining adherence to secure coding standards. But one of the biggest challenges to getting started is the shock of a report after an initial codebase is analyzed. There could be tens of thousands of issues found when an analysis is completed for a large codebase that has never been scanned before. Going through the static code analysis report can be beneficial in helping to identify high risk security areas but can also be time consuming to research what may result in false alarms. Either way, the effort must be made to review such a report as it helps demonstrate due diligence by documenting the review of potential vulnerabilities. For the software engineer being asked to address issues found in a large legacy code base, it can present more stress added on to the workload for developing the next release.
If a threat model was completed during the design phase of the application development, it can help to describe the security objectives or privacy requirements for the application and how those objectives mitigate threats in possible misuse or abuse cases. The main focus should have been on protecting the system and the information being processed. Furthermore, an attack surface analysis helps with defining how an external adversary may attempt to attack the application and focuses more on the high risk areas where there may be more exposure such as Internet connected interfaces. If these tools were not used during the development phase, maybe other types of risk based approaches provided the same result. But if not, it’s advisable to start having these conversations with all stakeholders so that the security objectives and attack surface mitigations can be well defined. It’s likely that an Advance Persistent Threat (APT), albeit with limited knowledge of the system, would use similar tools when attempting to identify an application’s potential weaknesses for the purpose of exploiting them.
Requirement for static code analysis has become more commonly integrated into an organizations secure application development processes and it helps with adherence to ISO 27034. It’s also advisable to integrate Threat Modeling and Attack Surface Analysis into the lifecycle as well. These tools are helpful in prioritization efforts so that identified issues in static code analysis reports can be focused on the most important security features of an application first. This will undoubtedly help the security reviewer gain traction on an effort that may seem overwhelming at first.
Find Andy on LinkedIn
See previous content from Andy_Good
Start a conversation with Andy on Twitter
PP14 adopted two new Decisions and 20 new Resolutions. Three existing Decisions and 51 Resolutions were modified and seven Resolutions were suppressed. The final acts are available here. While there were rumors leading up to the meeting that there might … Read more >
This is the second installment of a four part series on Smart Cities with Dawn Olsen (#2 of 4).
In the age of smart cities, it’s an unavoidable truth that although technology can deliver new and amazing capabilities, it can also potentially be a disruptive force. That’s why security is a major focus within the development of Internet of Things. It is important to use integrated technologies to address some of the security challenges that can emerge in connected cities.
While social media has evolved the experience of events (both big and small) by virtually connecting people, new potential threats have surfaced as a result. When the world’s eyes are on major events like, the 2012 Olympic Games in London or the 2014 World Cups in Rio de Janeiro, protest groups may try to make the most of this global attention.
It’s not just major world events that are susceptible to such disturbances. An unfortunate Dutch teenager found this out when their not-so-sweet 16th birthday party crashed by 3,000 people after the event announcement went viral on Facebook. This small event invitation spread wider and wider on social media, resulting in large crowds gathering and eventually police arriving to the scene in riot gear. Cases like this are rare, but I mention it because city authorities and security services have learned lessons from it. Intel is working with authorities to safeguard against threats like these. We’re bringing together new tools, connected to the Internet of Things. From the devices in our hands and the sensors on our streets to the gateways, servers and cloud-based management platforms used to orchestrate complex security networks, innovative tech is developing on behalf of city security It’s certainly a far cry from traditional measures like simple CCTV networks. By combining inputs from different sources and various types of tech acquisitions in real time, Intel is pioneering “joined-up” security solutions. As mentioned, social media can be part of the solution as well as the challenge. By gathering data from public networks like Twitter and FourSquare, police forces can now track situations as they unfold. And support for these measures exists: an Intel survey found that 61 percent of Americans believe it’s worthwhile for a connected city to gather anonymous information about people – that is, if the data is then used to benefit the area.
In this way, authorities in command centers now have access to this up-to-date intelligence. The ability to use Big Data analytics can be used to predict where trouble may occur so that preventative measures can be taken ahead of time. The technology is already showing results in pilots around the world. In one city in Europe, for example, Intel is working with local authorities to police a 400 meter strip with around 50 bars that attract20,000+ visitors each weekend. Using a system that integrates social media monitoring, light sensors, and sound-monitoring technologies, Intel is harnessing the full IoT ecosystem to help the city improve safety, reduce security and lower maintenance costs and turn a thriving event into an even more economically and viable phenomenon for the city.
As smart cities grow, security remains the number one priority for city leaders. By supplying the necessary tools and the expertise, Intel is helping these cities harness the Internet of Things to keep city dwellers safe.
This is the second installment of a four part series on Smart Cities (#2 of 4). Click here to read blog #1.
To continue the conversation, let’s connect on Twitter @DawnOlsen
Global Sales Director
Government Enterprise, Intel
This is the third installment of a four part series on Smart Cities with Dawn Olsen (#3 of 4).
One of the most visible results of a growing urban population is an increased congestion of traffic jams. This affects not just our ability to go about our business, but also the quality of air that we breathe. In my next post in this blog series, I will discuss Intel’s work to help improve air quality. Today, I’d like to focus on smart transport.
More than half of the world’s population lives in cities, and the number is growing. It’s predicted that by 2025, 37 so-called megacities around the world will have a population of more than 10 million. As the number of city dwellers continues to rise, so does the number of vehicles. It is this reason that congestion is becoming a bigger issue in our cities that are ill-prepared for such volume growth. For example, the journey to work can now last hours – in Sao Paolo some commuters are resorting to helicopters to get around!
Cities are beginning to take action to tackle this growing congestion problem. With the ever-evolving innovations in technology, new opportunities and solutions are presented all the time. For instance, by combining existing infrastructure with smart sensors and Intel® Gateway Solutions for the Internet of Things (IoT), a city’s roadway system can be completely transformed – traffic control centers can gather useful data and get a view of how the whole transport system is working in order to improve efficiency.
While traffic jams can cause inconveniences for everyday commuters, it can also cause critical delays for emergency response teams. Intel is working with city partners to develop an end-to-end smart transport system that uses real-time data to calculate the fastest route for emergency services. Through this system, vehicle-to-vehicle communications can be connected to sensors that monitor congestion levels. With this integration, alert messages can be triggered to update a central management system. The “Intel Freeway to the Future” survey found that, if a smart transport system such as this was built, 59% of Americans would opt-in to a city program to have a sensor fitted in their car.
Planning sustainable traffic systems is an important part of the long-term initiatives Intel has developed within cities like San Jose, California. By bringing together the technological building blocks that make up the Internet of Things, Intel is helping the city improve infrastructure. The aim in the next 40 years is to reduce the total miles travelled in the city by 40 percent while creating 25,000 new clean-tech jobs. This project has been recognized by the White House as an integral part of the Smart America initiative. Other public-private collaborations involving smart cities and Intel – like the ongoing project in Dublin, Ireland – have also been noticed.
There are countless potential applications for this technology that can enhance the lives of city people. One possibility could include an intelligent routing system for school buses so that parents can track the bus to ensure that their kids are traveling safely and on schedule. Other opportunities exist within the idea of building a smart transport system that connects different services. Suppose a ferry is running late, this smart transport system could alert local buses to arrive later for a smooth travelling connection.
For those of us who can’t afford helicopter rides to and from work, Intel’s smart city initiatives are driving sustainable, effective solutions to meet the challenges of rising congestion levels in the city.
This is the third installment of a four part series on Smart Cities (#3 of 4).
To continue the conversation, let’s connect on Twitter @DawnOlsen
Global Sales Director
Government Enterprise, Intel
Diverse career development opportunities – there is no other way to phrase it. Intel is a multinational company, operating in a high tech industry. The cross-discipline needs to keep it running require an employee base that bring with it a … Read more >
At the end of 2014, Marriott and the American Hospitality & Lodging Association made waves by petitioning the FCC for the right to block personal Wi-Fi hotspots at their venues. The backlash was immediate and fierce. Everyone from consumer advocates … Read more >
The post Consumers Dictate the Growing Importance of Hotel Wi-Fi appeared first on Technology@Intel.
We are taking Intel Extreme Masters to the Taipei Game Show January 28th ~ February 1st where some of the best StarCraft II and League of Legends players will compete for $75,000 in prize money. Will the StarCraft II tournament … Read more >
The post Intel Extreme Masters is headed to the Taipei Game Show appeared first on Inside Scoop.
by: David Hoffman, Intel Director of Security Policy and Global Privacy Officer In last night’s State of the Union, President Obama called for greater investment in infrastructure projects. This work often refers to “shovel ready” projects. In my view the most … Read more >
Intel joins the President in the call for Congress to pass trade promotion authority (TPA) legislation. As the world’s leader in semiconductor chips and innovative technology, Intel realizes the importance of overseas trade and sales. More than three-quarters of Intel’s … Read more >
The post President Obama calls for trade promotion authority in SOTU appeared first on Policy@Intel.
I live in Seattle’s Capitol Hill neighborhood which is a sort of miniature slice of Hemingway’s Paris, transplanted several thousand miles to the West Coast of the United States. The modern equivalents of great writers, abstract painters, thinkers and philosophers congregate in this neighborhood, … Read more > Read more
The buzz following the mHealth Summit has been encouraging, to say the least. The December event drew 4,000 attendees, who were brought up to speed on the latest developments spanning policies and research, global health, hospital mobility, consumer engagement, privacy and security and, of course, emerging technologies.
The two areas of focus that I found most encouraging centered on consumer engagement and care coordination.
Far too often, when the industry talks about mobile health, the technology itself – or even just the promise of an emerging technology – has a way of quickly overpowering the dialogue. But as the Center for Connected Medicine’s Joseph Kvedar touched on (and several panels advanced the notion), one of the biggest issues facing healthcare right now is getting and keeping consumers interested in their own care. The success of mobile devices and apps, as well as early consumer interest in wearables, is encouraging because it shows that all the pieces are in place. But until consumers show as much interest in communicating their health information with their doctors as they do, say, sharing Facebook posts, the healthcare system overall will continue to struggle.
Given this present state of consumer engagement, news that care coordination works was all the more welcome.
As mHealthNews reported: “In health systems large and small, clinicians are using smartphones to instantly connect with others caring for the same patient. They’re sharing notes and tests, discussing treatment plans and, in many cases, bringing the patient and his/her family into the loop to map out a care plan that goes beyond the hospital or clinic. It’s a tried-and-true process that’s gone beyond the pilot stage, as was noted in Healthcare IT News’ Monday morning breakfast panel and several educational sessions. Expect this to become the norm for patient care.”
Taken together, the growing emphasis on consumer engagement – coupled with the now proven advantages of care coordination to help overcome the disconnect between physicians and other care givers – is, in my opinion, highly likely to yield meaningful outcomes.
Equally important, as medical groups and health systems begin to make headway with consumer engagement while addressing care coordination holistically, providers should be able to work together to keep patients healthier – while remaining competitive in the marketplace.
What questions about mHealth do you have?
As a B2B journalist, John Farrell has covered healthcare IT since 1997 and is a sponsored correspondent for Intel Health & Life Sciences.
Read John’s other blog posts