RealTime IT News

RSA Comes Out With Cable-Centric Cryptology Solution

RSA Security, Inc. , has come out with its own security software package for cable modem makers, officials announced Tuesday.

The BSAFE broadband cryptographic software, designed especially for DOCSIS 1.1 (Data Over Cable Service Interface Specifications), is the latest in an emerging crop of security measures for the broadband modem industry, an industry considered by many a relatively easy mark for malicious hackers, or crackers.

Cable modems are an especially tempting target for IP-sniffing hacking tools when it is paired with a vulnerable Windows PC, which has printer and name sharing options. When the cable modem connects to the PC, it uses a Local Area Network (LAN) interface. That LAN reference address, which is really the computer's IP address, is used by the cable modem when connecting to the user's Internet service provider (ISP). That IP address can be picked up by crackers and used for peer-to-peer PC manipulation.

RSA Security's software answer is the extension of its existing BSAFE product line, which lets modem and software manufacturers embed public key infrastructure (PKI) and encryption algorithms that meet standards for authentication and confidentiality.

Oscar Marcia, chief security architect at CableLabs, a non-profit research consortium of cable operators in North and South America, said that many vendors are spinning current software products and tailoring them to fit DOCSIS specifications. CableLabs developed the DOCSIS standard that was approved by the International Telecommunications Union (ITU) in 1998.

"What I suspect RSA has done, and what a lot of vendors do is they reuse some of their existing code and just kind of tweak it toward the specific industry," Marcia said. "BSAFE is also used for SSL (Secure Sockets Layer documents) and I suspect they are now getting into the broadband and tweaking the code. Other vendors are pursuing similar objectives, so we're just getting a hold of what they're doing and taking a look at it."

Security is an important aspect of any communications network, and as the cable industry ramps up its other service offerings, including voice over IP (VOIP) and interactive set-top boxes, it will play an ever-increasing role in the industry's success.

Bill McQuaide, RSA Security vice president of product marketing said BSAFE Broadband was developed for just that purpose.

"With the rapid deployment of cable broadband Internet access for delivering converged voice, data and video services via shared cable networks, proven security for consumer devices is essential," McQuaide said. "RSA BSAFE Broadband cryptographic software extends RSA Security's leadership to protect the next-generation of broadband users."

To date, RSA Security's software package supports the Solaris 2.6v8, Windows NT4 and Red Hat Linux 6.2 operating systems (OS), and manufacturers are able to view the source code upon request.

Rouzbeh Yassini, YAS Broadband Ventures chief executive office and executive consultant to CableLabs, said the cable-standards organization has kept its eye on modeling the cable networking architecture on the same principles as the copper-based infrastructure of dial up and digital subscriber line (DSL) networks.

"Security is just like any other network operation, and an important aspect for consumers and for our business," Yassini said. "To that point, we're going to look at that aspect and make sure the network architecture can handle the variety of security measures that a broadband global organization needs to have. That's why we work with presitigous organizations like RSA (and telephone companies like Verizon Communications ) to make sure our networking principles stay the same.

Having said that," Yassini continued, "the networking concepts of DSL or dial up or cable all need to work on the same types of attacks that hackers could do. What we want to make sure in the cable industry, both on a shared medium as well as the edge of the infrastructure, is that we have the most secure network, just like your private in-house networks. That's why we work (with these companies), to make sure that network architectures hold the fundamental, if you will, aspect."