Cybersecurity Security SolarWinds Zero Trust Technology Innovation

How a Taxonomy of Connected Devices Can Improve Network Security

John Ellingson
John Ellingson
blue network nodes against a dark blue background

When I was collecting background information on the Solarwinds attack, it occurred to me that the tech industry has never gotten the taxonomy of connected devices right. This is an important concept that is often underestimated. 

In this modern era, there are many billions of connected devices around the globe and a global network that consists of a very loose conglomeration of networks. It’s easy to assume that any device should effortlessly connect with any other device.

The reality is that even the most connected device will only directly connect with several million devices (if you include several layers of connections). This is 10-5% of all possible devices.

The number of devices that pose a threat if connected to a protected network outnumber protected devices by 100:1, 10,000:1, or possibly more.


The rest of the devices are neutral, at best. Instead of designing networks with a mandate to accommodate connection with every possible device, systems should be constructed to enable direct connection only to that 10-5 or smaller percentage of devices.

Edward Tenner might say that the current system is an example of technology "biting back" -- a decision was made (maximize ease of connection) to solve a challenge. That decision created another problem: the network is now designed for the convenience of the attacker as the preferred user. 

Rather than having the default condition being an open connection, it should be a closed or no connection until authorized. This is the core of the idea that propelled the invention of QWERX's secure device authentication technology. A QWERX-protected network never assumes that any device is permitted access, even if it has connected before. Our innovative Ephemeral Key Infrastructure technology continuously verifies the permission of every single connected device, multiple times per second.

Life is the model. I share about 50% of my DNA with an oak tree and about 80% with every other mammal. But we are different species and cannot exchange our DNA. Yet, we all share a common environment and interact in many ways and are mutually dependent in the larger ecosystem.

Big things happen when small amounts of information are altered.

 

QWERX leverages making significant changes by altering just a few things. We eliminate algorithms and substitute with chaotic information. We are able to eliminate secrecy by designing the system to be dynamic and ephemeral, instead of static. We enabled the use stronger and simpler symmetric key structure instead of the more complex asymmetric key structure. By making a number of small changes, we can accomplish dramatic results.
John Ellingson

John Ellingson

Follow me on LinkedIn Follow me on LinkedIn

John Ellingson is the Chief Technology Officer at QWERX. John started his digital career with the Boeing Company working on the 747 aircraft in the late 1960s. He became a computer-literate attorney performing what is today known as forensic accounting. As the founding chairman of the ABA/YLD Subcommittee on Tax Treatment in Bankruptcy, John worked with the Congressional Joint Tax Committee to create the Internal Revenue Code Provision enabling the tax-free merger and acquisition of debtor corporations. This law became part of the Bankruptcy Tax Act of 1980. John had a national M&A practice in this area and obtained the first IRS Private Letter Ruling on this Code section. As a result of this practice, he observed a frequent element of white-collar crime in many bankruptcy cases, and he subsequently developed and patented a method to detect identity fraud. The product derived from that patent is still deployed at most retail banks throughout the U.S. today. This success started John on a path of protecting digital systems and identity management. He continued in this role with American Operations Corporation and ASM Research before founding infOsci LLC and later QWERX, Inc. John holds numerous method patents in digital system security. John was appointed to the United States Air Force Academy and medically separated before graduation. He holds a Bachelor of Science degree from the University of Wisconsin and a Juris Doctor degree from Seattle University. For 20 years John served as a liaison officer with the United States Naval Academy and the United States Military Academy. He also served on the Service Academy Selection Boards for two U.S. Senators.

Leave a Comment