DEV Community: Hughes Systique Corporation

How Passpoint Delivers a Seamless Wi-Fi Experience at Airports

Amrita Satpathy — Tue, 10 Oct 2023 10:23:26 +0000

Passengers expect a hassle-free experience with connecting and accessing Wi-Fi on their devices from when they check in, right up to the departure gate. Seamless Wi-Fi services allow passengers to stay connected, check emails, access flight information, and use various travel apps, thus enhancing their overall airport experience.

Passengers at airports often experience long waiting times, and having access to the internet becomes paramount to keep them engaged. In addition, a reliable Wi-Fi network allows the airport to relay real-time updates about flight delays, gate changes, and baggage claims, thus reducing frustration and confusion among passengers. Therefore, the demand for a seamless Wi-Fi experience at airports has increased.

Lastly, a common pain point for passengers regarding airport Wi-Fi is the lack of security. Indeed, airport Wi-Fi is just as unsecure as any other public Wi-Fi implementation, leading to distrust among travellers in connecting to the airport Wi-Fi.

Current Challenges with Airport Wi-Fi

Here are some challenges people face with the Wi-Fi available at airports.

Complex login procedures: The first challenge is encountered at the first touch point where passengers interact with the login portal. The current state of Wi-Fi onboarding is one where passengers encounter complex login procedures and confusing captive portals, which results in difficulties in connecting to the network, leading to frustration. This also puts more pressure on the helpdesk staff, who get overburdened with resolving these issues while also tending to critical issues in airport operations.

Security concerns: Passengers express their concern with public Wi-Fi at Airports due to the following reasons:

Airport Wi-Fi networks are open and unsecured, meaning they do not require a password for connecting.
Lack of robust encryption protocols, allowing attackers to insert themselves between the passengers and the connection point and intercept the communications.
Attackers may also pose as the airport network itself by establishing rogue hotspots in what is called an “evil twin attack,” thus tricking passengers and infiltrating their devices.

**Scalability: **This poses yet another challenge, with the airport network being able to onboard heavy traffic without disrupting it during rush hours.

Meeting Compliances: Any Wi-Fi solution must comply with the regulatory environment, which includes data privacy laws such as GDPR and CDR/IDPR log management.
Finally, as airports are incorporating a technology-focused approach to all areas of operation, they understand the need to collect valuable data from which they can extract actionable insights. Data that can improve the user experience and operations and provide new monetization streams.

How NGH Tackles the Problems Encountered with Traditional Wi-Fi?

HSC’s Next Generation Hotspot (NGH) is a leading managed Wi-Fi platform that uses Passpoint™ to simplify the login process and improve network security. Passpoint™ is a Wi-Fi standard that allows devices to automatically connect to trusted Wi-Fi networks without having to enter a username or password. This makes it much easier for passengers to connect to the Wi-Fi network at the airport. NGH can integrate easily with the existing network infrastructure at airports, automatically connecting users across networks with a one-time authentication.

Let us break down what that means in the context of the airport Wi-Fi experience. A passenger can connect to the Wi-Fi network at their source through a simple login process consisting of device-based authentication, which creates a unique and locally stored profile. When they land at their destination airport, they will find that they are automatically connected to the new network and do not have to repeat the onboarding process. Hence, NGH facilitates an improved guest experience for travelers with an “always on, always connected” Wi-Fi experience.

NGH also uses WPA2/WPA3 enterprise security to improve network security. WPA2/WPA3 is a set of security protocols protecting Wi-Fi networks from cyberattacks through enhanced authentication and encryption.

1. An Improved Travelling Experience

In addition to improving the security and convenience of Wi-Fi, NGH also provides a number of features that can improve the passenger experience at the airport.

Location-based alerts and notifications:
NGH leverages the location or proximity-based data from the network’s access points, providing the approximate whereabouts of all connected passengers at all areas inside the airport. This data can be leveraged to push location-based alerts and notifications to users’ devices, providing them with useful information such as flight delays or gate changes.

Proximity Engagement:
Businesses operating within the airport can also leverage this feature. For example, travelers can receive prompts to access the digital menu or see the day’s value meals at restaurants near the food court. Similarly, they can get notified about lounge access when they are near the international lounges, forming a great value-add for business travelers.

Voucher Management:
On the other hand, this feature allows foreign travelers, who may not have a local SIM card to onboard easily onto the network and avail of the same benefits.
An improved guest experience for passengers directly translates into improved satisfaction, allowing them to access their boarding passes on their phones, check into their hotels remotely, and access kiosks, lounges, and other remote services the airport provides.

Thus, tapping into this customer demand for easily accessible connectivity improves customer loyalty. A loyalty driven by improved user engagement & retention and increased trust and confidence in the airport services.

2. Business Value-Add: Leveraging Analytics and Additional Monetization Streams

NGH provides airports with valuable insights into passenger behavior and preferences. This information can be used to improve the passenger experience, optimize airport operations, and generate additional revenue.

Analytics offer insights into areas of congestion and help optimize passenger flow, allowing airport authorities to reconfigure security checkpoints, seating arrangements, and other areas to reduce bottlenecks.
Dwell time analytics allow airport management to gain insights into passenger behavior and preferences, which can be used to improve pathfinding and push proximity-based offers and alerts to travelers.
Passenger behavior insights also enable strategic advertising and promotional materials placement throughout the airport.
Heatmaps allow for monitoring the crowd density in various areas, which can be used to make decisions about capacity planning, staffing, and crowd management during peak hours.
NGH also allows airports to introduce tiered pricing plans for Wi-Fi services. This will enable airports to generate additional revenue from Wi-Fi while still providing a good value for passengers.

For example, domestic travelers who check in just in time can be offered limited data for a limited time, whereas international travelers or those who face long layovers for connecting flights would have higher data requirements and hence can be charged for data usage. Hence, plan management allows the airport to introduce tiered pricing plans for their Wi-Fi services, resulting in additional monetization streams.

Conclusion

NGH is a powerful Wi-Fi platform that can help airports improve the passenger experience, reduce operational costs, and generate additional revenue.

As airports continue to explore and integrate technology solutions into their business processes, hotspot standards such as Passpoint™ will continue to evolve and empower airports with better and more actionable data.

As we roll out NGH to even more airports worldwide, we gain a deeper understanding of the unique challenges and opportunities that airport operations bring and how we can be a part of the ongoing journey and provide the most value from what you do every day.

Role of Cloud Computing in Hospitality Industry

Amrita Satpathy — Wed, 26 Jul 2023 13:19:46 +0000

Hospitality has been a part of human culture for millennia. With the evolution of industries and the addition of newer technologies, the hospitality industry has evolved as well, and the services which were once considered exceptional have become the basic expectation of customers. Today, services like WiFi, TV, AC, and Parking Space are expected by every customer booking a hotel. However, 20 years ago, many of these were a delight. Thus, for anyone involved in the industry who wants to survive and thrive in the longer run, it is crucial to upgrade continuously and integrate emerging technologies. Today, hospitality technology amalgamates technologies like Artificial Intelligence, Augmented Reality, Analytics, Cloud Computing etc., to address the changing customer demands and improve their overall experience.

Classification of Hospitality Industry:

The hospitality industry can be broadly classified into the following three sectors:

Accommodation – The Accommodation sector consists of Hotels, Motels, Hostels, and Resorts which essentially provide lodging facilities to both local and non-local guests.,

Food and Beverages – The food and beverages sector includes Restaurants, Catering services, Bars, and Cafes, primarily offering a satisfying dining experience consistent with the budgetary constraints of its customers.

Travel and Tourism – The Travel and Tourism sector includes Vehicle rental services, Cruises, and Casinos, targeting customers away from home seeking a memorable vacation.

All three sectors run parallel to one another and often complement one another by offering a variety of services to the customer in geography.

Managing hospitality services often involves complex processes, and even a minor human error may lead to an underutilized employee and a dissatisfied customer, eventually impacting the balance sheet of the company. This is where technologies play a major role. Traditionally, in the hospitality sector, too, companies have IT infrastructure and dedicated teams which are responsible for handling functions like Reservations Management, Customer Management, Employee Scheduling, Marketing etc. However, with time, companies have begun streamlining their IT processes by opting for Cloud Computing in Hospitality Industry.

Application of Cloud Computing in Hospitality Industry

According to Microsoft, Cloud computing is the on-demand delivery of computing resources like data storage, Analytics, and software over the Internet without actively engaging the user in their management. Cloud Computing saves the effort of building up your own physical IT infrastructure and its management, brings scalability and saves costs as it is pay-per-use (you only pay when you use the service). It is different from outsourcing one’s IT as, here, the owner still has direct control over the data stored and processes running on the cloud. Cloud Computing services are provided by reliable IT giants like Amazon, Google, IBM, and Apple.

For multiple reasons, which include reducing costs, bringing scalability and automation to business operations, and providing seamless customer experience, major players in the hospitality industry have already integrated their applications onto cloud platforms. Therefore cloud computing in hospitality business can have several applications, including the following:

Customer Management:

Customer Management services can be availed through a subscription to cloud services. These services are scalable, flexible, and easy to integrate into one’s business. Customer Management tools over the cloud also generate analytics related to customers’ data that can be easily accessed over the Internet. Because of a low, upfront cost, these become a good choice for small businesses that are unlikely to develop their own Customer Management environment. These also help in reducing the direct interaction of guests with employees. For example, if a customer wants to access the helpdesk module, they can access it using any device by connecting to the internet.

Reservation Management:

Cloud Services are widely used to provide reservation services to end consumers over the Internet. These include online ticketing services, reservation of tables in restaurants, and advance booking of accommodation. The tools available on the cloud automate the management of appointment scheduling and allocation of services while forecasting approximate waiting time, confirming bookings, and providing information to consumers. With the rise of accommodation booking service providers like MakeMyTrip, Agoda, booking.com etc., online booking is now a universally accessible technology in hotels.

Event Management:

The goal of any event management team is to plan and execute a flawless event. It involves dealing with people, including teams, clients, guests, and vendors and controlling things needed to make the event successful. Cloud services are useful in managing events as they assist in allocating responsibilities and improving coordination within and between teams while addressing business developmental goals. Using cloud computing, it becomes feasible to provide a unique interface to each stakeholder, mentioning their schedule, duties and responsibilities.

Point of Sale Service:

Point of Sale is the place and time where a retail transaction takes place. Long queues and uncertain waiting times have historically been a problem when many customers choose to avail of a service at the same time. Shifting point-of-service transactions online and automating the billing process benefits cashiers and consumers alike. It reduces the burden of cashiers handling many customers and accurately approximates the waiting time. An excellent example of hospitality companies adopting POS service is the fast-food restaurant chain McDonald’s. It offers its customers rewards in the form of points that can be redeemed to get delicious dishes when they pay using a QR code.

Benefits of using Cloud Computing in Hospitality Industry

According to a Consumer Research Study done by Oracle, 73% of customers prefer hotels that offer technological solutions and minimize contact with the staff and other guests. Using Cloud Computing services in the Hospitality industry is beneficial to both the user and the end customer, as it advances the services provided while being cost-effective at the same time. Today, several big players in the hospitality industry, including Marriott International, are adopting the asset-light Business model, and shifting to the cloud is a quintessential example of that.

Reduced Software Costs:

Since cloud computing services are subscription based, where users pay per use while avoiding any maintenance costs, it helps customers save money when they choose cloud-native application development services. Many cloud service providers have ready-to-use, on-demand generic software available that can be availed through the Software as a Service (SaaS) Model. This type of software can also be customized to match the client’s specific needs through Platform as a Service (PaaS) Model. All this saves the developmental costs involved in building own virtual infrastructure. Finally, since multiple processes can be automated over the cloud, the cost involved in manual efforts is saved.

Zero IT-Overheads with Zero Hardware Depreciation:

As with all physical machines, the IT infrastructure of any organization depreciates over time, binding Companies to spend capital on frequent upgrades and replacement of parts. Traditional IT infrastructure also requires spending on daily overheads. On the other hand, there are no depreciation costs associated with cloud computing. Moreover, it eliminates the overheads involved in day-to-day IT operations and thus helps reduce the total cost of ownership (TCO).

Unhindered Operations and Security:

Various cloud services providers like Microsoft, IBM, and Google vouch for keeping the database of their clients safe from any external access while providing large amounts of storage service to multiple clients. Cloud services are adaptable as the core functions of the client can be maintained on the premises of the client at their discretion. When using cloud services, system failure during an unstable power supply is prevented, leading to unhindered operations conducted in a safe environment. The possibility of getting stuck with one vendor due to high switching costs can be avoided using Cloud native app development methodology.

Instant Availability Anytime, Anywhere:

With the proliferation of affordable smart devices and access to high-speed internet, the services running over the cloud are provided at the fingertips of the end customer regardless of their location. The same is the case with the direct client. Uninterrupted quick access to the database and software over the cloud brings ease of working. Since the services are subscription based, the amount of storage subscribed can be increased as the business grows.

Disadvantages of Cloud Computing in Hospitality Industry

Cloud computing is not immune to risks and downsides. It comes with an impact on the environment and risks associated with its adoption.

Enormous Energy Consumption:

Setting up cloud infrastructure requires large Data Centers connected over Data Transmission Networks. To keep these Data centres operable 24*7 at suitable temperatures, a large amount of energy is needed. According to International Energy Agency, data centres and data transmission networks accounted for nearly 1% of energy-related greenhouse gas emissions. This is likely to increase manyfold as more and more industries adopt cloud computing.

Risk of Failure:

Shifting the entire IT operations of an enterprise to the cloud brings a complete dependence on it, and failure of cloud services would mean a complete failure of the business involved. In the hospitality industry, where customer experience is paramount, this would lead to failure of services at each customer touch point, a nightmare for the industry.

Unfair Advantage to Bigger Players:

According to Google/SOASTA research of 2017, the probability of bounce (visitor leaving the website without exploring other pages) increases by 32% when page loading time changes from 1 second to 3 seconds. Cloud Computing services are subscription based, where the quality of service and the storage allotted depends on the premium paid by the subscriber. Here, a big player running several branches across different locations would be able to pay a higher premium, while a smaller player would have to settle with the subscription plan that they can afford.

While the above are some of the disadvantages associated with the application of cloud computing in hospitality players can think of with regards to cloud computing, clearly, the pros outweigh the cons.

Effective Strategy of integrating Cloud Computing in Hospitality Industry

Migrating enterprise workload to the cloud is called Cloud Migration. Shifting the software applications to the cloud can be done by the ‘Lift and Shift Software’ approach, where the original applications used on the physical infrastructure is shifted to a public or private cloud, saving costs. Unfortunately, this approach is not agile, requires massive maintenance, and needs to be refactored according to the changing business requirements. This leads us to the concept of Cloud Native application development, which is a modern approach to developing applications that are resilient, scalable, and flexible. It is used by giants like Netflix, Airbnb, Uber, and Spotify. In a cloud-native application architecture, the original applications are broken down into several services called Microservices, which are packaged into lightweight components called ‘Containers’ that help in running the Microservices in any environment. These microservices generally interact with each other through Application Program Interfaces (APIs). This results in applications running seamlessly in congruence with one another, and individual applications can be updated regularly without shutting down the framework. An example of a cloud-native development scenario would be an E-commerce website, where the customer’s Cart interacts with the packaging and shipping department, notifying them about the customer’s order details through a robotic process automation.

Customer satisfaction and delight are the most important parameters to assess the hospitality industry today. Customer experience can be improved by minimizing physical interactions and eliminating inconvenience. In a technologically advanced world, customer expectations surpass what traditional hospitality can provide, and cloud computing is the solution to effectively satisfying customer needs in a cost-effective, flexible, and scalable manner. A lot of human effort can be saved with analytics and automation of processes over the cloud, where updates to individual applications do not hinder the system, bringing a competitive advantage. Developmental models like cloud-native software development are vendor-neutral and help in avoiding vendor lock-in, thus minimizing risks. The future is filled with a smart but impatient generation, and technology is the answer to harmonize and establish oneness with it.

This article was originally published here.

Major Benefits of Managed Security Operations Center

Amrita Satpathy — Thu, 22 Jun 2023 13:13:33 +0000

Since the inception of the internet, cyber-attacks have led to a loss of billions of dollars across the globe, along with damage to the victims’ reputations, resources, and infrastructure. For instance, in September 2000, NASA had to shut down its computers that supported the international space station for 21 days due to a breach of security caused by a 15-year-old computer hacker. This cost NASA $41000, along with reputational damage after being unable to prevent a juvenile’s intrusion. This is just one example of countless cyber-attacks that happen globally.
The big questions here are: How do we prevent cyber-attacks or mitigate their impacts through early detection and remediation? We can imagine an alternate scenario where preventive measures and early detection could have saved NASA money and time. And this is where SOCs, including Managed Security Operations Centers, come into the picture.

What is a Security Operations Center (SOC)?

Security Operation Centre or SOC is a centralized facility that continuously monitors and improves an organisation’s security. Often referred to as the backbone of cyber security, the SOC’s operations are not restricted to 9 AM to 5 PM but 24*7*365 hours a year since the risk of getting attacked is always omnipresent. The job of a SOC is to prevent security incidents from happening and to detect, inform, and remediate quickly whenever such events happen. The responsibilities of SOCs include assessing available resources, conducting continuous monitoring, threat response basis the threat intelligence received from multiple sources and recovery and remediation in case of a security breach.

Interested to know in-depth about SOC? Click here

What is a Managed Security Operations Center (SOC)?

Managed Security Operations Center or SOC-as-a-Service is the outsourcing of SOC to a third party distinct from the client’s functioning. As opposed to Internal SOCs, in Managed SOCs the Security Operations Center and related tools are managed and owned by external cybersecurity experts. These experts continuously monitor the organization’s entire IT infrastructure, including its devices, applications, and data flow across channels for vulnerabilities, threats, and breaches of security. Usually, the client base of an MSOC is an amalgamation of organizations belonging to both SME & Large Enterprise categories, where in many cases, the client cannot afford an internal SOC, and in other cases having an MSOC is more feasible. MSOCs are subscription-based, and services provided vary based on the chosen plans. These can either be fully managed by the third party or co-managed along with the organization.

Benefits of Managed Security Operations Centers:

It is convenient for organizations to outsource security operations rather than setting up an entire infrastructure, which is one of the reasons why many organizations these days are opting for Managed Security Operations Centers. MSOC is the only available option for small businesses that cannot afford their own security solutions and is an easy switch for organizations with an outdated SOC. Let us look at the benefits in detail:

Domain-Specific Expertise:

MSOC providers can hire and retain subject matter experts by serving a large client base. These experts provide quicker solutions through prior experiences and knowledge. MSOC providers also have access to better updates and emerging technologies like Artificial Intelligence and Machine Learning, which help in minimizing errors through alert filtering and behavioural analytics, thus, overtaking manual efforts. MSOC specialists have some specific roles: Malware Analyst, Threat Hunter, Forensic Specialist, Incident Responder, etc. These specific roles look at the minutest details in a Security Operations Center.

Affordability:

Internal SOCs are known to be CAPEX intensive. It is often stated that only Fortune-500 companies can afford a well-equipped internal SOC. Outsourcing SOC through subscriptions becomes affordable for various reasons, including sharing of resources, infrastructure, experts and technologies amongst multiple clients. Fixed costs remaining the same, lead to affordability for each client. Technically equipped, Managed Security Operations Centers can minimize manual labour through automation, saving tons of capital.

Optimization of Internal Resources:

The presence of a well-established infrastructure, employee base, and technical tools make MSOCs an attractive choice to Companies. By opting for MSOCs, Companies can allocate their infrastructure, employees, and machinery for Core Competence areas, which otherwise would be dedicated to Security Operations. As a result, employees are prevented from being overburdened by additional work and stiff working hours.

Quicker response and remediation:

Through technological advantage and the availability of highly capable experts, MSOCs quickly detect security breaches and possible threats. The availability of alternate paradigms of dealing with threats prevents shutting systems down for long durations. Additionally, a quicker response means shutting down the source of a breach before it reaches other parts of the system, saving efforts and capital that would have been dedicated to remediating a larger part of the system.

Scalability:

According to markets and markets report on the data-centric security market, the global Data-Centric Security Market size was worth approximately $4.2 billion in 2022 and is expected to generate revenue of around $12.3 billion by the end of 2027. Thus, the sheer size of the market brings in a massive scope of scalability, where a Managed Security Operations Center provider can allocate the same resources for different clients and make its processes scalable. Emerging technological solutions like AI can greatly reduce human efforts and save time leading to quicker solutions with a lesser likelihood of a false positive.

Internal Security Operations Center V/S Managed Security Operations Center:

To understand the difference in experiences between an Internal and Managed SOC, let’s take the example of two hypothetical companies, A and B, where A has opted for an internal SOC, while B has opted for a managed SOC.

Company A is under pressure because of its massive investment in setting up infrastructure for its internal SOC. It must regularly perform technological upgrades to match the rising external challenges. Hiring and retaining skilled talent is difficult in the highly competitive landscape, and the costs involved increase with the expected level of security. The existing employees find it difficult to complete their primary tasks timely because of their involvement in SOC processes. Eventually, the costs associated with running and managing internal SOC go beyond the perceived risks. Hence, company A decided to convert its internal SOC into a delivery centre and looked for a suitable subscription service from a reputed MSOC provider for security operations.
On the other hand, the initial costs incurred by B are much lower compared to A as it has only paid for the subscription of a service for a short duration to evaluate the effectiveness of the services of the Managed Service Operations Center provider. The Managed SOC provider already has a pool of dedicated experts and is Technologically well-equipped. The AI-enabled systems detect patterns amongst alerts, filtering false positives and saving time. B does not have to worry about hiring, retaining talent, or the quality of the workforce, as the Managed SOC provider assures B of that. The working of B’s current employees remains unaffected, and it receives reports about vulnerabilities and threats from time to time. Once satisfied, Organization B extends the subscription and switches to a plan customized for it instead of a generic plan.

How to find the right Managed SOC Provider for your Company?

Given the importance of Managed SOC for businesses, irrespective of their size, it is important for enterprises to identify and evaluate the right SOC service provider so that they can efficiently and effectively improve their organization’s security posture. Some of the key criteria that need to be considered while choosing a Managed SOC Services Provider are as follows:

Does the service provider have all the relevant industry certifications, such as ISO 27001 and /or GDPR Compliance?
Are the staff employed by the SOC service provider certified for the significant cybersecurity technologies they are monitoring or managing at the client organization?
Does the team lead by the service provider have experience working on Industry standard tools such as Splunk/Microsoft Sentinel?
Hughes Systique fits the bill as it is ISO 27001 certified, has GDPR compliance, and employs certified engineers who have experience working on commercial tools like Splunk, Microsoft Sentinel etc. As a GDPR-compliant organization, HSC ensures the safety and integrity of customer data.

Just as we have countless examples of Cyber intrusion, we have innumerable examples where successful preventive measures and early detection by MSOCs have saved Millions of dollars of Governments, Companies, and individuals across the globe. A 200% increase in the identification of threats was witnessed when an International professional services network, Deloitte-Brazil, opted for Managed SOC. Similarly, LTI, a Global technology consulting and digital solutions company, was able to save 4000 employee hours per year by outsourcing threat detection and research. Microsoft is involved in Security Operations Centres, has delivered more than 300 security innovations in 2022, and currently partners more than 15000 integrated across its security ecosystem.

A seamless integration of a relevant MSOC with continuous operations and technological upgradation prevents blunders from happening. Technological integration and shared resources save time, human effort, and capital, while with superior technological expertise MSOCs quickly shut down endpoints mitigating risks in the event of a security breach. The benefits of outsourcing a SOC far outweigh the cons associated with it. In many security incidents, the victims don’t even know that a security breach has occurred; in some cases, they never come to know. So, if you are asked how many attempted security breaches you faced in the last year and your answer is zero, you might want to consider subscribing for an MSOC and re-answer a year later.

Pros and Cons of Different Cloud Environments – Public, Private, Hybrid and Multi Cloud

Amrita Satpathy — Thu, 08 Jun 2023 13:37:13 +0000

Cloud adoption is no longer an option now. Irrespective of the size or domain of operation, businesses all over the world are migrating to the cloud. While the new-age enterprises are already cloud-native, the older, established businesses are also embarking on their cloud migration journey. As is the case with technology perennially, even cloud computing is evolving at a break-neck speed. It is a booming industry which is always ready to exceed expectations by challenging the status quo and delivering new and improved solutions for business-critical problems. In fact, Fortune Business Insights predicts that the 2021-2028 period will make the global market for cloud storage worth more than $390 billion.
It is obvious that as the needs of enterprises evolve over time, they will prefer to have the ability to choose the cloud environment that is apt for their business needs. Enterprises, as of today, have more options in the cloud ecosystem. They are ready to make more investments in hybrid and multi cloud environments as it can provide them with greater flexibility and competitive advantage.
Let us then try and understand the origins of cloud computing, the different types of cloud available in the market, and the modifications and evolutions that have happened over a time period to suit the growing business needs of enterprises.

Evolution of Cloud Computing:

What began as a novel and innovative concept has, over the years, become a disruptive endeavour. Modern cloud computing infrastructure is believed to have been developed in the 1990s when VPNs or virtual private networks were being used by businesses. Then came the pioneer Salesforce which offered its Software-as-a-Service over the Internet, an endeavour made possible by cloud computing. This was followed by Amazon Web Services being created in 2006 and the subsequent release of their offering Elastic Compute Cloud (EC2) in the market, which enabled customers to use virtual machines on rent as infrastructure for their data and applications. Powered by cloud computing, innovative streaming media giant Netflix, launched its streaming services online in 2007. A lot has happened since then, with Amazon, Google, Microsoft, and OpenStack all coming up with their cloud divisions in 2010 to make cloud services available for the masses, and since then, there has been an exodus of enterprises to the cloud via transitions and migrations.

Classification of Cloud Computing

Cloud computing involves a broad spectrum of architecture models, classifications and types. Let us understand the four main categories of the cloud:

Public Cloud
Private Cloud
Hybrid Cloud
Multi Cloud

Public Cloud:

Public cloud is a type of computing service provided by vendors like Google, Amazon, Microsoft etc., which enables users to make use of the compute, storage, applications and deploy-and-develop environments to individual users or organizations on-demand over the public internet or through a dedicated connection for free or on a subscription / pay-per-use fee. The services include databases, firewalls, management tools, and different types of Platform-as-a-Service and Software-as-a-Service offerings. It is an alternative deployment approach to traditional on-prem IT architectures. Once upon a time, Netflix used to have its own IT infrastructure, but as demand fluctuated at different times of the day, in order to cater to its subscribers’ demands, it has moved a large part of its data centre operations to the public cloud. They particularly faced an issue during the evening and especially at weekends when demand would spike. So they signed up for Amazon’s cloud services and would pay only for the peak timings when there would be high demand, and in this case, they would use the Amazon regional data centres nearest to the user.

Benefits & Challenges of using Public Clouds:

Benefits of the public cloud include lower CAPEX investments as they do not have to set up and maintain on-premises infrastructure, high scalability to meet fluctuating demands, the flexibility of paying as per use and access to analytics for better business insights.
However, as public cloud resources run on a multi-tenant shared infrastructure that is available to users worldwide over the internet, they may be subjected to network bandwidth and connectivity issues. Along with it comes the issue of vendor lock-in, which can make migration between two cloud providers very difficult.

This is where private clouds come into play.

Private Cloud

A private cloud is pretty much like a public cloud, offering the same set of services in computing, storage and networking and scalability. However, the difference is that it is based on a single-tenant architecture that runs on privately owned infrastructure. A private cloud can be hosted at the organization’s own data centre by building layers of virtualization and cloud service over it, at a third-party facility or via a private cloud provider who offers private cloud hosting services.

Benefits and Challenges of Using Private Clouds:
Some of the benefits of opting for private clouds over public clouds are a higher level of security as organizations have the same amount of control as they would have on their own on-premises infrastructure, greater reliability due to dedicated channels for that organization only, greater long term savings even though it does warrant initial investment as the organization already has the hardware and network in place, almost similar costs every month irrespective of the workloads and greater adherence to data privacy. For instance, it is mandatory, as per GDPR, that EU residents’ data should remain inside the EU only.
However, the challenges with private clouds are that they need a high initial investment, on-demand scalability could become an issue due to the lengthy procurement process and capacity management needs to be done, which compounds the work of internal cloud operations staff.

Hybrid Cloud

A hybrid cloud is a combination of public and private cloud services. It is maintained by external and internal cloud service providers and with orchestration between the two. It combines the best of both worlds, i.e. the scalability to accommodate demand spikes which is offered by public clouds, and the secure maintenance of sensitive and critical data and applications in a private cloud. A hybrid cloud offers multiple advantages, such as flexible deployment options, the ability to move between different cloud environments and greater control on the spends.

A Case Study on Hybrid Cloud – Walmart

An example of a company using a Hybrid Cloud is Walmart, also known as the Triplet Model.

“We always blaze our own trail at Walmart, and that includes building one of the largest hybrid clouds in existence. This “Triplet Model,” as we call it, is innovative and powerful, both by design and deployment. By pairing public clouds (Google and Microsoft) with our Walmart Private Clouds via a regional cloud model across the U.S. (West, Central and East), we’re enabling 10,000 edge cloud nodes at our facilities and bringing computational power and data closer to our customers and associates. ”

– Suresh Kumar, Executive Vice President, Global Chief Technology Officer and Chief Development Officer, Walmart Inc

According to the Wall Street Journal, this move by Walmart, wherein it has built powerful custom software that enables it to run its back-end operations across any cloud system, has helped it save thousands of dollars in revenue. By placing the workloads in the right place, they have ensured that the application performance is high and there is low latency across the locations. Additionally, the model offers greater scalability and flexibility to react to increased demands during peak hours, along with reducing the cloud cost by 10-18%. With increasing interoperability between public clouds, hybrid clouds will soon become the norm.

Multi Cloud

When an organization uses cloud computing services from at least two different cloud providers (could be two or more public clouds or two or more private clouds or a combination of both) to run their applications, it is said to be using multi cloud infrastructure. Multi-Cloud computing solutions are portable across multiple cloud providers’ cloud infrastructures. They are typically built on open-source, cloud-native technologies like Kubernetes, and as this technology is supported by all public cloud providers, enterprises using multi clouds have the flexibility & portability to migrate, build and optimize applications across multiple clouds and computing environments. Multi cloud environments are also compatible with DevOps practices and other cloud-native application technologies such as containers and microservices architecture that enable portability. Many enterprises are looking forward to implementing multi cloud strategies as it enables them to run applications wherever needed without adding to the complexity.

Hybrid and Multi Cloud – How do they differ?

At the outset, Hybrid and Multi Cloud may look very similar and are sometimes used interchangeably, but they refer to two distinct concepts. Yes, they both make use of multiple cloud environments from multiple vendors, but what fundamentally separates them is the type of cloud infrastructure. By implementing a multi cloud strategy, enterprises can work on different workloads by making use of cloud computing services from two or more public cloud vendors. In the case of hybrid clouds, however, enterprises work on common workloads that are deployed across multiple computing environments.
While multi cloud deployments interconnect services from separate cloud environments for different purposes, they do not necessarily need to connect the clouds. Hybrid cloud deployments on the other hand, need to have an orchestration between the various cloud environments ( i.e. an on-premises or a private cloud and a public cloud) as they address the same workload.

Benefits & Challenges of Multi Cloud:

Enterprises implementing Multi cloud architecture can reap multiple benefits, such as improving the flexibility and agility of the IT in the organization. Due to an increase in the number of players offering Cloud computing as a service, enterprises now have a wide array of options in the cloud ecosystem. Therefore, investment in multi-cloud is set to overtake legacy IT and private cloud spending in the next few years.

Here are some of the key benefits that can be achieved with multi cloud computing:

Avoid vendor lock-in: No more worrying about being at the mercy of one cloud provider. With multi cloud approach, enterprises can choose the solution that best meets their business requirements and the same time, reduce data, interoperability and cost issues, which often arise due to dependency on one cloud provider.
Best of each cloud: The idea of having a multi cloud approach is to reap the benefits offered by cloud providers without having to worry about speed, performance, reliability, geographical location, and security and compliance requirements.
Lower Total Cost of Ownership (TCO): By implementing multi-cloud strategy, enterprises can minimize their IT spending and take advantage of an optimum combination of pricing and performance across different cloud providers, thereby lowering the total cost of ownership.
Greater reliability and redundancy: By reducing the risk of a single point of failure, multi cloud deployment adoption significantly mitigates unplanned downtime or outages. This is because an outage in one cloud will not affect the workloads running on other clouds.
Enhanced Security & Regulatory Compliance: Multi cloud strategy also ensures security policies and regulatory compliance is consistent across all workloads irrespective of the vendor, service or environment.

Even with all the benefits listed above, there can be quite a few daunting challenges with multi cloud strategy implementation. One of the major roadblocks is a significant increase in management complexity. Business needs, design and development drivers, and architecture constraints due to existing systems need to be considered when implementing a multi cloud strategy and this adds to the increased management complexity. Maintaining consistent security is also a hindrance because the same workload is running on different clouds. In addition, integrating software environments and difficulty with achieving consistent performance and reliability across clouds also add to the challenges of implementing a multi cloud strategy. Lastly, implementing multi cloud involves an initial investment that could be costly for enterprises. However, these costs balance out in the long run offering a lower total cost of ownership (TCO)

Use cases of Multi Cloud:

Let us now look at some of the use cases of multi cloud and that would explain why it is getting popular as a strategy:

Disaster Recovery: Multi Cloud helps enterprises back up mission-critical applications so that in cases there is a disaster or single vendor outage, they can rely on other cloud providers.
Lower Latency: Organizations with a global footprint can serve their customers better by implementing a multi cloud strategy, as it gives them access to servers in different locations and provides them with better connections with low latency.
Extended Arm of IT: By implementing a multi cloud strategy, organizations can have better control of software and hardware asset utilization by providing employees with the appropriate cloud technologies that comply with security standards and policies.

Address Regional Requirements: With the added flexibility of switching between on-premises, public and private landscapes from different vendors, multi cloud strategy allows enterprises to adhere to region-specific compliance regulations.

As of today, many enterprises globally are transitioning from on-premises data centre to an option that incorporates cloud infrastructure. In these circumstances they must choose the service provider in accordance with their current and future business needs. Hughes Systique has been helping enterprises migrate their existing applications to the cloud and has experience in operating in public, private and multi cloud environments. Reach out to us if you are interested in utilizing the multitude of benefits that different cloud environments offer.

The Importance of Security Operations Center (SOC)

Niharika — Thu, 23 Mar 2023 08:42:07 +0000

Enterprises across the globe are aware that cybercriminals do not follow standard working hours to strike an attack on a company’s cyber assets. They are known to act swiftly on weekends, holidays and after hours, wherein the threat response time tends to lag a lot. Therefore, the need for dedicated Security Operations Centres is crucial, and this is irrespective of the size or domain of the enterprise. This brings us to the definition of what is a SOC. A Security Operations Center, otherwise known as SOC, is a critical centralized unit within an organisation responsible for monitoring, detecting, investigating, responding and preventing its security posture and threat 24 x 7, which is managed by the IT security or InfoSec team. Thus, SOC acts as a hub, ensuring an organization’s IT network always operates securely, round the clock.

Need for a Security Operations Centre (SOC)

**
SOC utilizes a combination of the right tools and the right people to build, operate and maintain the security architecture within an organization using advanced technologies. A SOC’s primary function is to monitor & protect an organization’s IT assets, IPR, personnel data, and business systems and, thus, safeguard brand integrity. In addition, the SOC engineers strategize and implement a comprehensive cyber security strategy that encapsulates activity on servers, networks, applications, endpoint devices, websites, and other critical internal systems to identify and detect a vulnerability and defend most effectively against it.

Let us look at the responsibilities of a SOC in detail:

24/7 Monitoring:
Proactive, around-the-clock monitoring of the organization’s network ecosystem for threat and incident response.

Log Monitoring:
Analysis of logs, network traffic patterns, and other external data sources to identify potential vulnerabilities.

Threat Intelligence:
Threat intelligence can assist the SOC team in making the right decisions to prevent an attack and decrease the time it takes to discover the threat in action.

Threat Hunting:
The threat-hunting module within a SOC is aimed at finding cyber threats within an enterprise’s network before they do any harm.

Root Cause Analysis:
Root cause analysis (RCA) is a systematic analysis & process to define, measure, analyze, improve, control and document the root cause of an incident to ensure the incident is not repeated.

Rules/ Policies Creation:
Create consistent policies that integrate best practices and organizational requirements for monitoring, incident response, reporting, and staffing.

Playbook Preparation:
A playbook defines a security workflow by outlining the steps teams will take to handle different security incidents in real-time. SOC playbooks drive teams to collaborate effectively to resolve incidents as fast as possible.

Blue Teaming:
A blue team is a company’s own cybersecurity employees and teams within a Security Operations Centre (SOC), which adds vital human intelligence to tools and tech. A mock attack scenario prepares them for real-world attacks and brings them in to identify, respond and defend against the attack.

Assessment & Compliance Audit:
SOC defines auditing procedures for organizations to securely manage data to protect their interests and privacy.

Device Management:
A SOC acts like the hub managing all of the organization’s IT infrastructure, including networks, devices, appliances, tools and databases, and other assets.

Roles within a SOC and Structure

Several tiers of security professionals, engineers and administration roles make up the SOC in an organization. Members of a SOC team include:

SOC Manager:
This role essentially supervises the overall security systems and procedures.

Analysts:
Analysts are responsible for compiling and analysis of the data, either from a fixed duration of time (previous week, quarter, or month) or after an incident has occurred. Depending upon the size of the SOC piece, there may be different tiers within the analyst role (senior/junior/lead).

Investigator:
The investigator’s role revolves around understanding the breach and investigating the reasons behind the same. They work in close tandem with the responder (one person may perform both “investigator” and “responder” roles).

Responder:
Responding to a security breach is the most critical task during a crisis. A responder is called in to address the issue.

Auditor:
SOC auditor is responsible for regularly auditing the systems to ensure compliance with regulations, which may be issued by an organization, industry, or governing bodies. Examples of these regulations include GDPR, HIPAA, and PCI DSS.

SOC Models

The security operations center (SOC) is the heart of an organization’s cybersecurity framework. Organizations may differ in terms of their expectations and requirements from a SOC. Based on geography, underlying infrastructure, regulatory needs, or budget, organizations may want to pick and choose among different SOC Models, as one size may not fit all. The Gartner Security Operations Centre (SOC) Hybrid-Internal-Tiered (HIT) Model suggests three models which organizations can evaluate and determine which SOC model would best align with their needs and requirements.

The three SOC models, as suggested by Gartner, are:

Hybrid SOC:
A hybrid SOC structure is an amalgamation of internal organization resources and managed service providers that together deliver to reduce the likelihood & impact of cyber-attacks. It usually engages a Managed Security Service (MSS), Managed Detection & Response (MDR), or a managed SIEM provider. This model helps reduce 24 x 7 operations costs and, thus, is preferred by SMEs and large organizations alike.

Internal SOC:
An internal SOC comprises of organization-owned threat detection and response team which functions round the clock, in-house. The organization designs and implements robust processes and frameworks to run the complete SOC structure and manage the SOC triad: People, Process, and Technology. Within an internal SOC implementation, enterprises may occasionally outsource a few specialized functions by choice (e.g. Technical Testing). Internal SOCs are CAPEX & OPEX heavy. Usually, they are preferred by organizations with deep pockets as the staff prerequisite for 24 x 7 coverage, and tool licenses are capital intensive.

Tiered SOC:
A tiered SOC model is made up of various stand-alone and independent SOCs inside an organization. Large and geographically distributed organizations with global operations usually prefer the tiered model. The individual SOCs are orchestrated by a parent (top-tier) SOC. Another implementation of a tiered approach may be within organizations with smaller groups or business units which need SOCs to run independently within these groups.
The security functions within a tiered SOC model are led by the top-tier SOC, which handles threat intelligence and response and lays down procedures and specifications for SOC operations.

Benefits of having a Security Operations Center (SOC)

A SOC is an indispensable part of the overall cyber-security strategy for an enterprise today. A robust SOC ensures continuous network monitoring, centralized visibility, and better collaboration for the IT teams in an organization.
Let us look at the benefits of the Security Operations Center:

Continuous Monitoring and Prevention:
SOCs run 24 x 7 x 365, and uninterrupted operations are one of the most crucial aspects to thwart any threat over the organization’s network. SOCs ensure monitoring and prevention at all hours, even outside of standard business hours.

Effective Incident Response:
SOC workflows define a standard set of procedures to be followed when the crisis hits. This reduces the time elapsed between incident detection and incident management. In addition, the SOC analysts further work on studying the threat and its implications and the probability of the same threat to re-engineer & pose a threat.

Centralized Visibility:
Today’s enterprise networks have become much more complex with the advent of remote working, the Internet of things (IoT), Bring-your-own-device (BYOD), and the geographical spread of larger organizations. Effectively securing such a disparate network demands a comprehensive, modern technology stack with an integrated network visibility system which is a SOC.

Organization-wide Collaboration:
An organization must have clear and transparent processes to report a security incident. A SOC brings people, processes, and technology within the same group to effectively communicate & collaborate when a threat hits. The SOC team also works towards raising awareness about new threats within the organization to its employees and other internal stakeholders.

Reduction in Cyber security costs:
SOC is a centralized hub to tackle malicious attacks. It removes the need for each function, department, location, or vertical to invest in the latest preventive tools licenses and thus brings down the overall CAPEX towards cyber security.

Additionally, threat management using SOC helps to bring down the effect of a breach and the potential costs the breach may incur via data exposure, legal cases, or business reputation damage.

Compliance Management:
SOC ensures regular system audits and compliance towards industry, quality systems, or government. These audits also help uncover any other lapses within the systems that may put sensitive data within the organization at risk & thus shield the organization from reputational damage and other legal challenges in the future.

SOC as a Service (SOCaaS)

With the ever-evolving cyber security ecosystem and growing complexity of vulnerabilities, an organization may need help to operate an effective and mature SOC in-house. Organizations may face issues with finding skilled cyber-security talent or expensive to retain them for 24 x 7 critical SOC operations. Also, a robust SOC involves investment in a plethora of security tools, technologies & solutions to address the vulnerabilities as digital attack surface continues to increase as an organization accelerates towards digitization.

The solution to this is Managed Security Operations Center (Managed SOC) or Security Operations Center as a Service (SOCaaS). SOCaaS allows a solution provider to operate and maintain a fully managed SOC on a subscription basis. SOCaaS encompasses the entire gamut of security functions performed by a traditional, in-house SOC (network monitoring, log management, threat detection, intelligence & response, incident investigation, reporting, and risk audit & compliance). The managed service provider for SOC services also carries the responsibility for the SOC staffing, processes, technologies, and tools & compliance with procedures needed for round-the-clock support and SOC operations.
According to a report by Markets and Markets, the global Security Operations Center as a Service (SOCaaS) market size is projected to reach USD 10.1 billion by 2027, at a CAGR of 10.5% from 2022 to 2027.

Benefits of SOCaaS

Organizations planning to build an in-house SOC or that are already operating an in-premises SOC may decide to outsource SOC management and deployment depending on the maturity level of their organization, current security posture, and management decisions.

Some of the benefits of moving to a SOCaaS are:

Faster Deployment and Remediation:
Managed SOC services ensure that the latest technology, tools, and expert people are always available to manage the threat. Outsourcing also ensures faster deployment as compared to building, deploying, and setting up SOC operations all by itself from an organization’s perspective.

Lower risk of loss from a breach:
SOCaaS provides organizations with access to hyper-specialized security experts from the industry talent pool without the overhead of hiring or retaining talent. These resources are critical to handling security events, analysis of network activities, and the formulation of a remediation strategy.

Access to the latest technologies:
It has been observed that one of the common causes of breaches is outdated software or operating systems or modules not upgraded with the latest patches. With understaffed IT teams, paying attention to this aspect is difficult, thus inviting attackers and cybercriminals. SOCaaS ensures dedicated resource alignment towards updating systems with the latest updates, tool licenses, and technologies & empowers the organization to better fight the incident as well as limit potential risk. In addition, it ensures access to best-of-breed security solutions.

Scalability and Flexibility:
SOCaaS, like other solutions as a service, ensures better flexibility and adaptability. As business scenarios evolve, SOCaaS ensures teams and services may easily be scaled up or down based on the organisation’s requirements. However, scalability is usually difficult in a tight-bound model as human resources– are finite and generally cannot be scaled up quickly as the need arises.

Lower cost than on-premises SOC:
SOCaaS can prove to be more cost-effective than deploying and operating an on-premises SOC. Expenditures associated with talent management, tool licenses, equipment, hardware, and software, are shared by multiple customers on the service provider’s side. This brings down the overall cost for each subscriber. SOCaaS pricing models have also evolved as Pay-as-you-go with a specific lock-in period meaning that subscriber only pays for the services they consume.

Resource optimization:
Increased exposure of an organisation’s sensitive information and critical assets to the web makes them prone to more serious economic, reputational & compliance damages. This situation has pushed a higher demand for highly proficient security engineers and analysts within the labor market.

SOCaaS helps solve the challenge of acquiring and maintaining workforce availability as the service provider ensures that the SOC is always staffed with able manpower. It also reduces the pressure of mundane tasks on an organization’s internal IT team to focus on other tasks.

What is Federated Learning?

Niharika — Mon, 20 Feb 2023 11:31:45 +0000

Federated Learning is a machine learning technique that enables data models to obtain experience from different data sets located in different sites (e.g. local data centres, a central server) without sharing the training data. Federated Learning, thus, allows personal data to remain on local sites, reducing the possibility of personal data breaches. It is a decentralised form of machine learning. Google introduced this concept in 2016 in a paper titled, ‘Communication Efficient Learning of Deep Networks from Decentralized Data. This and another research paper titled ‘Federated Optimization: Distributed Machine Learning for On-Device Intelligence.’ provided the first definition of Federated Learning.

Then, in 2017, Google, in a blog post, ‘Federated Learning: Collaborative Machine Learning without Centralized Training Data,’ explained in detail the nuances of this technique.

Need for Federated Learning

Most algorithm-based solutions today- spam filters, chatbots, recommendation tools, etc.- actively use artificial intelligence to solve modern world solutions. These are based on learning from data — Heaps of training data fed as input for the algorithm to learn and make decisions.

Many of these applications were trained on data available in one place. Unfortunately, gathering all the data at one location is practically impossible in today’s world of myriad applications. Getting data at a single site also brings an additional overhead of sharing the data via secure paths in such vulnerable times. However, today’s Artificial Intelligence is shifting towards adopting a decentralized approach. The new-age AI models are being trained collaboratively on edge or at the source, with data from cell phones, laptops, private servers, etc. This evolved form of Artificial Intelligence (AI) training is called federated learning, and it’s becoming the standard for meeting a raft of new regulations for handling and storing private data. By processing data at the edge, federated learning offers a way to capture raw data streaming from sensors on various touch points such as satellites, machines, servers, and many smart devices.

The Federated Learning Market

According to Research and Markets, the Global Federated Learning Market size is expected to reach $198.7 million by 2028, rising at a market growth of 11.1% CAGR during the forecast period. The growing need for improved data protection and privacy and the increasing requirement to adapt data in real-time to optimize conversions automatically are driving the advancement of the federated learning solutions market. Moreover, by retaining data on devices, these solutions assist organizations in leveraging machine learning models, boosting the federated learning market forward.

How does Federated Learning Work?

Federated learning allows AI algorithms to gain experience from a vast range of data located at different sites. The approach enables several organizations to collaborate on developing models without directly sharing sensitive clinical data.

The Federated Learning process has two steps: Training and Inference.

Training:
The local machine learning models are initially trained on local heterogeneous datasets and create local training datasets in each user’s device. The parameters of the models are exchanged between local data centres periodically. Usually, these parameters are encrypted before exchanging, improving data protection and cybersecurity.

After a shared global model is built, the characteristics of the global model are shared with local data centres to integrate the global model into their ML local models. The global model will combine the learning from the local models and, as a result, get a holistic view.

Inference:
In inference, the model is stored on the user’s device. Thus, predictions are quickly prepared using the model on the user device.

Use-cases of Federated Learning

Federated learning methods are critical in supporting privacy-sensitive applications where the training data is distributed at the network edge. The models that come out of this are trained on various data, all without compromising privacy.

Some of the use cases of Federated Learning are:

1. Mobile/Smartphone Applications:
One of the initial applications of federated learning involves building models based on user behaviour from smartphone usage, such as for next typed-word prediction, face detection to unlock phones, voice recognition, etc. Google uses federated learning to improve on-device machine learning models like “Hey Google” in Google Assistant, which allows users to issue voice commands.

2. Quality Inspection in Manufacturing Sector:
The introduction of federated learning is advantageous for enterprises, manufacturing organizations and research institutions to collaborate on applications such as quality inspection, anomaly detection, object detection, etc. Use cases where the error/faulty images in the production line are few in number and also fewer in variety; using federation learning, multiple parties can collaborate to train a robust quality inspection model for similar products or use cases.

3. Healthcare:
Hospitals deal with a humongous amount of patient data for predictive healthcare applications. They must operate under strict privacy laws and practices, and any slip may bring legal, administrative, or ethical challenges. Federated learning serves as a solution for such kind of applications that require data to remain local. It effectively reduces the strain on the network and enables private learning between various devices/organizations.

4. Autonomous Vehicles:
Federated learning makes real-time predictions possible, which is one of the USPs for developing autonomous cars. Information such as real-time updates on the road and traffic conditions faster decision-making. This can provide a better and safer self-driving car experience. Research, Real-time End-to-end federated learning: An automotive case study has proved that federated learning can reduce training time in wheel steering angle prediction in self-driving vehicles.

5. Federated Learning for Security and Communications:
Privacy preservation, safe multiparty processing, and cryptography are some confidentiality technologies that can be utilized to improve the data protection possibilities of federated learning. An IEEE Study introduces Federated Learning-based distributed learning architecture in 6G. In this architecture, many decentralized devices associated with different services can collaboratively train a shared global model (e.g., anomaly detection, recommendation system, next-word prediction, etc.) by using locally collected datasets.

6. Federated Learning in Wireless Networks:
Federated Learning can handle resource allocation, signal detection, and user behaviour prediction problems in future 6G networks. FL algorithms can address various resource management problems, such as distributed power control for multi-cell networks, joint user association and beamforming design, & dynamic user clustering. Users’ quality-of-service (QoS) can be predicted using FL, where each BS uses the FL algorithm based on some stored information. All BSs transmit the FL model results to a server to obtain a unified FL model. FL algorithms can be utilized to automatically design the BS codebooks and decoding strategy of users to minimize the bit error rate.

(Read: Machine Learning Based Network Traffic Anomaly Detection)

Challenges in Federated Learning

1. Systems Heterogeneity:
A network consists of different devices, and the storage, computational, and communication capabilities of each device in federated networks may differ due to heterogeneity in hardware (CPU, memory), network connectivity, and power (battery level).

2. Statistical Heterogeneity:
Devices generate and collect data in a non-identically distributed manner across the network. This data generation paradigm will not be aligned with frequently-used Independent and Identically Distributed Data (IID) distribution.

3. Security:
Any Malicious user can add a security threat by Poisoning. Poisoning comes in two forms:

• Data Poisoning: During a Federated training process, several devices can participate by contributing their on-device training data. Here, it is challenging to detect & prevent malicious devices from sending fake data to poison the training process. This process poisons the model.

• Model Poisoning: In this form, malicious clients modify the received model by tampering with its parameters before sending it back to the central server for aggregation. As a result, the global model is severely poisoned with invalid gradients during the aggregation process.

Conclusion:

Federated learning is facilitating the evolution of ML approaches within businesses. Organizations are pushing efforts towards a thorough investigation of federated learning. Using FL, companies may reinforce to re-look at their existing algorithms and improve their AI applications. A challenge that may risk the adoption of this technology is “trust”. Researchers are looking at multiple ways and incentives to discourage parties from contributing phoney data to sabotage the model or dummy data to reap the model’s benefits without putting their data at risk.

Cryptography & Challenges posed by Quantum Computers

Niharika — Thu, 15 Dec 2022 13:06:15 +0000

Abstract

Most of the security protocols today employ a combination of symmetric key encryption and asymmetric key encryption. Asymmetric key algorithms are computationally expensive but provide ease of use since their public keys can be easily distributed. Symmetric key algorithms are many times faster than asymmetric key algorithms. However, it is a challenge to distribute symmetric keys among participants. Security protocol designers usually combine both types of algorithms and use symmetric algorithms for data encryption and asymmetric key algorithms for establishing shared secrets (symmetric key). The public key of the asymmetric keys pair is currently shared using public key infrastructure (PKI).
Quantum computers can break most of the asymmetric key algorithms but cannot break symmetric key algorithms with larger key size. Researchers are working on quantum secure methods for exchanging/establishing symmetric keys so that these can replace the existing PKI infrastructure that has become vulnerable to attack using quantum computers. One group of these methods utilize quantum physics principles for establishing key and are called the Quantum Key Distribution method (QKD). These require a new physical channel and quantum physics-based secure mechanism to distribute the large symmetric keys among communicating parties. Another group of methods depends on mathematical problems that are difficult even for quantum computers, these methods are called Post Quantum Cryptography (PQC).

What is Cryptography?

Cryptography is the art and science of protecting information by writing it secretly, which prevents third parties or the public from reading sensitive information. The process of scrambling the information to make it unreadable is called Encryption, and this scrambled information is called cipher text. The decryption process converts scrambled information to the original form or plain text. Cryptography helps maintain the confidentiality and integrity of important information and has various usages spanning multiple domains.

Symmetric key cryptography:

“Symmetric key” cryptography and “public key” cryptography are two categories of cryptography. Here “key” refers to the information known to parties involved and is used to encrypt/decrypt information.
Symmetric key cryptography uses the same key to encrypt information and decrypt information. One of the challenges of symmetric key cryptography is securely communicating the key to all the concerned parties without divulging it to adversaries. Some popular symmetric key cryptography algorithms are AES, DES, and IDEA.

Asymmetric key cryptography:

Instead of using one key, asymmetric key cryptography or public-key cryptography (PKC) uses a key pair. One of the keys of this key pair is called the public key. The public key can be known to everyone and is used to encrypt the information. Another key of the key pair is called the private key. The private key is kept secret and used for decryption. Asymmetric key cryptography allows anyone holding the public key to encrypt the information. However, only the person with the secret private key can decrypt it. Digital signatures schemes (DSA), end-to-end E-Mail encryptions (OpenPGP), secure transport layer protocol (SSL), and many other security protocols use Asymmetric key cryptography. Some asymmetric key cryptography algorithms are RSA, Diffie-Hellman, and ECC.
Public and Private Keys used in PKC algorithms are mathematically related, which means that the security of PKC hinges on the difficulty of solving complex mathematical problems to derive one key from another. All PKC algorithms depend on the complexity of solving complicated mathematical problems using conventional computers. Some of these complex problems used in cryptography are prime factorization of large numbers or solving discrete logarithm problems. One of the most popular and widely used cryptographic algorithms, RSA, is based on prime factorization. Diffie-Hellman and ECC algorithms depend on solving discrete logarithm problems.
PKC algorithms with a decent key size are considered secure for conventional computers. It is not possible or is very time/resource-consuming for classical computers to be able to solve the mathematical problems that form the basis of these PKC algorithms. All this will change with the advent of quantum computing.

Quantum Computers

Noted physicist Feynman conceptualized the idea of using the effects of quantum mechanics in a computer. In contrast to bits of the conventional computer that can take 0 or 1 values, fundamental blocks of quantum computer qubits can exist in 0, 1, or simultaneously in both states. Phenomena of qubits entanglement result in a tremendous increase in the possibility of parallel processing. An n-qubit quantum computer can process 2n operations in parallel. Several companies have been working on building quantum computers. IBM Quantum System One is a 27-qubit computer, and Intel has 49 qubit processors; however, Quantum computers are so far not available for wide usage.
Quantum computers threaten cryptographic algorithms because they can perform many times more parallel operations than conventional computers. Quantum computers can break PKC by solving complex mathematical problems or break symmetric key cryptography by exhaustively searching for all possible secret keys.

How Quantum Computers are a Threat to Cryptography?

Mathematician Peter Shor published a Quantum computers algorithm for large integer prime factorization and discrete logarithm problems. Shor’s algorithm makes it possible to break widely used RSA, Diffie-Hellman, and ECC algorithms using quantum computers. Shor’s algorithm would require a 1000-qubit computer to break 160-bit ECC and a 2000-qubit computer to break 1024-bit RSA. Quantum computers with this kind of processing power do not exist today. However, they may become available in the future. There are reports that hackers have been collecting encrypted data with the hope that, in the future, they will be able to decrypt it using quantum computers and make monetary and political gains out of it.

Indian-origin Computer scientist Lov Grover developed a Quantum computer algorithm for searching unsorted databases. Grover’s algorithm requires √N operations to search N entries, while conventional computers require N/2 operations to search N entries. For keys of smaller size, Grover’s algorithm can break the symmetric key algorithm DES.
Grover’s algorithm can exhaustively search for keys of symmetric-key algorithms. However, the number of operations needed to perform search increases exponentially with an increase in key size. The security offered by Symmetric key Algorithms like DES and AES improves with an increase in key size. AES algorithm with a key of 256 bits is considered safe from quantum computers.

(Source: NISTIR 8105 Report on Post-Quantum Cryptography)

The Way Forward:

From the above discussion, it is clear that symmetric key cryptography will be secure even when quantum computers with thousands of qubits become available. However, new protocols shall be required to securely distribute shared keys since the current PKC-based shared key establishment mechanism will not withstand quantum computers.
Currently, two types of techniques are in development for secure key distribution. The first type of technique depends on computational problems that are difficult even for quantum computers and are called post-quantum cryptography. The second type of technique depends on the laws of quantum physics and is called Quantum key distribution.

Quantum Key Distribution

Quantum key distribution (QKD) methods allow the secure exchange of shared keys between two participants over an insecure channel. Laws of physics (characteristics of quantum mechanics) guarantee the security of key distribution, so an increase in computing power cannot break this security.
In QKD, the information that needs to be exchanged is encoded as quantum states of light. Following Quantum physics concepts form the basis of the security of QKD:

Heisenberg’s uncertainty principle implies that the act of measuring an unknown quantum state modifies the state. So, if an eavesdropper measures the data(qubit) during transmission, the value of the data(qubit) will change.
It is physically impossible to make a perfect copy of an unknown quantum state, so an eavesdropper can’t copy a bit stream and measure it later.
Properties of quantum entanglement limit the information that third parties may obtain.

Quantum key distribution uses two communication channels, one channel can be an insecure authenticated public channel, and the second channel needs to be a quantum communication channel. The sender uses a light source to send a stream of photons through the quantum channel. Each one of these photons represents a bit of information. Before sending each photon, the sender randomly chooses the measurement basis for the photon and records both the measurement basis and the value of the bit. The receiver also randomly chooses one of the two measurement basis and records both the selected basic and measured values. After transferring all the bits, the sender and receiver exchange the measurement basis used to measure each bit. Since both sender and receiver randomly selected measurement basis, it will be the same for some of the bits. The value of the bits for which the sender and receiver used the same measurement basis forms the shared secret key. Since only measurement basis is exchanged on the unsecured channel and not the actual measurement, the sender and receiver can construct the key; however, the eavesdropper can’t.

Post Quantum Cryptography

Post Quantum Cryptography (PQC) algorithms consist of mathematical problems that are considered difficult for conventional computers, as well as for quantum computers. Some of the methods that fall under PQC methods are code-based cryptography, Multivariate based cryptography, and Lattice-based cryptography. In 2016 NIST launched the Post Quantum Cryptography project, which aims to standardize a few Quantum resistant cryptography systems. In 2016 NIST floated a request for submission for PQC algorithms. The evaluation process for PQC started with 69 algorithms. After round 3 of evaluation in July 2020, NIST has narrowed it down to four key exchange algorithms and three digital signature algorithms. On July 5, 2022, NIST declared that they have selected the CRYSTALS-Kyber KEM algorithm and 3 digital signature algorithms for standardization. These OQS implementations can help in prototyping Quantum resistant cryptography.

HSC is currently working on projects where PQC algorithms are being used to safeguard VPN and E-Mail products. Our team has also worked on the implementation of the QKD post-processing algorithm. If you are interested in this technology and its applications then let us connect!

An Introduction to DevSecOps

Niharika — Wed, 23 Nov 2022 08:48:16 +0000

Introduction

Let’s begin with DevOps first.

DevOps is an amalgamation of cultural and technical philosophies of software development, quality assurance, and IT operations united into a single system managed centrally. The overarching purpose of having a DevOps philosophy is to increase the speed at which applications and support services are delivered. At the same time, DevOps emphatically negates the bimodal notion that speed and stability are mutually exclusive and instead reinstates the concept that speed depends upon stability.
To realize the complete advantage of the agility of a DevOps approach, IT security must also play an integrated role in the entire application development life cycle. Therefore, a DevOps framework demands security as a shared integrated responsibility end-to-end. This is where “DevSecOps” comes into the picture to accentuate the need to inculcate a security foundation into DevOps initiatives.

What is DevSecOps?

DevSecOps, short for Development, Security and Operations, integrates security at every phase of the SDLC, enabling the development of robust and secure applications at the speed of Agile and DevOps. DevSecOps is about built-in security, not security that functions as a perimeter around apps and data.
In the past, organizations included security features within the developed code towards the end of SDLC and were noted by a separate team. However, with the evolution of SDLC and multiple software releases in a year, it became operationally impossible to follow the old approach. With software developers adopting Agile and DevOps practices, the SDLC now ranges from weeks to days, and the traditional reactive approach to security has become obsolete.
DevSecOps addresses security issues as they arise- at the stage where they are easy to identify and tackle, i.e., before the software gets into the production stage. Thus, DevSecOps makes security a shared responsibility of the development, security, and IT operations teams rather than the sole responsibility of a security team.

DevSecOps Market Size

According to a report by Grandview Research, the global DevSecOps market size was valued at USD 2.79 billion in 2020 and is expected to expand at a compound annual growth rate (CAGR) of 24.1% from 2021 to 2028. In addition, the continued rise in the number of businesses and applications migrating to the cloud, 5G rollouts, and Internet of Things deployments are also expected to favour the growth of the development, security, and operation (DevSecOps) market.

According to Markets & Markets, APAC is estimated to account for the largest DevSecOps market size during the forecast period.
The APAC region is expected to offer extensive growth opportunities for the market during the forecast period. Rapid advancements in cloud computing, IT infrastructure services, and the Internet of Things (IoT) have led many organizations to adopt DevSecOps solutions and services.

Best Practices for DevSecOps Implementation

DevSecOps brings cybersecurity processes into the SDLC from the very start. Throughout the development cycle, the software code is reviewed, audited, and tested for security issues that are addressed soon after identification.

Some of the industry-advocated best practices in the DevSecOps are:

Shift-Left:
‘Shift-Left’ approach encourages software engineers to move security from the right (end) to the left (beginning) of the DevOps (delivery) process. Shifting left allows the team to identify security risks and vulnerabilities early in the SDLC & address them immediately. This helps the development team to build the product efficiently & inculcate security features as they build it.
Security Education, Awareness & Ownership:
The philosophy “security is everyone’s responsibility” should be a part of an organization’s culture. An alliance between the development, operations and compliance teams ensures that everyone in the organization understands the company’s security posture and adheres to the same standards.
Fostering Cultural Change:
The leaders within an organization should promote change & allocate security responsibilities and product ownership. When both developers and security teams become process owners and take responsibility for their work, it fosters collaboration and cultural changes towards DevSecOps initiatives.
Traceability, Auditability, and Visibility:
IBM suggests implementing traceability, audits, and visibility in a DevSecOps process to create a more secure environment:

– Traceability: To track configuration items across the SDLC to locate where requirements are implemented in the code. It helps achieve compliance, track & reduce bugs, ensure secure code in application development, and support code maintainability.

– Auditability: For ensuring technical, procedural, and administrative security controls for compliance. The processes need to be auditable, well-documented and adhered to by all team members.

– Visibility: Visibility ensures that the organization has a robust monitoring system to monitor operations, send alerts, communicate changes, deal with vulnerabilities as they hit, and provide accountability.

Benefits of DevSecOps

The DevSecOps approach brings with it a multitude of benefits. Some of them are:

Robust Application Security: DevSecOps promises a proactive approach to mitigate security threats early in the SDLC. Development teams can rely on automated security tools to test software code, and perform security audits and time-ensured development cycles. When vulnerabilities are exposed, the security and development teams work collaboratively at the code level to address the problem.
Collaboration & Ownership: DevSecOps practices bring the development teams and application security teams to work alongside each other in the development process, thus building a collaborative cross-team approach rather than in silos.
Streamlined Application Delivery: Since security is embedded earlier in the development lifecycle and the critical security processes are automated in the DevSecOps approach, the code delivery is streamlined and meets compliance terms. This ensures quicker software development life cycles.
Limit Security Vulnerabilities: Automating security processes early in the development stage helps to better identify, manage, and patch vulnerabilities and exposures. Introducing security measures to mitigate risk & provide insight helps teams to remediate and react quickly when issues are discovered.
Quick & Cost-effective Software Delivery: When code is developed in a non-DevSecOps environment, security issues can lead to substantial time delays & prove to be expensive. The rapid, secure delivery of DevSecOps saves time and reduces costs by minimizing the need to repeat a process to address security issues. In addition, integrated security eliminates the need for reviews and rebuilds, resulting in more secure code.
Ease of scalability: Implementing tuned and developed DevSecOps tools and processes eliminates the need for manual replication and compute resources. DevSecOps makes it easy to scale systems and processes upward or downward because of automation.

DevSecOps adoption is on the rise, though still emerging as a best practice for developing secure, high-quality code. As DevSecOps practices pick up, the industry is seeing many parallel and facilitating technology trends which would contribute towards the growth of DevSecOps adoption. From Infrastructure as a Code (IaaC), AIOps & GitOps, Serverless Architecture and Kubernetes infrastructure, these technologies will help organizations innovate faster without sacrificing security and product quality, & enable collaboration between teams, and automate processes that ensure quality control.

Secure Access Service Edge (SASE) - A Detailed Overview

Jasveen Singh — Wed, 07 Sep 2022 07:33:42 +0000

Today's rapidly evolving enterprise networks are highly reliant on cloud-based applications to run a multitude of business operations and use cases. In addition, the growth in the need for connectivity for business use-cases and mobile/remote users has resulted in the traditional enterprise network expanding beyond the network edge, thus bringing in a challenge to guard, secure and manage the network edge against vulnerabilities. Therefore, it is imperative for network owners to keep up with the latest security practices, frameworks and tools, rendering VPN-only solutions obsolete.

For enterprises to remain safeguarded and competitive in today's network landscape with a zero-downtime, all network endpoints must be secured and managed with the same security and networking policies as their on-premises infrastructure. This is what makes a use case for SASE.

The term SASE was coined by Gartner in 2019 & was introduced to bring a highly customizable network with security services seamlessly stitched into the cloud platform. Secure Access Service Edge (SASE) architecture refers to a cybersecurity environment that brings advanced protection right out to the farthest edge of the network: the endpoints of users. In this SASE architecture definition, users are provided robust security features directly to their devices from the cloud, enabling them to connect securely from anywhere.

SASE brings multiple cloud-native security technologies together—Secure Web Gateway (SWG), Cloud Access Security Bearer (CASB), Zero Trust Network Access (ZTNA), and Firewall Solution as a service (FWaaS) with WAN capabilities to help users and systems connect securely to a service or any application; anytime and anywhere. Furthermore, since there is a need to make the ecosystem operations agile, the network's security is delivered as a service from a centrally managed cloud.

Market Predictions for SASE

With a 20% adoption rate expected by 2023, Gartner claimed that the demand for SASE capabilities would "redefine enterprise network and network security architecture and reshape the competitive landscape". While SASE frameworks won't be implemented in a day, the route to SASE is gaining speed and urgency. Another research by Palo Alto Networks and Gartner predicts the following for the future of SASE:

By 2025, 80% of enterprises will have adopted a strategy to unify web, cloud services and private application access using a SASE/SSE architecture, up from 20% in 2021.
By 2025, 65% of enterprises will have consolidated individual SASE components into one or two explicitly partnered SASE vendors, up from 15% in 2021.
By 2025, 50% of SD-WAN purchases will be part of a single vendor SASE offering, up from less than 10% in 2021.

SASE Architecture and Components:

SASE network architecture provides cloud security to the farthest end of the network without relying on specific infrastructure. It allows users to connect directly to the cloud while enjoying security running on their devices. It enables a secure connection and decrease in latency resulting from backhauling to the data centre's firewall.

SASE services involve cloud-hosted security, zero-trust network access (ZTNA) components, and network services components.

Cloud-hosted Security:
Cloud-hosted security enables devices to be independent of relying on security hosted on a physical data centre.

Firewall-as-a-Service (FWaaS): FWaaS provides standard hardware firewall services using software in the cloud. Users do not have to connect to a physical firewall & data transmissions are protected through the cloud-hosted software.
Secure Web Gateway (SWG): Secure Web Gateway blocks unauthorized traffic from getting into the network, thus protecting the network from intrusions. In SASE architecture, an SWG is implemented for every device connected to your network.
Cloud Access Security Broker (CASB): CASB is positioned between the user and the cloud-based application they are trying to access. It monitors, implements and enforces an enterprise's security policies.

Zero-trust Network Access (ZTNA) Components:
Zero trust network access (ZTNA), also known as the software-defined perimeter (SDP), is a set of technologies and functionalities that enable secure access to internal applications for remote users. It operates on an adaptive trust model, where trust is never implicit, and access is granted on a need-to-know, least-privileged basis defined by granular policies.

Authentication: Authentication involves verifying the user and device they claim to be. This is usually achieved using multi-factor authentication (MFA).
Authorization and Control: Authorization involves choosing where a user is authorized to access a network. Control includes restricting their movement within the network's environment.
Monitoring: Monitoring in a SASE architecture is critical to security. It involves checking which devices are connected, their activity, quality and volume of data exchange using those devices, etc.

Network Services Components
Network services components facilitate optimized path selection and application-based routing within the SASE architecture.

Optimized Path Selection: Optimized path selection involves ensuring the paths of different traffic brackets are directed to the right resources at the appropriate times. This is usually achieved using an SD-WAN solution that can decide the network traffic routing and its management to ensure low latency and a high-efficiency network.
Application-based Routing: Application-based routing gives the user access to the specific applications they need access to complete their designated work. This allows a SASE architecture to provide seamless & safe remote access to workers anytime and anywhere.

Benefits of SASE:

Traditionally, network security was hosted on the network edge within the corporate perimeter and the data centre, with all traffic routed through the data centre for validation and check. A SASE-based approach moves these capabilities to the cloud, where multiple applications are hosted, reducing the latency between the user and application and backhaul requirements.

Higher Efficiency in Hybrid/Remote Work Model: The legacy and traditional remote security models are increasingly becoming outdated and vulnerable to hackers due to broad use. A unified security service over a single cloud platform eliminates delays as traffic 'trombones' between different point security solutions.
Higher IT Operational Efficiency: One of the benefits of SASE is that IT teams no longer need VPN licenses for each user and troubleshoot network security hardware or provide different security access systems within the same network. This increases the IT team's operational efficiency.
Reduce Hardware Costs: Buying network security hardware is expensive as a standalone device as purchasing network firewalls and DDoS mitigation boxes do not help. The costs incurred are always on the higher side with CAPEX and OPEX involved (installation, warranties, repairs, patch management, updates, etc.). These costs can be eliminated by moving network security to the cloud can create additional savings.
A centralized policy with local enforcement: SASE enables Cloud-based centralized security management with distributed enforcement and decision-making for the network stakeholders and users.
Network Agility & transparency: SASE promises a consistent application experience anywhere & on any device. It also reduces operational overhead by recognizing and updating new threats and policies without new hardware or software.

The approach to adopting SASE:

Juniper Networks recommends the following approach for the adoption of SASE:

Data distribution model: Looking at the data holistically as the data would likely be stored in multiple places.
Protection for data in transit and at rest: Ensuring consistency in policies and procedures over data within the environment (both edge and at rest). Access control, encryption and segmentation of data.
Centralized visibility and policy control: A transparent approach to documenting people within the network, the data shared by them, the connections accessed by them, access authorization, policy towards handling noncompliance, etc. Ensuring attention is focused on the entire network and not just the edge.
Improvement areas, addressing efficiency: Looking cohesively at the current projects & if they would need to accommodate cloud-hosted services in the next 2-4 years, backup services considerations (local or cloud-based), dealing with sensitive services.
Data segmentation over data centre and multiple public clouds: Handling security mishaps at the edge. Adopting a fool-proof approach to protect sensitive data residing at the data centre. Keeping visibility throughout the environment, not just at the edge, keeps the data protected.
Data flow path and migration: Inspecting the current data flow in the organization's on-premises deployment and ensuring smooth flow by making appropriate changes. A comprehensive plan to identify how the data would move to ensure its integrity across environments.

Conclusion:

The focus on adopting SASE and Secure Edge within organizations continues to grow, pushing a broader basket of integrated cloud-based cybersecurity technologies into a more consumable form. The industry would see some consolidation, integration, and M&A in the SASE market over the years as the number of players in the SASE market continue to grow globally. SASE promises to handle vulnerabilities at every network edge: data centre, branch, cloud & mobile. Currently, these solutions come from varied vendors; hence interoperability will be critical for all vendors. This could also drive their consolidation approaches from enterprises & demand for the adoption of unified SASE solutions.

The Intersection of 5G & Artificial Intelligence

Jasveen Singh — Tue, 23 Aug 2022 05:48:13 +0000

Before we delve into the topic, let us first develop a rudimentary understanding of what a 5G network actually is. These are digital cellular networks whose area of service is subdivided into small geographic sections called cells.

5G technology, like 4G, operates on a wide variety of radio spectrum allotments, although it can cover a larger area than existing networks. There are two separate frequency bands in 5G, each of which works in a different way. Sub-6 is the most popular type of 5G; however, there is also mmWave.

Source: accton.com

Sub-6: Encompasses all 5G operations below 6Ghz. Due to existing 4G LTE networks (which run at lower frequencies), all carriers possess a Sub-6 network in some capacity. The Sub-6 spectrum is critical to the widespread rollout of 5G due to the expansion possibilities without building new cell towers and the ability to travel longer distances and penetrate objects. Essentially, Sub-6 is the component of 5G which allows for better coverage and signal strength.

mmWave: Short for millimeter wave, this is the component of 5G offering with supercharged data transfer rates and low latencies through extremely high-frequency radio waves ranging from 24GHz to 100GHz. The caveat with these ultra-short wavelengths is the limited range and inability to pass simple objects. Hence, the idea of these two frequency bands (Sub-6 and mmWave) is to account for the inefficiencies of each other.

(Read: 5G Networks: The evolution and trends today)

AI Solves the Problem of 5G Spectrum Allocation

Traditionally, the radio spectrum has not been allocated in the most efficient manner possible. The government divides it into mutually incompatible frequency bands, after which the bands are allocated to various commercial and government agencies for exclusive usage. While the procedure helps services avoid interfering with one another, the owner of a piece of spectrum seldom utilizes it entirely all time. As a result, at any one time, a considerable portion of the allocated frequencies is unusable.

Agencies such as DARPA have sought to solve this spectrum allocation issue through artificial intelligence. The concern behind the initiative was that the increasing application of wireless technologies carries the risk of overcrowded airwaves that our devices require to communicate.

The idea was to create new communication equipment that does not always transmit on the same frequency. The proposed solution was to employ machine-learning techniques to discover the accessible frequencies. They seek to transition from a system controlled by ‘pen and paper’ to one controlled by AI algorithms autonomously.

How AI can help in spectrum allocation:

Precise Cognition: AI can manage the usage of the spectrum pool and avoid radio frequency interference as it can monitor the situation of all nodes well, even in weak environments.

Intelligent Scheduling: Due to multi-system (4G & 5G) coexistence, the changes in network traffic hotspots are harder to predict. Based on the actual traffic demand, the algorithm can adapt the system capacity between 4G and 5G. This allows all equipment to maintain optimal performance intermittently.

Deployment Efficiency: To support a wide range of business demands, rapid application development, and gain a quick return on investment from users, it’s critical to assist customers in getting the most out of 5G. This can be done by swiftly launching apps using AI’s efficient deployment capabilities. The top planners, operators, developers, infrastructure suppliers, and other stakeholders can work together to achieve rapid deployment through AI.

AI-Driven Data Analytics

Using multidimensional correlation across the place, time, context, and state, AI can expose the linkages, dependencies, co-occurrences, and casualties. Thus, reducing alerts to focused, prioritized actions. Some key dimensions to consider are:

Space: Network and service topology that connects infrastructure to user location and experience
Time: Flow metrics, telemetry, and streaming data from passive and active monitoring
Context: metadata such as customer profiles, sentiment, external events such as weather, etc.
State: Status and configuration of traffic policies, network elements, port and flow statistics

AI can correlate events that would otherwise be separated across siloed systems by examining varied data sets across several dimensions. In other words, it has the ability to expose the unseen.

Other Uses of AI in 5G

By increasing network quality and providing individualized services, AI is already being utilized to improve customer service and increase consumer experience through chatbots and virtual assistants.

The greatest option for recouping the costs of transitioning networks to 5G is to use AI in network design.

AI efforts are also being applied to improve network performance management.

Managing SLAs, product life cycles, networks, and revenue are some areas where cellular decision-makers want to invest in AI.

(Read: Adopting Multi-Access Edge Computing (MEC) into 5G Networks)

How AI Benefits from 5G

Though AI has widespread adoption, 5G can still help bring advancements to the field of AI. For instance, Machine Learning (ML) models require large data volumes to train, and as these models get more complex and powerful, they will need larger datasets.

The low latency and high speed of 5G will allow analysts to swiftly gather, clean, and analyze enormous amounts of data. This will prompt the development of new analytics technologies in the near future.

For example, driverless automobiles were previously limited and a pipedream due to the significant latency supplied by 2G, 3G, and even 4G networks. However, 5G networks will provide minimal latency and improved information processing in real-time. In fact, more broadly, the biggest impact that 5G will have on analytics is real-time data exchange and insights.

Other AI applications such as automation, smart devices, AR, VR, and many others which form the basis of Industry 4.0 will be transformed with the help of 5G.

5G Network Architecture and URLLC

The 5G architecture is comprised of 3 key service areas:

Massive Machine-Type Communications (mMTC): This component supports large numbers of simultaneously connected devices and hence will help transform industries such as IoT (Internet-of-Things) and Smart Cities.
Enhanced Mobile Broadband (eMBB): This component supports high bandwidth demands and can transform industries such as AR, VR, and streaming.
Ultra-reliable Low-Latency Communication (URLLC): This component will enable low latency and guaranteed connections.

URLLC offers use cases that need high network dependability (above 99.999%) and extremely low data transfer latency (less than 1 millisecond). As safety requirements demand ultra-reliable connections, data would have to be shared in real-time with minimal delay. Because of the considerable danger involved, autonomous driving, for example, would necessitate such a connection.

Autonomous driving has numerous advantages, ranging from time savings to increased safety due to the elimination of human mistakes. However, all vehicles would need to be connected vehicle-to-vehicle and vehicle-to-infrastructure, such as traffic light systems, emergency services, and road maintenance programs.

Smart factories and Industry 4.0 have comparable requirements, requiring real-time interaction between machinery and robotics. They may also need real-time data from other sensors located throughout the manufacturing facility. Low-latency solutions enable these machine-operated systems to improve manufacturing lines in a safe and effective manner.

Other possible use-cases are remote and augmented reality healthcare, such as remote surgery, smart electricity distribution, and cloud-based gaming and entertainment.

(Read: An Introduction to OpenRAN (ORAN))

Source: ericsson.com

Network Slicing

Network slicing (also known as software-defined networking or SDN) will be another important 5G application. In addition to its low latency, it allows telecommunication companies to run several virtual networks on a single physical link. Providers will be able to ‘slice’ the network with 5G, meaning different networks and virtual layers will bring value to the business. Through data monetization, network slicing will enable the creation of new business models.

Each slice functions as its own network, with its own provisioning, security, and service quality needs. As a result, mMTC, which has low security and bandwidth requirements, is isolated from URLLC, which has strong security and reliability requirements. Despite this, all these slices are connected by the same physical network architecture.

(Read: RAN Slicing: Efficiency, Performance, Assurance)

Source: vanillaplus.com

Future Concerns with Increased Connectivity and Way Ahead

As 5G networks adopt AI and thus increase reliance on software, the potential cybersecurity risks related to design flaws (from poor development processes) will begin to matter more. We can already see cases where entities must perform their due diligence to secure their networks. The best example is the ban imposed by many governments on Huawei as a 5G equipment supplier.

Network equipment such as base stations and management functions are becoming more vulnerable to attacks. The dependence of mobile network operators on suppliers means an increase in the possible modes of attack. As a result, suppliers with low-risk profiles will be preferred.

The consequence is that 5G security companies will need to expand to tackle the multidimensional security problem that comes with the next-generation technology. Simply banning a single provider would not be enough.

It will take years to implement fully functioning 5G networks because the connectivity standards have yet to be established, and some aspects of the network have yet to be tested. Some businesses will gradually integrate it into their systems, while other industries, such as Data Analytics, will be quick to embrace 5G. Because it already deals with the challenge of managing petabytes of data that comes with present connectivity, the data analytics business may be the sector where 5 G’s promise will be fully realized. However, with 5 G’s promise of quick and real-time data analyses, the analytics and complex technologies derived from it will bring more potential for improvement.

Understanding 5G Wireless Technology

Jasveen Singh — Wed, 03 Aug 2022 05:40:00 +0000

Communication technology has been evolving at a fast pace for past two decades. During this time, wireless technology has also gone through many changes. From 3G and 4G, now we have companies expecting and preparing for 5G wireless technology. It’s the fifth-generation technology that might not have arrived yet, but OEMs have already started to make 5G enabled equipment.

Understanding 5G Wireless Technology

In simple words, it is the improved wireless internet technology that will allow faster speeds and reduced latency. According to the recent estimates, data speeds using 5G technology can be up to 20Gbps with less than one millisecond latency. However, those figures are only theoretical now. Keep in mind that LTE-A technology can also achieve speeds of 300Mbps on paper, but you mostly end up with less than 50Mbps downloading speeds.

Detailed Understanding of the 5G Technology

A comparison between the 4G and 5G technology can give you a better idea of the changes that have come with the fifth generation wireless. Large cells using high power and generating the signals for the 4G network are now going to get replaced with smaller cell sites. The small stations will not be as high-power as the large cellular towers used for 4G technology and hence they will be located closer to each other. The reason for locating these small cells closer to each other is because installing them far apart would invite signal interruptions due to objects and weather.

Rooftops and the top of the poles will be the perfect places to install the 5G cell stations. The new 5G technology will be energy efficient too. According to GSMA, a connection must fulfill the criterion of reducing 90% of energy consumption to qualify as a 5G network.

How 5G Will Enable Network as a Service

One of the major features of 5G architecture is the end-to-end slicing. The idea of network slicing involves parting an existing physical infrastructure into many smaller virtual sections. Each virtual network will be a complete infrastructure on its own. This feature will allow service providers to create multiple network infrastructures for the varying needs of the customers.

If you look at the current network configurations, a company providing broadband services has the same connection for its customers regardless of their usage differences. Not to mention, internet of things is not even a consideration in the existing networking services. For a customer, internet speed might not be as important as low latency, but the service providers had to no control over this factor with 4G technology.

Network slicing in 5G will allow a network service provider to create multiple virtual networks, segment the customers based on their needs, and dedicate a connection to the customer based on those needs. The new networks or slices will have their own properties, protocols, architecture and configurations.

NaaS for Businesses

While companies and individuals at homes will benefit greatly from the new technology, it is the businesses that will experience the revolutionary improvements 5G will bring with it. The availability of Network as a Service will allow businesses to manage their costs in a much better way. First, they won’t have to own their own network infrastructures now that there will be companies that can take care of this task for them. Secondly, they can have different connections enabled for different segments with their organizations.

For example, they won’t have to use a very high bandwidth connection with tremendously fast speeds for internet of things application. When it comes to IoT, low internet speeds are not a big problem because the amount of data packets to be sent is very low. However, they will need large capacity because there could be hundreds and thousands of devices connected to the same network.

Network service providers now can monetize their service further through slicing. They can introduce different data packages for different applications and sell them separately to their customers. An important thing to keep in mind here is that the presence of many different types of virtual networks will not affect each other’s performances. Every network is a separate entity whose speed and transfer rate will not affect the speed and transfer rate of the other virtual network.

Final Thoughts

If you did not know, large tech companies have already started to invest in 5G technology. 5G has not arrived yet but companies like Samsung, Qualcomm and Nokia have already started to work on various devices that are 5G enabled. Samsung is currently working on introducing a router for household usage that will be ready for 5G wireless broadband. Qualcomm is also putting in the efforts to come up with a 5G-enabled modem. Companies like Ericsson and Nokia are not focusing on end users instead they are targeting mobile service providers by offering them platforms that are compatible with 5G technology.

It is good news that 5G technology is not all about increased speed. It has come with new ways for operators to monetize their services, and features that will lay the groundwork for future technologies like artificial intelligence, internet of things, etc.

Reference

An Overview of ITIL: Framework & Best Practices

Jasveen Singh — Tue, 12 Jul 2022 07:49:22 +0000

ITIL is the acronym for Information Technology Infrastructure Library, which is a framework that encompasses a set of best practices for delivering IT services. ITIL provides a standardized approach to build and manage stable IT Infrastructure that offers lesser risks, higher efficiency, and scalability for growth.

As one of the most popular and widely accepted framework for IT service management today, organizations use the best practices laid down by ITIL for increasing operational efficiency and IT service improvement. The nucleus of ITIL is structured around a Service Lifecycle which consists of the five phases below:

In a practical scenario, organizations use a systematic approach to select, plan, support, and deliver IT services. It is easier said than done since it is a herculean task for an organization to align itself with business. In the real world, it is not simple to offer quality service to customers amongst constraints such as unplanned change management, less proactive helpdesks, and less comprehensive SLAs that lack clarity.

The framework of ITIL is divided into five broad stages or categories:

- Guiding principles
- Governance
- Service value chain
- Continual improvement
- Practices

1)Guiding principles

Guiding principles form the strategy laid down for the management of IT Infrastructure for secure collaboration and increased business value.

Focus on value: Question the current strategy and evaluate the business value. All plans within the strategy should add value to achieve the business objective.
Start where you are: Assess existing process, identify areas of improvement, and seek to enhance it.
Progress iteratively with feedback: Focus onsmall improvement steps and evaluate progress. Select manageable and measurable changes. Once these are embedded, move forward on to the next iteration
Collaborate and promote visibility: Understand end-users and work with them to plan improvements, then review failures and successes together
Think and work holistically: Organization does not limit thoughts to hardware or software but focuses on the latest technology to reduce dependencies
Keep it simple and practical: Focus only on required processes as many things change
Optimize and automate: Emphasize on optimizing process first and then automate to improve inefficiencies.

2) Governance:

Governance is a critical part and more like a Framework to align our organization with the activities. It also allows controlling and ensures that all activities comply with the guiding principles of ITIL to achieve the final goal.

3) Service value chain (SVS):

The SVS is a set of interconnected activities required to realize the value and deliver results to the end-users. There are six main activities within the service value chain:

Plan: Involves creating a layout along with the policies to define the approach needed to achieve the organization objective
Improve: Devise strategies that target to improve the practices, services, and products continually.
Engage: This activity will facilitate the engagement with collaborators to obtain their precise requirements needs and pain points
Design and transition: Create new services and enhance existing services
Obtain/build: Obtain customer specifications and create the service modules for meeting their requirements
Deliver and support: Push out the services that are being used by the relevant stakeholders, meet their specifications

4) Continual improvement:

Implement a continuous improvement across the entire service lifecycle. ITIL 4 offers a Continual Improvement model which is applied to all facets of products and services alike. However, organizations use alternative improvement approaches like Lean, Six Sigma as well.

5) Practices:

Practices are one of the most critical parts of the service value chain that allows us to deliver valuable services to the end-user. ITIL 4 specifications separate practices into four broad categories:

Organizations and people: Define and assess the systems and culture, roles and skills to deliver the services
Information and technology: To deliver services, organizations select the available hi-tech and data at their disposal
Partners and suppliers: Forge strong relationships with stakeholders including third parties for service delivery
Value streams and processes: Define all the processes, workflows, and activities that add value to the service. Thirty-four practices are divided into three management areas (the practices may be referred to in ITIL documentation).
- General Management: 14 practices
- Service Management: 17 practices
- Technical management: 3 practices

To extract maximum benefit from ITIL, an organization need not employ all the practices. The trick to success is to use the ones that add value and align to strategic objectives. For example, many organizations tried to use virtualization and network transformation that needs ITIL Framework, but lack of expertise has resulted in overkill at an extensive cost.
(Also read: Why Businesses Should Adopt Managed Cloud Security Services)

References:

https://www.happiestminds.com/whitepapers/Adopting-ITIL-Framework.pdf
https://www.axelos.com/best-practice-solutions/itil/what-is-itil
http://www.ipedr.com/vol5/no1/8‐H00038.pdf
https://stephenmann.wordpress.com/