Plurilock Security Solutions, Inc. picked up a $200,000 award to develop an identity management (IdM) platform to improve the security capabilities of smart devices, sensors and other devices that connect and operate across the Internet.
Sensor platforms and the smart devices that make up the Internet of Things (IoT) are common examples of Non-Person Entities (NPEs) – digital entities that can take actions in cyberspace, but that are not people.
These devices and platforms operate with limited resources, including low processing power or energy, such as devices often used by first responders in the form of wearable technology.
Along those lines, the Department of Homeland Security (DHS) Science and Technology Directorate (S&T) is looking to prevent spoofing of NPEs that can involve unfriendly actors pretending to be smart devices to launch attacks, access and steal user information, spread malware or bypass security.
Plurilock’s IdM platform, BioTracker wants to protect NPEs and their affiliated institutions with a high level of assurance and within the limited resources NPEs are known for. BioTracker uses behavioral and contextual data from users to authenticate the identity of an NPE to protect it from a number of threats, including botnets, exploit kits and distributed denial of service (DDoS) attacks specifically designed to target IoT networks.
“With the rapid growth of NPEs, innovative approaches to identify them with a high degree of assurance is paramount,” said Anil John, S&T Identity Management R&D Program Manager. “Plurilock’s approach to support both local cryptographic identifiers and a stand-off identification solution for legacy environments could provide DHS with disruptive, state-of-the-art capabilities to protect critical network resources.”
The Plurilock effort was awarded under S&T’s Silicon Valley Innovation Program (SVIP) Other Transaction Solicitation (OTS) authority, through the Identity and Anti-Spoofing of Non-Person Entities (NPEs) OTS – HSHQDC-17-R-00051 solicitation. Plurilock is headquartered in Victoria, British Columbia, Canada, and is the second non-U.S. entity to receive a contract award from the S&T SVIP.
“Ensuring the identity protection of NPE-connected devices and platforms through identity and anti-spoofing technologies is essential to keeping our nation and economy safe,” said SVIP Managing Director Melissa Ho. “I am pleased SVIP is enabling the development of innovative technology solutions that could benefit multiple DHS components and critical infrastructure providers who are looking for innovative approaches to anti-spoofing of devices and sensors.”