This interview is part of our new Blockchain In Cybersecurity series, where we interview the world's leading thought leaders on the front lines of the intersections between blockchain and cybersecurity.
In this interview we speak with Amit Biyani, CEO and founder of SmartAxiom, to understand how his company can secure keys for blockchain, and what the future of the industry holds.
1. What’s the story behind SmartAxiom? Why and how did you begin?
AB: I came from Broadcom where I led a cross functional team delivering set-top-box chipsets for customers like DirecTV. While deploying these large systems of servers and client devices, I got a real feel for security as you don’t want customers activating boxes without a subscription, or worse stealing valuable media content. With the new owners of Broadcom no longer placing the same emphasis on advanced semiconductor design, I struck out on my own eyeing the huge opportunity (and security exposure) of the Internet-of-Things (IoT). SmartAxiom really came together when the team was brought into the HP Enterprises Campus in Houston TX to improve the occupant experience of the smart buildings there.
2. Please describe your use case and how SmartAxiom uses blockchain:
AB: Beyond basics like encryption, IoT Security is all about approval. Is this device a legitimate part of the system (and not a compromised unit added maliciously) and is it allowed to do what it is asking for (such as send data externally or turn on the heat)? The big question is: where do these approvals come from?
When most companies talk about IoT security, those approvals are coming from a server in a PKI (Public Key Infrastructure) model, largely consisting of a chain of certificates with keys encrypting communications. When implemented properly this can be quite secure and works well for some applications. Organizations are finding out though that this model has shortcomings such as high latency, a susceptibility to man-in-the-middle attacks, complicated certificate management and the system going down with the server or connection to it.
Instead SmartAxiom developed a unique lite blockchain to run among devices at the edge of the Internet. Through it, those devices can trust each other and work together to defend themselves. In SmartAxiom’s BlockLock software, approvals come from a quick majority consensus vote from local peer devices. It is:
– fast since the approvals come from close by
– reliable through redundancy as a large minority of the nodes can fail without affecting operation, and
– secure because to break the system someone would have to hack the majority of the local nodes between transactions (as they use their shared transaction history to authenticate each other).
3. Could you share a specific customer/user that benefits from what you offer? What has your service done for them?
AB: On the HP Enterprises campus, staff were no longer annoyed by long delays after pressing the switch and though there still is a server to archive data for energy usage reports etc the buildings will operate without it.
4. What other blockchain use cases in cybersecurity are you excited about?
AB: There is a great natural fit between blockchains and logistics. Distribution and supply chain managers care a lot about provenance: where was a shipment at what time, owned by whom and under what conditions? A great feature of blockchains are their immutable record – they never forget. So pouring provenance data into a blockchain where it can’t be tampered with has a lot of value. SmartAxiom’s software is used to extend enterprise logistics systems securely out to the actual devices on the trucks and shipping containers. Then you can do things like automate payments when you really trust when the container says it has arrived, without being opened or exceeding its temperature or vibration limits.
5. Where will SmartAxiom be in 5 years?
AB: Well we might be hidden inside the big IoT systems that industry leaders are rolling out, but we hope our software is securing many of those systems across many verticals beyond smart buildings and logistics tracking, such as automotive, security systems, mesh WiFi, storage clusters and production lines.