Leading CA unveils the industry’s most comprehensive IoT device identity enrollment service.
GMO GlobalSign (https://www.globalsign.com/en), a global Certificate Authority (CA) and leading provider of identity and security solutions for the Internet of Things (IoT), today announced the availability of IoT Edge Enroll v2, which is a full-featured IoT device identity enrollment and management service. IoT Edge Enroll ensures simple, secure, and optimized device enrollment to our Public Key Infrastructure (PKI)-based IoT Identity Platform. Built on a modular, extensible framework, IoT Edge Enroll delivers proper enrollment security, advanced admin control, as well as flexible, customizable enrollment rules.
Secure device enrollment is challenging. Immature, evolving, or even non-existent standards make proper enrollment a guessing game. And security gaps persist. This is especially true for IoT manufacturers and critical IoT infrastructure operators. Manufacturers worry about the impacts of downstream device identity while operators are concerned with interoperability and securing the connected supply chain. As an emerging industry, the IoT can benefit from industry-leading expertise to successfully create and manage on-premise enrollment services.
IoT Edge Enroll v2 leverages its advanced feature set and the expertise of its developers and PKI experts to simplify the configuration and setup of the enrollment service, optimize the operation of the service and the enrollment of devices, and to harden the enrollment protocols for device and system security while being ideal for interoperability with major IoT cloud platforms.
“GlobalSign initially developed IoT Edge Enroll to meet basic IoT device enrollment needs. This new release is far more advanced. It enables advanced control and management with the most comprehensive, flexible, commercial PKI device enrollment feature set available on the market today,” said Lance LaChance, Vice President, IoT Solutions, GlobalSign. “It solves the challenges that manufacturers and operators face with the extensible and secure design that’s flexible for evolving and emerging IoT needs.”
IoT Edge Enroll v2 key features include:
- Standards-based APIs for secure interoperability
- Dedicated, RESTful Admin API for secure admin functions
- TPM attestation support – Integrating secure microprocessor hardware with device identity credentialing
- Custom certificate profiles – Can be applied to all types of x.509 certificates
- Certificate templating engine – Dynamically generate certificate fields from external sources and authenticate against enrollment policies
- Device Identity Manager – Allows admins to manage unique device identities throughout their lifecycles
- Enrollment Policy Engine – For enhanced security so levels of authentication for security and compliance can be easily set
- Plug-in architecture – For customizing enrollment. The extensible framework enables plug-in features/functions to call external sources and code
- Interoperable with all major IoT cloud platforms
Full integration with GlobalSign’s CA means it is scalable with high-performance processing and meets FIPS 140 compliance. Customers can choose from dedicated private hierarchies, branded public intermediate CAs and shared or private roots.
LaChance continued, “IoT Edge Enroll delivers on its promise of streamlined implementation, unique and custom configuration to suit any IoT scenario and optimize its operation, and secure enrollment protocols to protect devices and entire ecosystems.”