According to IoT Analytics, the global number of connected IoT devices has hit 12 billion active endpoints; by 2025, there will likely be more than 27 billion IoT devices connected.
This trend will inevitably lead to an increasing number of cyberattacks and will result in greater risks for enterprises. Securing the full IoT chain is becoming crucial. The cornerstone for device-to-cloud security is the capability to assign to each device a unique digital identity and to manage it securely all along the life cycle.
Nexus Group has developed the Smart ID IoT software and Nexus GO IoT cloud platform which enable companies from all industries to issue and manage the lifecycle of trusted identities for IoT devices.
This is achieved using Public Key Infrastructure (PKI) security technology that provides secure digital identities in the form of cryptographic keys and digital certificates.
Securely provisioning, storing and managing these keys and certificates inside IoT devices is a major challenge for IoT application providers. Trusted Objects and Nexus Group have worked closely to fill the gap; the two companies offer a joint security solution to manage devices’ identities automatically over the lifetime of the devices; from manufacturing to usage in the field.
In this way, all IoT devices, including those with limited computing power and communication bandwidth, can secure device-to-cloud or machine-to-machine communication and firmware upgrades.
The joint security solution comprises several standard products of the partners:
-
- to-protect, Trusted Objects’ software-based Root-of-Trust for any microcontroller unit (MCU), and tops plug&go, a secure MCU manufacturing solution. Both products are fully integrated into the Nexus PKI solution. At the time of the MCU production, tops plug&go provisions an initial PKI-based identity to the IoT device. tops plug&go operates securely even in an uncontrolled environment. tops plug&go securely connects to the Nexus Factory CA (Certificate Authority) to obtain the “factory certificate” and forwards it to the MCU during programming. The factory certificate can be used to trace and authenticate the device at any point throughout the supply chain and once deployed.
Also Read: Three Ways to Achieve a Seamless Cybersecurity Posture
-
- to-protect, Trusted Objects’ software Root-of-Trust, is an on-board security solution for the storage and the protection of the “factory key and certificate”. Once the IoT device should be onboarded to a cloud-based IoT service, to-protect will generate a new PKI key and request an “application certificate” from Nexus GO IoT, Nexus Group’s cloud-based PKI service. With the help of the securely stored PKI key and application certificate, and the trusted TLS client software in to-protect, the device can authenticate at the cloud application and establish secure encrypted communication.
- Nexus’ general-purpose PKI solution is based on 30+ years of consequent development of Certificate Authority software and the adaptation of a broad range of open PKI standards. The CA software is delivered for the joint solution, on one hand, as a Factory CA software appliance for easy on-premises deployment and, on the other hand, as cloud-based SaaS service under the brand Nexus GO IoT. In both delivery forms, the PKI solution is very flexible in terms of certificate templates, CA hierarchy and certificate management APIs. The Nexus GO IoT service takes the burden of investment, staffing and compliant operation of a PKI service from the subscribers, and provides CA services at affordable costs even for small-mid size organizations.
Trusted Objects and Nexus’ partnership empowers IoT device vendors and application providers to implement a seamless, secure, and automated certificate management solution in their supply chain and applications.
Jean-Pierre Delesse, COO and co-founder of Trusted Objects, declares: “Thanks to great synergies and complementarities with Nexus, we could reach an important milestone of our mission to secure the IoT applications. We are eager to continue this cooperation with Nexus and together change the game in the field of IoT security.”
Tamás Horváth, Innovations Manager IoT at Nexus Group says: “IoT device manufacturers and application vendors should be able to focus on creating the core business value of their application and add security as an off-the-shelf solution.
Our joint proposal with Trusted Objects provides automated certificate management and a secure communication solution very much transparently to the application software. IoT vendors can put a check on secure device-to-cloud communication.”
For more such updates follow us on Google News ITsecuritywire News