more on sirris.be
back to overview
Secure Element

Secure Architecture

Secure Element

Question

How to securely provide and strongly protect identity of IoT devices?

Context

Protecting cryptographic secrets on IoT devices used to perform device identification to the cloud backbone is difficult using off-the-shelf embedded setups which store secrets using standard file systems on flash drives. There are multiple side channels that can be exploited to extract secret keys and other sensitive information.

Solution

Using a unique identity, PKI should be the foundation of any IoT security strategy. With a unique strong device identity, things can authenticate when they come online and ensure secure and encrypted communication between other devices, services and users. Because PKI is an established technology, it can be implemented immediately into IoT ecosystem today and easily integrates with other components of IoT security solutions.

References

AWS IoT Device Management - aws.amazon.com
IoT device management with asure - docs.microsoft.com

Secure Architecture Navigation

Virtual Network

Virtual Network
Secure Element

Secure Element
Web Application Firewall

Web Application Firewall
Secure Cold Storage

Secure Cold Storage
Certificate and Key Manager

Certificate and Key Manager
Secure Auditing

Secure Auditing
Hardware Security Module

Hardware Security Module