By Neil Tyler and Azure Security News
Eurotech, which designs, develops, and deploys hardware and software solutions for the Edge and Internet of Things (IoT), is working with Infineon, Microsoft and GlobalSign to simplify large scale, secure roll outs of connected devices.
This collaboration looks to deliver assurance by extending the secured device identity chain from the edge to the cloud.
Building on industry standards, the solution starts the chain-of-trust at Infineon’s OPTIGA TPM (Trusted Platform Module) which is installed in all Eurotech IoT Edge gateways. As platform manufacturer, Eurotech then extends this ‘trust’ to a secure Initial Device Identifier, an IEEE 802.1AR certificate-based identity that is cryptographically bound and uniquely assigned to the device.
This identity attests the integrity of the platform supply chain and provides the necessary baseline for zero touch onboarding.
As part of this collaboration, Eurotech has worked with GlobalSign, a leading security certificate authority, and Microsoft, with its IoT Identity Service security subsystem of the Azure IoT Edge, to further extend the chain-of-trust to cloud connectivity. This is achieved through the enrollment of additional local certificates confirming device ownership to a customer and using these identities for automatic provisioning of Azure IoT Hub operational identities by the Azure Device Provisioning service.
The solution drastically reduces the complexity of embedding strong certificate identities in cloud connected device architectures. It delivers a blueprint for the management of standard-based digital identities over the life-cycle of the device from manufacturing, provisioning, maintenance, and finally decommissioning.
IoT is changing the way businesses think and operate, allowing them to optimise existing processes and opening the door for new business models and revenue streams,” said Sam George, corporate vice president, Azure IoT at Microsoft. “Streamlining the process of creating a chain of trust reduces the risk of supply chain tampering and device attacks that stem from compromised device identities. By helping to mitigate these risks, we’re enabling organisations to build more durable and resilient IoT solutions – to innovate on a foundation of trust.”