By Amaro and Azure Security News
Eurotech, a company that designs, develops, and deploys hardware and software solutions for the Edge and Internet of Things (IoT), is working with Infineon, Microsoft and GlobalSign to simplify large scale, secure rollouts of connected devices. This collaboration delivers assurance by extending the secured device identity chain from the edge to the cloud.
Building on industry standards, the solution starts the chain-of-trust at Infineon’s OPTIGA™ TPM (Trusted Platform Module) which is installed in all Eurotech IoT Edge gateways. As a platform manufacturer, Eurotech extends this ‘trust’ to a secure Initial Device Identifier, an IEEE 802.1AR certificate-based identity that is cryptographically bound and uniquely assigned to the device. This identity attests to the integrity of the platform supply chain and provides the necessary baseline for zero-touch onboarding. As part of this collaboration, Eurotech has worked with GlobalSign, one of the leading security certificate authorities, and Microsoft, with its IoT Identity Service security subsystem of the Azure IoT Edge, to further extend the chain-of-trust to cloud connectivity. This is achieved through the enrollment of additional local certificates confirming device ownership to a customer and using these identities for automatic provisioning of Azure IoT Hub operational identities by the Azure Device Provisioning service.
The solution drastically reduces the complexity of embedding strong certificate identities in cloud-connected device architectures. It delivers a blueprint for the management of standard-based digital identities over the life-cycle of the device from manufacturing, provisioning, maintenance, and finally decommissioning.
Marco Carrer, CTO at Eurotech comments, “We are very proud of partnering with industry leaders Infineon, GlobalSign and Microsoft to lower the barriers of adoption of best practices for hardware-anchored digital device identities. This partnership reflects Eurotech’s commitment to cybersecurity and supporting its customers to reduce device complexity and management.”
“IoT is changing the way businesses think and operate, allowing them to optimize existing processes and opening the door for new business models and revenue streams,” said Sam George, corporate vice president, Azure IoT at Microsoft Corp. “Streamlining the process of creating a chain of trust reduces the risk of supply chain tampering and device attacks that stem from compromised device identities. By helping to mitigate these risks, we’re enabling organizations to build more durable and resilient IoT solutions—to innovate on a foundation of trust.”
“Security remains the key enabler for cloud service adoption. The necessary level of protection can only be achieved by combining software security mechanisms with robust hardware-based security capabilities based on globally accepted industrial and IT security standards. A chain of trust from the node to the cloud using hardware-based security anchors allows to securely identify each IoT and Edge device, to protect sensitive data as well as the integrity of the Cloud”, says Juergen Rebel, Vice President & General Manager Embedded Security at Infineon Technologies.
“Secure, zero-touch onboarding of IoT devices to the cloud is an important solution that realizes immediate value through its security and efficiency said Lancen LaChance, VP of IoT with GlobalSign. It’s a solid blueprint that benefits the broader IoT industry by providing a proven, best practice solution to a common IoT device identity management challenge. Our collaboration with notable experts Infineon, Eurotech, and Microsoft has enabled the entire IoT industry to take one secure leap forward.”
The solution is being launched at Hannover Messe 2021 and will be available in Q4 in 2021. Please join us at the Webinar on 13th April at 8:00 am PDT | 11:00 am EDT | 17:00 CEST.