Securing IoT with PKI
The Internet of Things (IoT) has come of age and is transforming our world. IoT is already well established across a variety of industries, including factories, smart cities, healthcare, retail and many other environments. According to McKinsey, it is expected to deliver an economic impact of between $4 trillion and $11 trillion by 2025.
IoT offers a unique opportunity to deliver compelling benefits across multiple sectors by enabling connectivity of devices, services and systems that goes well beyond existing machine-to-machine (M2M) capabilities. However, establishing trust and security is essential to ensuring that IoT innovation delivers the outcomes that people and businesses expect.
Information Security is Vital for IoT
Like any advanced network use case, IoT solutions depend on working with fundamentally secure systems and data. That means it’s critical to maintain confidentiality, availability and integrity. To keep private data confidential, access to information should be available only for users authorized to view it. When information is transmitted between IoT devices, it must be encrypted to stop unauthorized access.
Controlling access to the device is also key to keeping IoT data confidential. Organizations must ensure anything connecting to an IoT device, whether that be a gateway, server, another device or users are properly authenticated to ensure only trusted users and systems gain access. It’s also important to ensure data integrity, making sure any package sent to a device, or any data generated by the device is authentic and unaltered.
PKI: An Ideal Approach to Securing the IoT
PKI has long been a leading standard in Internet security and offers all the capabilities needed to provide a high level of trust and security that today’s IoT deployments require. It delivers robust, proven security through encryption and authentication capabilities, and digital signatures to verify the integrity of data. It is also a flexible approach to security, designed to support the diversity that is inherent in IoT use cases. With PKI, organizations can ensure that users, systems and devices can be safely authenticated and that data can be safeguarded both at-rest as well as in-transit.
Minimizing friction for end users is an important way to maximize adoption and productivity, and PKI offers an intuitive experience that provides mutual authentication, encryption of sensitive data, and the assurance of data integrity. It enables flexible deployment across a variety of environments and is manageable at scale. PKI is also highly customizable and enables organizations to modify or revoke certificates to rapidly respond to changing business needs.
Securing the IoT Today in More Places Than you Think
When deployed and managed with best practices, PKI provides a strong foundation to enable organizations to establish and maintain trust and security across IoT use cases. It is already in use today in a variety of industries, and as the IoT continues to mature, its adoption will only continue to grow.
Securing Home Devices
Home IoT devices are increasingly popular, but many consumers have had problems getting the different devices within their homes to work seamlessly together. There is also great variation in security practices between smart home device manufacturers. Many different protocols and operating standards are in use, so there is no guarantee that a particular device will be secure, or compatible with a virtual assistant or home network. To address these issues, the Zigbee Alliance, working with industry leaders like Amazon, Apple, Google, Samsung, DigiCert and many others, formed the project Connected Home over IP (Project CHIP).
Project CHIP is dedicated to creating an interoperability standard for home devices, with a strong focus on security. Its goal is to not only ensure that devices will interoperate smoothly, but also to support safer, more secure collection and management of data on home networks.
PKI plays a fundamental role in the emerging standard, and will ensure that devices are authenticated securely, and that communication remains confidential. Project CHIP will not only simplify deployment for manufacturers but assure consumers that home devices will work together securely with any device that meets the new standard.
Safeguarding Air Traffic Control
PKI is also playing an active role in transportation use cases, including air traffic control communications. Security is paramount for maintaining the safety of ground-to-aircraft communications systems. To provide a standardized, scalable security model for wireless communications, the WiMAX Forum introduced the Aeronautical Mobile Airport Communication System (AeroMACS).
AeroMACS enables ground-to-aircraft communications to support not only current applications, but new ones that require more bandwidth. By supporting increased transmission of air traffic control and airline operations communications, the standard is expected to minimize delays and reduce traffic congestion. PKI services will allow AeroMACS members, including ground controllers, pilots and airport services to communicate with one another while maintaining security. The standard is internationally recognized and validated by a variety of regulatory organizations, including the Federal Aviation Administration (FAA), EUROCONTROL and the International Civil Aviation Organization (ICAO).
Making Television Smarter and Safer
Security is becoming increasingly important for entertainment use cases, especially television. As consumers view programming over more devices, from different providers, it’s more important than ever to protect not only content, but viewer’s data. Ideally, this level of protection should be incorporated directly into devices.
Beginning in 2002, early standards, such as the digital video broadcasting common interface, version 1 (DVB CI v1) standard provided some initial protection for televisions in Europe. However, the standard became outdated as new technologies like DVRs, HD programming and Internet-connected set-top devices emerged. The aging DVB CI v1 standard could not recognize the newer devices, and offered only one-sided encryption of data sent to a conditional access module (CAM).
To address the issue, several leading television manufacturers came together to develop the Common Interface Plus standard. With PKI security certificates at the heart of the standard, CI Plus provides built-in, end-to-end encryption. Using certificate-embedded TVs together with CAMs, the standard helps ensure that content and consumers remain protected, while delivering a high-quality, personalized viewing experience.
Toward a more secure IoT landscape
PKI has proven itself as a highly secure, flexible, manageable solution for protecting today’s most advanced IoT environments. As the IoT continues to mature, PKI and industry leaders will continue to support innovation by ensuring the trust and robust security required to deliver on its full potential.
