PKI for IoT

Securing the Internet of Things (IoT) with Public Key Infrastructure (PKI)

Secure your non-traditional devices with a Public Key Infrastructure (PKI) from CSS that allows for massive scale, very high key security requirements and the possibility of extended certificate lifetimes. CSS’ scalable model also permits ultra-high availability batch issuance and enrollment on demand with no per certificate fees.

The IoT market – not including PCs, tablets and smartphones – is targeted to grow to 26 billion units in 2020 representing an almost 30-fold increase from 2009’s rates, according to Gartner, Inc. IoT product and service suppliers will generate incremental revenue exceeding $300 billion in 2020 resulting in $1.9 trillion in global economic value-add through sales into diverse end markets. 

As traditional IT systems widen to accept IoT devices, enterprises need the ability to protect their employees, clients and intellectual property. CSS believes that if a device is going to share data over a network it should do so in a scalable, affordable, properly managed environment, with proven security technology. The proper implementation of digital certificates significantly improves end-user experience and the security posture of the enterprise through cryptographically-sound technology.

Public Key Infrastructure (PKI) for the Internet of Things (IoT) White Paper

Published - Thursday, June 30, 2016

Digital certificates continue to be a cost-effective and efficient method to authenticate, secure and validate diverse endpoints and data in IoT systems. As organizations recognize the cost savings and flexibility associated with establishing their own PKI, they’re also learning that the typical enterprise PKI is not a good fit for unique IoT systems.

Download this white paper to learn about unique PKI for IoT considerations including:

  • Importance of authentication, encryption and signing for IoT devices, data, users and applications
  • How PKI for IoT is different from a typical enterprise PKI
  • Challenges related to high volume, low power devices, disparate endpoint owners and multiple relying parties
  • Issues and best practices for IoT PKI trust, scalability and uptime
  • IoT PKI design considerations

Download White Paper

Three keys to securing the internet of things with Public Key Infrastructure (PKI):

PKI for IoTAuthenticate

PKI for IoTEncrypt

PKI for IoTSign

Dangers of non-traditional Internet-connected systems

  • 90% of devices collected at least one piece of personal information through the mobile app, the cloud, or the device itself
  • 70% of devices employed unencrypted network service
  • 80% of devices and associated apps and cloud services failed to require passwords of a sufficient complexity and length

Difficulties of securing device-to-device connectivity

  • Multiple data collection sources from different vendors
  • Lack of standards
  • Many devices don’t have enough information to authenticate or authorize connections 

Use digital certificates for high-assurance IoT security

  • Binds an identity to a cryptographic key
  • Can be used for authentication
  • Can be used to sign information
  • Can be used to encrypt/decrypt information
  • Is understood by a wide array of software:
    • Operating Systems
    • Toolkits
    • Software libraries

PKI for IoT is scalable and highly secure

Enabling the security for non-traditional device connectivity with Public Key Infrastructure (PKI) requires massive scale, very high key security requirements and the possibility of extended certificate lifetimes to limit on-going management challenges. CSS’ scalable model allows for ultra-high availability batch issuance and enrollment on demand with no per certificate fees.

IoT Core Security Requirements

  • Security should be designed in
  • Device identity is important
  • Devices have long lifespans and require planning ahead of time
  • Critical nature of private/secret key

Learn how CSS can help you manage your IoT project