Certificate Identity for the ThingWorx Platform

IoT Platform Integration and Marketplace Add-on

The value of unique trusted identity

With the adoption of IoT comes new challenges that proliferate as these “connected things” come online. Devices across all industries and critical infrastructure collect and transmit functional data that is leveraged for descriptive, predictive, and prescriptive action. This action is predicated on legitimate and accurate data being received, and devices protected against misuse or breach.

Only when a device carries a unique identity – a device certificate – can we ensure secure validation of device, data, and code. A shared token or key, or plain-text passwords, cannot provide that security assurance level, and will also reach limitations when trying to manage and control individual devices in distinct ways.

An end-to-end certificate solution for ThingWorx

CMS VerdeTTo enables organizations running the ThingWorx IoT platform to establish their own dedicated IoT Directory and build a high assurance security model based on trusted identity and certificates. The VerdeTTo Access Valve for ThingWorx integratesan organization’s dedicated IoT Directory and Root of Trust with their ThingWorx IoT platform, and turns on certificate-based authentication and granular authorization for every device connection. In conjunction with CMS VerdeTTo, it allows device access tobe controlled based on time-fencing, geo-fencing, and any other adaptive criteria set within a device’s extended attributes.

Establish your own IoT Directory and Root of Trust

CMS VerdeTTo is a secure service that lets you establish your own dedicated IoT Directory built upon your own dedicated Root of Trust (RoT). An IoT Directory allows you to execute granular device authentication and authorization, data encryption, and assurance of secure code execution.

CMS VerdeTTo establishes unique identities consisting of device certificate, trust chain, and extended attributes, for each of your IoT devices, whether in the thousands or millions.

CMS VerdeTTo provides agents and APIs for Root of Trust management, and an Access Valve for the ThingWorx IoT platform in order to seamlessly enable certificate authentication and granular authorization. 

Focus on putting your devices and data to work

CMS VerdeTTo includes a High Assurance PKI for the issuance of identities to all IoT devices and systems. Each deployment is dedicated, single-tenant, customized to exact project requirements, and then fully managed for you.

Cut design and deployment time by leveraging the flexibility and scalability of PKI-as-a-Service (PKIaaS), together with a platform that simplifies identity lifecycle management for each device.

Ensure that the management overhead of critical security infrastructure does not hold back your business as your initiative grows, or as new projects and requirements come online.

CMS VerdeTTo Access Control Valve Integration

The VerdeTTo IoT Access Valve, together with the CMS VerdeTTo IoT Identity Platform, enable the performance of additional validation of inbound requests to the ThingWorx platform, based on unique client certificates and their extended attributes. It offers features such as:

  • Dynamic client certificate authentication requirements – Turn requirements on and off without restarting your server or disconnecting any clients.
  • Adaptive authorization – Adaptively allow or deny device connections individually or as a collection.
  • Time and location restrictions – Restrict device access to certain IP addresses and/or time of day.
  • Monitoring – Log unsuccessful connection attempts or attempts with certificates that have been revoked.

Learn More

On-Demand Webinar

Turnkey Certificate-based Security Extension for ThingWorx IoT Platform Users

See CMS VerdeTTo in action