December 15, 2016

IoT Security needs a customer-centric approach: 7 challenges and their solutions

Security is typically left as an oversight for many products today, simply because it is deemed too difficult to do and to facilitate effectively at scale. Security for many products is poorly thought through with little attention paid towards the use case, supply chain and business needs.

A significant number of products shipped today either have no security or at best a poor defined security posture which is orchestrated by a chosen manufacturer. For the latter, most deployments would involve a manufacturer installing certificates or keys into a device at manufacturing time or soldering down a device to a printed circuit board (PCB) with cryptography keys/certificates already baked in.

This opens a few questions which we need to consider:

  • How do you prevent cryptographic keys being revealed (symmetric key insertion into devices is an issue!)
  • How do you prevent unauthorized products being manufactured with the same keys?
  • How do you renew certificates or keys which are installed at manufacturer time?
  • How do you prevent unauthorized software or data being installed into the product?
  • How does a customer define their own security posture for the needs of their application & business?
  • How do customers set fine level of policy controls specific to each application / use case?
  • How do customers ensure security end-to-end and not just limited to transport level encryption (edge to edge)?

Using a manufacturer-centric approach to setting security posture exposes the end product as described in the points above, how do you trust the manufacturer, their process and security know how?

One way to solve challenges 1-3 would be to utilize a solution which is not reliant on having cryptographic keys or certificates installed to the device at manufacture time. Using a solution which binds certificates to devices would also benefit. Binding a certificate to a device means that if the same certificate is used more than once then your server side authentication mechanism should be able to detect this and quarantine / blacklist these products.   We should also consider having a mechanism to remotely renew and revoke certificates, giving the customer control over their deployment, when to renew certificates etc. Whereas using static certificates becomes impossible once devices are in use.

Device Authority’s KeyScaler platform can alleviate the above issues and allow the end customer to take control of the security posture for their product to meet the needs of their product, supply chain and business. Having KeyScaler’s Dynamic Device Key Generation (DDKG) software enabled on the end point means that certificates can be delivered to your devices in a secure and robust manor at scale post-deployment, which also means you can renew certificates or revoke them as to your requirements. You can also bind certificates to specific devices, meaning not more than one device can authenticate with KeyScaler with the same credentials. Also, if your product doesn’t rely on standard PKI signed certificates then you can use DDKG to generate dynamic session based crypto keys without the need to use fixed keys baked into your solution at production time. Ultimately improving your security posture beyond what static keys offer today.

If we look at challenge 4 in more detail, then this isn’t a problem contained to manufacture time but also post manufacture and in real time deployment (look at the recent DDoS attacks and the need for camera management solutions). To solve these challenges, we need a solution which a) can detect un-intended software configurations b) determine these changes and do something about them i.e. quarantine the product. KeyScaler can resolve these two challenges using DDKG which resides on the end point and can be setup to authenticate against a known genuine software environment.

Challenges 5 and 6 relate to end customers being able to control the security posture of their products e.g. I may want to renew PKI certificates monthly, I may want to control which data payloads get encrypted and which do not, depending on my business’ needs. KeyScaler’s device-centric policy management and automated certificate renewal polices can solve this, giving back control to the end customer.

Finally, lets address challenge 7; end-to-end encryption is key to securing your data from end point, in transit and at rest in a database (cloud or on premise). Manufacturers’ approach to security means that most certificates / keys are used for Edge to Edge encryption utilizing TLS or some other transport mechanism. This is satisfactory to secure the tunnel but what about the data which resides in the cloud or on premise database? Device Authority’s KeyScaler platform is transport level agnostic, meaning data is secured and encrypted from source to the database.

Find out more about KeyScaler’s technology and capabilities in our brand new Technical Insight Guide.

If you’re interested in how KeyScaler provides robust IoT Security for connected surveillance cameras – sign up for our next webinar.

Robert Dobson