Secure Credential Management



Managed PKI services from companies like Symantec and DigiCert have revolutionized the cost and complexity of digital certificate infrastructure. Many of these services now include support for smaller, lightweight, IoT style certificates to help deliver stronger security to a wider range of devices.

In order to take full advantage of these services while addressing the challenges of deploying and managing PKI at IoT scale, Device Authority’s Secure Credential Management solution directly integrates with leading PKI providers like Symantec and DigiCert to securely automate certificate provisioning, revocation, and renewal processes. 

Most importantly, our solution creates a direct, authenticated, policy-enforced binding between devices and the credentials that are assigned to them.  This prevents the use of certificates and keys from unauthorized devices.

Key features of Device Authority’s Credential Management module:

Secure Storage

To prevent theft of certificates and unauthorized usage, the DA agent stores the certificate and associated key pair in an encrypted state. The Agent will make decryption available only to authorized applications defined in the credential provisioning policy on the KeyScaler server.

Internal PKI generation

KeyScaler now provides the ability for customers to generate their own internal private root certificate authority and key, to enable provisioning of self-signed certificates to devices and the AWS IoT service.
Benefits:
  • Enhanced security for storing device keys, even without hardware support; in the absence of TPM or secure element
  • Provides network access to your trusted users and devices.
  • Prevents certificate and key theft, cloning, impersonation and spoofing
  • Helps protect apps and data from malware and hijacking.
  • Customers can take control of their own security posture
  • Instant private PKI deployment for use-cases that benefit from self-signed certificates, for example video surveillance cameras