Protecting IoT devices from cyberattacks: A critical missing piece: Page 7 of 13

August 10, 2017 //By Alan Grau, Icon Labs
When it comes to protecting IoT devices from cyber attacks, both device hardening and security appliance approaches each has its supporters, but there are trade-offs between “device-centric” and “appliance-centric.”

PKI and certificate-based authentication

A well-known and tested security solution has recently seen a dramatic rebirth in the IoT recently. PKI (Public Key Infrastructure) is a set of technologies and services for managing authentication of computer systems.

PKI certificates are very useful in high-security situations. For example, suppose that you needed to securely transmit data between two networked devices. How do you really know you are transmitting the data to the intended device and not to an imposter?

One way of ensuring the integrity of the transaction is to use digital certificates to prove the identities of both machines. Without getting into the details of the public/private key cryptography technology that makes this possible, an IIoT device can verify the certificate holder is the entity specified by the certificate.

These services are enabled using public/private key cryptography providing the technical underpinnings of PKI. The result, which is what really matters, is a device can verify, with cryptographic certainty, the holder of the PKI certificate is really who it claims to be and not an imposter.

Design category: