Cybersecurity and IoT company WISeKey International Holding launched this week its global solution for securing the Internet of Things (IoT). The WISeKeyIoT is a scalable framework, offering digital Public Key Infrastructure (PKI) certificates for connected devices, protected in certified tamper resistant silicon chips, as well as an outsourced or on-premises certificate management system, with device life cycle control functions and security enforcement entities.
The digital PKI certificates can be signed by the publicly trusted root, owned by OISTE and operated by WISeKey. The WISeKey IoT Certificate Management System (CMS) is a software tool with a user-friendly interface and easy-to-integrate API that manages the life-cycle of devices and their digital certificates. These certificates are signed by WISeKey’s Certificate Authority and optionally the OISTE Root of Trust.
The optional security broker performs the authentication and validation of the messages coming from the different IoT devices and transfers only trusted messages to the IoT platform of our customer. The WISeKey IoT framework can be integrated into an IoT platform by customers and no additional security mechanisms need to be implemented.
The WISeKey IoT framework also includes secure provisioning solutions to help maintain consistent high system security, even when the IoT device is in an unsecured environment like during production or in the field. Device configuration and firmware upgrades are made easy and secure at all times.
WISeKey IoT CMS can be installed on customer premises, or outsourced to WISeKey and located in one of our secure data centers in Switzerland, USA, India or China. The managed platform can be accesses through a browser and a web-service API. The CMS and the framework are compatible with third party Certificate Authorities (CA), such as the Microsoft PKI or the Enterprise Java Beans Certificate Authority (EJCBA) open source CA.
The IoT is a very promising new business segment for WISeKey, with an estimated 50 billion devices are expected to be connected by 2020, while world’s population is estimated to grow to 6.8 billion; thus, there will be more than 7 devices per person connected to the internet by 2020.
As a result, a huge and increasing amount of data will be interchanged between connected devices and back-end servers, allowing companies to provide users with new type of exciting applications, which will be designed to offer increased control over the use of resources: improve efficiency in power grids, optimize processing of information in industrial environments, provide better and higher quality healthcare services and personalized experience for shopping or leisure, among others.
This is only possible though, if the data can be trusted. The IoT business case will collapse if over time hackers get access to devices, change the way they operate, intercept and modify data, or bring down systems by executing Distributed Denial of Service attacks through the devices on a network.
It is therefore crucial to implement security features in the system from scratch. Not only in the back-end system, using the PKI technologies proposed by the framework WISeKeyIoT, but as well as in the otherwise vulnerable connected objects in the field, made secure through the tamper resistant chip technology, all part of the WISeKey framework.
“We are the only company able to combine in-house expertise in certificate distribution and management with our certified tamper resistance semiconductor technology, and offer a global security framework for the IoT. This technology offers a really seamless solution for the most cost effective integration of security in devices and back end systems,” said Bernard Vian, General Manager of WISeKey Semiconductors.
“Currently, there is a huge number of malware currently invading the internet, which can easily hack personal computers due to lack of and/or low security, including poor passwords. As billions of new devices continue to connect to the IoT each year, many continue to remain unprotected, which provide hackers with an opportunity to easily hack personal and corporate data,” said Benoit Makowka, Vice President and head of the IoT business line of WISeKey. “The best defense against hacking is a tamper resistant chip installed on each device, on which we can build a global trust structure, leading to a publicly available certification of the authenticity for each device and the data it handles. With WISeKeyIoT, we not only offer the system and components needed to build a secure IoT, but as well as the expertise and flexibility needed to help our customers to integrate the right security solution in the vast variety of the IoT landscape. This a truly unique position on the market.”