PKI Blog

Fog Computing and the IoT

Posted by CSS Technical Team on Nov 28, 2016 2:06:17 PM

Fog Computing: When the Cloud is Not Enough

How Do We Manage the Massive Amounts of Data Generated by the IoT?

The Internet of Things (IoT) market and its exponential growth are bringing many improvements and considerable revenue to almost every conceivable vertical. Now that most industries have a handle on what the IoT is, the public is watching it benefit both consumers and businesses alike. The IoT is generating detailed insights into consumer behavior, thereby improving product design and functionality, and also, according to Cisco, accelerates response to events, which ultimately enhances safety, improves service levels and increases output.

Read More

Topics: embedded certificates, SCEP, X.509 digital certificates, Internet of Things, IoT, PKI for IoT, Fog Computing, Root of Trust, Device Security

How Cloud-Based Services and IoT are Influencing PKI Deployments

Posted by CSS Technical Team on Nov 20, 2016 10:19:13 PM

Cloud-based Services and the Internet of Things (IoT) Driving PKI

The Explosion of Cloud-based Apps and the IoT are Creating the Need to Reinforce PKI Environments 

The takeover of the cloud has brought countless businesses to pursue cloud migration over the past few years in an effort to take advantage of cost and operational efficiencies. The shift began with storage and simpler applications such as email, and has progressed to more complex applications, many of which require authorization and security to be used.

Read More

Topics: embedded certificates, SCEP, PKI, X.509 digital certificates, Internet of Things, IoT, Cyber Security, PKI in the Cloud, Cloud based, Root of Trust, IoT Identity Management

Securing Network-Connected Sensors in the Energy Industry

Posted by CSS Technical Team on Oct 20, 2016 1:24:39 PM

How Can the Energy Sector Protect Itself From Cyber Threats?

The Takeover of Network-Connected Sensors in the Energy Industry

The problems of the energy sector, including increasing conservation efforts, greater emphasis on alternative energy sources, and the concurrent use of more power, may be a challenge to resolve, but many solutions lie in technology; particularly the innovations available through Internet of Things applications, as pointed out by Deloitte.

Read More

Topics: Internet of Things, IoT, energy iot

The Risks of Cryptographic Anarchy

Posted by Wayne Harris on Jun 15, 2016 11:46:34 AM

Why are we talking about assurance?

‘Assurance’ in the realm of PKI, tends to be one of those topics that is almost guaranteed to send a PKI design meeting down a rabbit hole. And unfortunately, many customers prefer the blue pill, rather than committing to an effort commensurate with a rigorous examination of risk, impact and assurance in the certificate space.

Read More

Topics: PKI, Internet of Things, IoT, PKI CA, IoT Security, PKI for IoT

Authentication in an Ultra-Connected World: Internet of Things

Posted by Ted Shorter on Oct 1, 2015 6:05:00 AM

As PKI practitioners, we’ve been asked the question for years: “What’s the best way to get a digital certificate on _____?” What gets filled into the blank has expanded dramatically over time, however. Ten years ago, certificates landed primarily on what I’d describe as “traditional” IT infrastructure – servers, desktops, laptops, smart cards, RADIUS servers, or VPN concentrators. But since then, things have gotten much more interesting. Handheld scanners. Surgical robots. VOIP phones. Set-top boxes. Cable modems. Even heart monitors and IV pumps.

Read More

Topics: install certificates onto devices, digital certificates, cert, embedded systems, certificate, Microsoft Security Partner, expired digital certificate, Public Key Infrastructure, Certificate Management System (CMS), Industry Trends, Microsoft Public Key Infrastructure, Cisco Internet of Things, embedded certificates, embedded devices, Microsoft PKI, X.509 digital certificates, Internet of Things, IoT, Blog, Internet of Things (IoT), certificate install, BYOD, PKI Assurance

Heartbleed Vulnerability: What You Need to Know

Posted by Wayne Harris on Apr 9, 2014 10:56:36 AM

On April 7, 2014 a severe vulnerability called “Heartbleed” was announced. Heartbleed is a vulnerability within the OpenSSL 1.0.1 series software that is described in the NIST CVE-2014-0160 announcement. In short, this vulnerability allows hackers access to portions of a vulnerable system’s memory, leading to the potential exposure of passwords, sensitive data, and certificate private keys on affected systems. Heartbleed accomplishes this by exploiting a weakness in the “TLS Heartbeat Extension,” exposing server memory. Even worse, this heartbeat attack can be repeated without the awareness of the victim, and each iteration reveals another 64k snapshot of memory to the attacker. This very serious vulnerability exposes the most sensitive data of affected systems.

The good news: the vulnerability has a patch. However, the widespread adoption of the OpenSSL 1.0.1 series software, coupled with the two years that this vulnerability has existed, means that the risks attributable to Heartbleed are enormous. Current estimates predict that over 500,000 systems may be vulnerable. Specifically, the Heartbleed vulnerability affects those systems that use OpenSSL 1.0.1 (a-f). Unfortunately, since this software is so widely implemented, many popular OS platforms are affected and thus vulnerable. I would suggest visiting the CERT Web Site for a more list of affected platforms. It is worth mentioning that this is a developing story, and as such, the list of affected platforms is likely to change.

Read More

Topics: 64k, Heartbleed SSL, Heartbleed, expired digital certificate, Public Key Infrastructure, Certificate Management System (CMS), Industry Trends, SSL vulnerability, OpenSSL, Heartbleed vulnerability, TLS Heartbeat Extension, Azure PKI, PKI as a Service (PKIaaS), NIST CVE-2014-0160, heartbleed bug, Internet of Things, Blog, heartbleed help

AirWatch & CSS - Partnership Featuring Certificate Management System

Posted by Sarah Hance on Sep 24, 2013 11:58:24 AM

Cleveland, OH - September 24, 2013 - Certified Security Solutions' Certificate Management System (CMS) is featured in the AirWatch Marketplace as a fully integrated mobile certificate solution. Developed to give AirWatch customers and partners a centralized location to identify technologies that complement their investments in AirWatch and additional mobile avenues, the AirWatch Marketplace is reserved for top solution providers with proven integration benefits.

Read More

Topics: digital certificate, digital pki, Public Key Infrastructure, issue mobile certificate, AirWatch, PKI, cert management, Microsoft PKI, mobile certificate, certificate management, Internet of Things, expired certificate, AirWatch marketplace, Press Releases, BYOD

Posts by Topic

see all

Want to Learn more about CSS?