PKI Blog

Layering Certificate-based Authentication Security onto ThingWorx IoT Platform

Posted by CSS Technical Team on May 19, 2017 1:59:29 PM

Congratulations, you’ve chosen ThingWorx to launch and manage your IoT devices, applications and data. Your goals are clear, your code has been tested and the connections are ready to engage. Unfortunately, you’ve forgotten a critical component that will sadly cause your entire project to fail.

Added layers of security, specifically unique device key authentication.

Read More

Topics: IoT, Internet of Things (IoT), PKI for IoT, Cyber Security, ThingWorx

SAP's "The importance of client certificates in IoT"

Posted by Ted Shorter on Jun 9, 2016 1:56:24 PM

Jay Thoden van Velzen from SAP recently published a very interesting blog describing the use of certificate metadata as a mechanism to enhance IoT authentication.  We wholeheartedly agree with the approach.  CSS’ VerdeTTo solution is based on a similar concept, and allows us to leverage the massive scalability and certificate metadata capabilities of our CMS PKI operations management platform to transform certificates and metadata into device identities, attributes, and authenticators.

Read More

Topics: IoT, Internet of Things (IoT), SAP

IoT Security Concerns in the World of Healthcare Devices

Posted by CSS Technical Team on Apr 26, 2016 11:25:11 AM

Healthcare Devices: Then and Now

Healthcare devices through the ages: what was once a cumbersome trip to the doctor for testing, followed by a series of manual documentation steps, is now a convenient, internet-connected wearable device that automates the transmission of patient information. Implanted devices are only one of many different wearable devices out on the market today. The majority of wearable healthcare devices connect to an internet or cloud-based system that allows users to interact with those devices while transmitting information to be used for actionable medical insight.

Read More

Topics: embedded certificates, SCEP, X.509 digital certificates, Internet of Things (IoT), IoT Healthcare, Healthcare, Wearables Security, Root of Trust, Device Security, PKI Integration, embedded encryption

Why is IoT Security So Critical?

Posted by CSS Technical Team on Mar 18, 2016 11:12:22 AM
IoT Security: the area of the information security industry aimed at securing devices, data, people and applications within the Internet of things (IoT).


What makes IoT Security so important? The growth of internet-connected data, devices, applications and users has exploded exponentially. IoT is carrying over into such a wide array of products and services: mobile devices, wearables, medical devices; everything under the sun can now be connected to the internet.

Read More

Topics: embedded certificates, SCEP, Internet of Things (IoT), IoT Security, PKI for IoT, Root of Trust, Device Security

2016 Public Key Infrastructure (PKI) and Internet of Things (IoT) Security Predictions

Posted by CSS Technical Team on Jan 21, 2016 10:59:45 AM

In 2016, the need for trusted digital identities will become paramount to the overall security within the global Internet.  As businesses continue to brace against cyber-adversaries and look to secure the Internet of Things (IoT), Public Key Infrastructure (PKI) is making a resurgence as an economical, reliable, and proven technology that delivers a secure and high-performance solution.

Read More

Topics: PKI, Internet of Things (IoT), IoT Security

Ripple Effects of ECC Key Patent Trolling

Posted by Michael F. Starke on Dec 7, 2015 4:59:00 PM

Digital identity authentication and data encryption are expanding exponentially with our growing reliance on the Internet of Things (IoT). Companies are looking to technology to minimize risk, protect assets, and reduce operational expense by safeguarding access to information and systems.  In the past, user names and passwords used to be the gold standard but as we learn more about security in a hyper-connected world, alternate methods relying on Public Key Cryptography have become very popular. As if it’s not complicated enough to identify and implement the right blend of security technology for a specific use case, along comes CryptoPeak Solutions LLC to throw a monkey wrench into the works.

Read More

Topics: Internet of Things (IoT), ECC key patent trolling, digital certificate security

Authentication in an Ultra-Connected World: Internet of Things

Posted by Ted Shorter on Oct 1, 2015 6:05:00 AM

As PKI practitioners, we’ve been asked the question for years: “What’s the best way to get a digital certificate on _____?” What gets filled into the blank has expanded dramatically over time, however. Ten years ago, certificates landed primarily on what I’d describe as “traditional” IT infrastructure – servers, desktops, laptops, smart cards, RADIUS servers, or VPN concentrators. But since then, things have gotten much more interesting. Handheld scanners. Surgical robots. VOIP phones. Set-top boxes. Cable modems. Even heart monitors and IV pumps.

Read More

Topics: install certificates onto devices, digital certificates, cert, embedded systems, certificate, Microsoft Security Partner, expired digital certificate, Public Key Infrastructure, Certificate Management System (CMS), Industry Trends, Microsoft Public Key Infrastructure, Cisco Internet of Things, embedded certificates, embedded devices, Microsoft PKI, X.509 digital certificates, Internet of Things, IoT, Blog, Internet of Things (IoT), certificate install, BYOD, PKI Assurance

The critical role of authentication in the Internet of Things (IoT)

Posted by Sarah Hance on Sep 11, 2015 2:15:00 PM
The proliferation of Internet-connected consumer devices is leading to an exponential rise in unsecured remote access. While it’s commonplace for companies to implement authentication technologies that verify the digital identities of traditional internal system endpoints, such as servers, applications, or mobile devices, the Internet of Things (IoT) introduces new use cases that, in some cases, warrant more stringent security measures. These new use cases focus on addressing the security vulnerabilities of Internet-connected consumer device endpoints, which, if compromised, have the potential to harm living things, the environment and infrastructures.
 
Read More

Topics: Internet of Things (IoT)

Securing Internet Enabled Consumer Devices (IoT)

Posted by CSS Technical Team on Mar 2, 2015 8:00:00 AM

The Internet of Things (IoT) or the Internet of Everything (IoE) is coming. Ok, so it's already here.  A snowball rolling down a slope gaining momentum and size, IoT is dominating trade show floors and executive agendas.  As the world smiles while dreaming of high availability cloud based "smart devices" we as security professionals shudder at the thought of privilege escalation and man in the middle attacks.  It's our job to ensure digital user identity, to secure the internet of things.

Read More

Topics: digital certificate, certificate, Internet of Things (IoT), Internet of Everything, consumer security

Posts by Topic

see all

Want to Learn more about CSS?