Kigen Open IoT SAFE initiative simplifies secure IoT communication

iot communication

As IoT becomes a massive market composed of billions of connections securing it involves an enormous and continuously growing threat surface and raised stakes. Consequences extend far beyond initial breaches to what is done with stolen data and the reputational damage that is caused.

Research by security specialist, Kaspersky, has uncovered that more than 1.5 billion attacks have occurred against IoT devices in the first six months of 2021. The firm’s telemetry data, which it draws from its honeypots that collect attack information, has shown that cyberattacks on IoT devices have increased by more than 100% since the previous half-year[1]. The IoT industry is trying to be proactive and put security in place from the very start of deployments because it is well understood that the promise of IoT won’t be achieved if trust is lost. IoT relies on users putting their data, hardware and processes in its hands in order to provide improved experiences, greater revenue and enhanced efficiency. If it is perceived as insecure, adoption will be slower and more cautious, with innovation correspondingly delayed.

“It is vital for the trustworthiness of the Internet of Things (IoT) that we take a secure-by-design approach by properly protecting and processing the credentials used to secure data exchange between the IoT device and the cloud,” Ian Pannell, the chief engineer at GSMA, has said. “Otherwise, enterprises will not be able to rely on the quality, accuracy or integrity of the data being collected, rendering it useless or even worse, dangerous.”

Alongside secure by design principles, one of the most important IoT security initiatives is improvements to the security of the connected device. Harnessing the security inherent in the secure element is an obvious answer, as is utilising the capabilities of the SIM, as it is mandated for achieving best in class authentication to the cellular networks.. However, all the while the SIM was a removable component, an IoT device manufacturer or deployer couldn’t rely on it being able to support additional features to achieve securing their IoT network and communications from the device to the IoT data aggregator or manager.

The arrival of the embedded SIM (eSIM) and integrated SIM (iSIM) solved this dependency by allowing additional security to be included and enabled in the SIM and then manufactured as a permanent fixed capability of the device for its life. This then ensures it is secure in operation once it automatically configures the connection at the point of deployment.

The IoT SAFE (IoT SIM Applet For Secure End-to-End Communication) has been developed by the mobile industry at GSMA to provide a common mechanism to secure IoT data communications, offering a repeatable and scalable approach on all types of SIM for original equipment manufacturers (OEMs). IoT SAFE uses the SIM as a miniature crypto-safe inside the device to securely establish a datagram transport layer security (D)TLS session with a corresponding application cloud or server. It provides a common application programme interface (API) for the SIM  to be used as a root of trust by IoT devices and, in this way, can address the security challenge of provisioning millions of devices. The applet enables IoT devices to compute shared secrets and keep long-term keys secret and supports provisioning and credential management from a remote IoT security service.

However, improvements are needed in ease of deployment to encourage adoption of IoT SAFE. To achieve this, Kigen has created the Open IoT SAFE initiative by combining GSMA IoT SAFE with the IETF’s (Internet Engineering Task Force) Enrolment over Secure Transport publication (RFC 7030). This brings together two important principles:

  1. The use of the standard DTLS-secured IP channel, with the credentials securely injected into the device at the point of manufacture.  This is used to establish a secure interface, over a device’s connectivity, to communicate with the cloud’s on-boarding service.
  2. The use of on-board key generation directly inside the device which remain in the secure, tamper-resistant element.

These principles eliminate complexity and effort by each party that wants to use the service and ensure that any device should be able to exchange any data across any network and securely exchange that data with a given enterprise on any cloud.

Security adoption stands or falls on the ease with which it can be deployed, managed and updated. Kigen’s Open IoT SAFE initiative offers simple, unified zero touch provisioning. This lowers the barriers to access hardware-based security for more effectively protecting credentials, with the use of open systems based on standards that do not demand complex integration. In addition, the initiative treats enterprise security credentials with the same level of protection as mobile network authentication credentials, bringing communications industry grade security to IoT.

[1] https://www.techdigest.tv/2021/09/iot-cyber-attacks-double-in-first-half-of-2021.html

FEATURED IoT STORIES

9 IoT applications that will change everything

Posted on: September 1, 2021

Whether you are a future-minded CEO, tech-driven CEO or IT leader, you’ve come across the term IoT before. It’s often used alongside superlatives regarding how it will revolutionize the way you work, play, and live. But is it just another buzzword, or is it the as-promised technological holy grail? The truth is that Internet of

Read more

Which IoT Platform 2021? IoT Now Enterprise Buyers’ Guide

Posted on: August 30, 2021

There are several different parts in a complete IoT solution, all of which must work together to get the result needed, write IoT Now Enterprise Buyers’ Guide – Which IoT Platform 2021? authors Robin Duke-Woolley, the CEO and Bill Ingle, a senior analyst, at Beecham Research. Figure 1 shows these parts and, although not all

Read more

CAT-M1 vs NB-IoT – examining the real differences

Posted on: June 21, 2021

As industry players look to provide the next generation of IoT connectivity, two different standards have emerged under release 13 of 3GPP – CAT-M1 and NB-IoT.

Read more

IoT and home automation: What does the future hold?

Posted on: June 10, 2020

Once a dream, iot home automation is slowly but steadily becoming a part of daily lives around the world. In fact, it is believed that the global market for smart home automation will reach $40 billion by 2020.

Read more
RECENT ARTICLES

Partnership with Nokia helps Clavister expand in Australia

Posted on: January 19, 2022

Ornskoldsvik, Sweden. 19 January, 2022 – Clavister, a provider of European carrier-grade cybersecurity solutions for mission-critical applications, announced an order intake from a Railway Infrastructure company in Australia

Read more

Wi-Fi 6E trial in Turkey hailed a success by Turk Telekom

Posted on: January 19, 2022

London, UK. 19 January, 2022 – Wireless Broadband Alliance (WBA) member, Turk Telekom, announced the successful completion of Wi-Fi 6E trials designed to demonstrate how the technology can be used to enhance speed and capacity in a variety of different end-user scenarios. Wi-Fi is vital to the success of Turk Telekom, who has the Wi-Fi footprint in

Read more