Editor’s note: We believe that security is a key component to the ultimate success of the Internet of Things. In this guest blog post, one of our security partners, Thales, explains how their systems are used to establish the “root of trust” on Samsung ARTIK modules.
Today, our lives revolve around technology more than ever before – and we become more connected each day. Whether it’s the latest developments in connected cars or a smart refrigerator that tells us when we need to buy more milk, we are forever hearing about how the latest devices will transform how we go about our daily routines.
If we are to further integrate these connected devices into our personal and professional lives, trust in the technology is crucial. But in today’s threat landscape, where data breaches are commonplace and hackers will stop at nothing to get their hands on our personal data, establishing this level of trust is not always that simple.
At Thales e-Security, establishing a “root of trust” is at the heart of what we do. Offering cryptographic solutions to a range of industries, we are a leading global provider of data protection solutions with more than 40 years’ experience in securing the world’s most sensitive information.
With this firmly in mind, we teamed up with Samsung ARTIK to ensure that the connected world of the future is as secure as possible.
Every connected device needs a form of unique identification – even before it has an IP address. This digital credential acts much like a birth certificate for the device and establishes the root of trust for the device’s entire lifecycle, from initial design through deployment, and into device retirement.
Samsung burns a unique digital ID into each ARTIK module using the strongest cryptographic processing available from Thales. This digital ID provides a guaranteed means to verify the authenticity and validity of device and provides a foundation for the secure storage and processing of private data. Thales systems are then used for code-signing of the secure boot image to make sure the image has not been tampered with.
But it doesn’t stop there – managing and protecting these digital certificates is a crucial piece of the puzzle. The Internet of Things demands large scale management and protection of digital certificates and the underlying keys in an efficient and operationally friendly manner. Thales’ Hardware Security Modules help secure the process of issuing certificates and protecting and managing signing keys throughout their lifecycle, in a tamper-proof environment – ultimately preventing the loss or theft of keys.
Working with Samsung, we will help bring innovative devices and solutions to market with strong security built in right from the outset. Trust and security are critical to the interaction of devices, people and things. It goes far beyond just ensuring the data stored in the latest model of a smart tea kettle is secure; it’s about building a secure IoT ecosystem on a foundation everyone can trust.