5g
Factories of the Future
Media & Entertainment
Smart Cities
Smart Energy
Smart Ports
SME Opportunities
Societal Impacts
Technology Development
Telecoms Providers
5G CAM
5G Automotive
5G CAM KPIs
5G CAM Standardisation
5G Corridors
5G Multimodal Connectivity
5G Transport Network
Artificial Intelligence & Machine Learning
Artificial Intelligence & Machine Learning in big data
Artificial Intelligence & Machine Learning technologies
Big data
Big data algorithms
Big data analytics
Collaborative Classification and Models
Business Models, Process Improvement, Contract Management, KPIs and Benchmarking Indexes
Collaboration Risk and Value Sharing
Collaborative Planning and Synchromodality
Customs & Regulatory Compliance
Environmental Performance Management
Logistics Optimisation
Stock Optimisation
Supply Chain Corrective and Preventive Actions (CAPA)
Supply Chain Financing
Supply Chain Visibility
Common Information Objects
Booking
Customs Declarations
Transport Service Description
Transport Status
Waybills
Computing and Processing
Big Data Management and Analytics
Cloud
Edge
Fog
Knowledge Graphs
Machine Learning
MIST
Stream Processing
Connectivity
Architecture
Blockchain
Connectivity Interfaces
Technologies (Bluetooth, Ethernet, Wifi)
Data Management, Simulation and Dashboards
Dashboards
Data Fusion
Data Governance, Integrity, Quality Management and Harmonization
Event Handling
Open Data
Simulation
Statistics and Key Performance Indicators (KPIs)
Data market
Data ecosystem
Data marketplace
Data Platform
Data Providers
Devices
IoT Controllers
IoT Gateways
IoT Sensors
Tracking Sensors
Digitisation Frameworks
Control Towers
Data Pipelines
e-Freight
e-Maritime
National Single Windows
Port Community Systems
Federation
Data Federation
Platform Federation
Industrial IoT Sectors
Rail Sector Active Predictive Maintenance
Interoperability
Data interoperability
Data interoperability mechanisms
Interoperability solutions
Platform interoperability
IoT Secuirty, Privacy and Safety Systems
PKI Technology
Privacy-preservation
Data privacy preserving technologies
Privacy preserving technologies
Project Results
5G-SOLUTIONS Deliverables
5G-SOLUTIONS Publications
CHARIOT Capacity Building and Trainings
CHARIOT Deliverables
CHARIOT Publications
SELIS Deliverables
SELIS Publications and Press Releases
Project Results - 5g Routes
5G-ROUTES Deliverables
5G-ROUTES Innovation
5G-ROUTES Publications
Project Results - TRUST
TRUST Deliverable
TRUSTS Publications
Safety, Security and Privacy Systems
Access Management
Coordinated Border Management
Information Security
International Organisations
Risk Assessment and Management
Risk Management
Safety and Security Assessment
Source Code Analysis
Sectors and Stakeholders
Airports and Air Transport
Banks, investors and other funding providers
Custom Authorities
Facilities, Warehouses
Freight Forwarders
Inland Waterways
Multimodal Operators
Ports and Terminals
Railway
Retailers
Road Transport
Shippers
Shipping
Smart Buildings
Trusties and other Intermediary Organizations
Urban and Countryside Logistics
Urban Logistics
Sectors and Stakeholders - TRUST
Audit & Law firms
Corporate offices
Enterprises
Financial Institutions
Telecommunications
Security
Secured Data
Secured Infrastructure
Secured Platform
Sovereignty
Data sovereignty
Standards
Good Distribution Practices
International data standards
International Organization for Standardization (ISO)
UN/CEFACT
World Customs Organization (WCO)
Supply Chain Management
Business Models, Process Improvement, Contract Management, KPIs and Benchmarking Indexes
Risk Management
Risk-Based Controls
Screening and tracking
Supervision Approach
Technologies
5g
Agile Deployment, Configuration Management
Business Applications
Business Integration Patterns, Publish-Subscribe
Cloud Technologies/Computing, Services Virtualisation
Cognitive
Community Node Platform and Application Monitoring
Connectivity Technologies (Interfaces and Block Chain)
Hybrid S/T Communication and Navigation Platforms
IoT (Sensors, platforms)
Mobile
Physical Internet (PI)
Public key infrastructure (PKI)
Radio-frequency identification (RFID)

Public key infrastructure (PKI)

PKI AND IOT: ARE THEY COMPATIBLE?
26/03/2020 00:00:00

IOT ECOSYSTEMS ARE NOW AN INTEGRAL PART OF CORPORATE INFORMATION SYSTEMS AND BUSINESS AREAS. REQUIREMENTS RELATING TO THEIR ENVIRONMENT COUPLED WITH A LACK OF STANDARDIZATION IMPACT THE INTRODUCTION OF CONTROLLED SECURITY FOR THESE ECOSYSTEMS.

In the face of these challenges, deploying a PKI (Public Key Infrastructure) – a reliable and recognized technology – to establish a trust platform and guarantee the digital identity of people, devices and things is widely considered to be the best solution.

But how do we adapt PKIs to these new forms of communication? How do we manage the risks to ensure a successful transition to the world of IoT? Who will assist users as they implement their projects?

Answers below from Guillaume Richard, Manager of IDnomic’s newly created Consulting Department.

How do you think it’s possible to secure IoT ecosystems?
Connected objects collect, record and share data from the physical world. They establish a link with the digital world, and this link must be protected. With IoT infrastructures, the stakes are made even higher by the fact that an attack can have a real impact on the physical world.

Cybersecurity is therefore one of the main challenges of any IoT project and must form the foundation of trust in this new phase of digital transformation. To create this virtuous cycle, innovation, trust and cooperation are key. Innovation that reinforces trust reassures users while structuring the market at the same time. In this context, PKIs offer an appropriate and proven solution to many issues ranging from user and object authentication to data integrity and personal data protection.

How does an IoT PKI differ from a PKI designed for companies with more “traditional” trust needs?
Some of our customers already have a PKI which fulfills a specific purpose, but have not considered its other potential uses. Others, still in the “thinking” phase, seek to benefit from personalized support in choosing the best scenarios (functional, rollout methods, etc.).

This is precisely when it makes sense to call on a specialized PKI provider like IDnomic.

For an IoT project, implementing a PKI comes with special needs which may require assistance. For instance, specific use cases, integrating the trust point into the object and automating the certificate lifecycle are aspects that must be taken into account.

IDnomic has solid expertise is this field, acquired in particular over the past four years through its work on ITS (Intelligent Transport Systems).

What are the advantages of the PKI that you developed for ITS, the vehicles of the future?
In the near future, all our vehicles will communicate not only with each other but also with the roadside, sharing data in order to regulate traffic, increase safety and lessen the environmental impact of transportation.

Identifying each device and securing data exchange without invading users’ privacy are the challenges that these intelligent transport systems must meet.

PKIs perfectly meet these needs, offering a trust domain to an ecosystem carrying strict requirements in terms of the number of users, message volumes and personal data protection. They offer the benefit of a flexible, secure environment which allows any intelligent transport entity to verify the integrity of messages received, prevent tampering and malicious activity during data exchange and reinforce access while ensuring the “pseudonymization” of personal data.

Does the Industrial Internet of Things face the same challenge?
Absolutely. If altered, data integrity and industrial object identification in the IoT infrastructure can directly impact critical decision-making.

The Industrial IoT (IIoT) has matured with regard to value-added use cases such as predictive maintenance and intelligent diagnostics. The issues have been clearly identified, especially in terms of broad-scale project implementation: increased attack surface, updating a fleet of connected objects, organizational impact, and so on.

Yet connected objects are not included in traditional industrial security models, standardization is relatively inexistent and certain technological aspects such as object authentication and end-to-end data protection are still not fully developed today. As a result, companies are unsure of how to best manage connected object security.

Convergence with company IT is crucial, because it allows objects to benefit from increasingly mature standards and tools (mobile device security, SIEM, etc.). PKIs are no exception, and will be one of the major technologies of this industrial security.

How can we increase the role attributed to cybersecurity in IoT projects?
Companies initially needed to determine the value that connected objects would generate for their different business areas. They did this by answering preliminary technical questions – Which objects and communication technologies should we use? – in order to provide initial data.

Cybersecurity was sometimes placed on the back burner because at first it was perceived as non-essential. This can be harmful for at least two reasons:

Planning cybersecurity in the early stages of a project is not necessarily complex. Involving a person from the security team or analyzing the macro risks is a way to identify initial requirements and move forward on this topic simultaneously.
Addressing cybersecurity later in the project can be extremely difficult, especially given the limitations of the objects and their communication infrastructure (e.g. cryptographic capacity, processing performance level, data storage, communication protocol).
For cases involving General Data Protection Regulation (GDPR) compliance or the management of ongoing compliance with security requirements, the chosen solution is adapted after the fact. But an approach known as “privacy by design” takes account of cybersecurity requirements from the outset so solutions don’t have to be adapted at a later stage.

The role of IDnomic’s Consulting Department is precisely to help our customers clarify their needs and determine whether they can be met by a PKI. Of course, a PKI is not systematically proposed. Our analysis, potentially combined with a Proof of Concept (PoC) phase, makes it easy to gain an initial understanding of existing needs.

We also work with players involved in the IoT, including industry stakeholders who use the objects as well as object manufacturers who play a key role in rolling out security solutions. Lastly, we aim to work in close collaboration with our partner integrators, who are involved from start to finish in projects in which a PKI has been deployed.

What approach would you recommend to customers seeking to secure their IoT infrastructure?
We recommend a pragmatic approach that consists in choosing a sub-set of the IoT infrastructure to assess the PKI’s ability to enhance security.

This allows customers to determine whether the solution meets their IoT need, to measure the complexity of integrating the solution into their environment for industrial purposes, and to analyze the requirements stemming from their ecosystem as well as the effort needed for successful deployment.

This type of assessment, which is simple and reassuring, makes it possible to quickly make choices that are necessary for the implementation of connected system security in compliance with industry standards.

In fact, this is the reason we set up a PoC program dedicated to IoT markets. We adapt our program to use cases, addressing both the manufacturers and users of connected objects. This attractive, exclusive offer is managed by the Consulting Department and Project Team at IDnomic.

Reference Link

Attached Documents

The “CHARIOT IoT Search Index” aims to provide a web location where publications, articles, and relevant documents can be centralized hosted in a well-structured and easily accessed way.

Tags

Contact Us
Enter Text
Contact our department