logo
Welcome Guest! To enable all features please Login or Register.

Notification

Icon
Error

Options
Go to last post Go to first unread
chariotadmin  
#1 Posted : 14 August 2019 15:58:36(UTC)
chariotadmin

Rank: Administration

Groups: Administrators
Joined: 07/09/2018(UTC)
Posts: 0

Thanks: 2 times
  • Secure access control.

With a unique verifiable identity you can determine what level of access to grant to that device. In addition, you can now deny access to anyone who does not have a proper certificate – no cert, no way. In addition, if you find out a certificate has been somehow compromised, because it is unique and identifiable, you can revoke its access privileges and that certificate will no longer be granted access.

  • Mutual Authentication.

In the days before IoT and autonomous networked devices, the device didn’t need to be authenticated, just the servers. You wanted to make sure that the website you were logging into was actually a bank and not some bogus phishing site. The bank authenticated your identity through your login and password. With IoT, the device needs to be authenticated and the device also needs to authenticate the server it is talking to. With digital certificates and secure elements, this is now practical.

  • Secure Over-the-Air (OTA) Update.

The problem with many devices today is that they will accept software updates from anyone. Remember, you want a device to only accept software that is verified and comes from a trusted server. The certificates allow the device to prove it should receive an update and which one, and the cryptography in the secure element allows the device to verify the server as well as the signed code.

Reference

Edited by user 14 August 2019 15:59:43(UTC)  | Reason: Not specified

ssensini  
#2 Posted : 19 August 2019 10:34:21(UTC)
ssensini

Rank: Advanced Member

Groups: Registered
Joined: 19/08/2019(UTC)
Posts: 0
Italy
Location: Rome

There even two more benefits that came to my mind:

- Using digital signature: a user can digitally sign the data, using his private key. The data recipient can decrypt the signature using the sender's domain controller. This leads to many advantages: the communication coming from the sender cannot be received by anyone else, no changes can be made during the transit and, finally, the sender cannot subsequently deny having sent it. This leads to the next point, that is

- Software Code Signing, that is a very important task for this project. A piece of code is signed by the developer itself. The recipient can then be sure that the code is as has been sent, in particular that it has not been infected by a malicious code; in this case, if the recipient trusts the originator, the user can accept the code.
Users browsing this topic
Forum Jump  
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.