The complex and dynamic nature of Internet-of-Things (IoT) systems requires cryptographic key management services to ensure IoT units operate at high speed and are reliable and scalable. EIT Digital has begun work to meet these needs by developing new advanced IoT key security services which would facilitate the roll-out and maintenance of secure IoT systems from the outset. By focusing on the secure management of cryptographic keys the team behind the innovation hopes to avoid the need for security patches or add-ons.
— EIT Digital (@EIT_Digital) March 9, 2017
A cryptosystem is a suite of cryptographic algorithms used to implement a particular security service, most commonly for achieving data confidentiality, integrity and authenticity. A key-based cryptographic system typically achieves these goals by using symmetric keys shared between two parties, or asymmetric key pairs – a public key known to everyone and a private or secret key known only to the security system manager.
The work for developing new advanced IoT key security services will be run out of EIT Digital’s “Advanced Connectivity Platform for Vertical Segments” (ACTIVE) High Impact Initiative*, which focuses on developing an advanced connectivity Internet-of-Things platform adoptable in various vertical segments. It will deliver, among other things, services for secure management, interaction and communication on IoT platforms.
Task Leader Marco Tiloca, Senior Researcher at the Swedish Research Institute RISE SICS, explained:
“The secure management of cryptographic keys is a vital requirement for fulfilling the security needs of IoT systems. To meet this, we have designed and developed a first set of fundamental security services to enable secure initialisation of IoT units, and enable the efficient and scalable distribution of cryptographic keys.
“We have also designed a number of fundamental functionalities related to the management of cryptographic keys as one of the first outputs from the development work. They include approaches for secure bootstrapping** and registration of newly deployed IoT units, as well as the secure generation and distribution of cryptographic keys between individual IoT units and between clusters of devices connected to the IoT infrastructure.”
The modular and extendible security architecture developed as part of the ACTIVE work is based on the standard Lightweight Machine-to-Machine protocol (LWM2M), used for defining communication protocols between servers and IoT units. The first functional version of the architecture was presented at the EIT Digital demo at the “Internet Dagarna” event in Stockholm in November 2016.
*The Advanced Connectivity Platform for Vertical Segments High Impact Initiative is part of EIT Digital’s Digital Infrastructure Action Line, that focuses on enabling digital transformation by providing secure, robust, responsive and intelligent communications and computation facilities for various markets.
The following EIT Digital partners contribute to the work of the Advanced Connectivity Platform for Vertical Segments: Ericsson (Sweden and Finland), Engineering Ingegneria Informatica (Italy), RISE SICS(Sweden), and Tampere University of Technology (Finland). Of these, Ericsson and RISE SICS, have participated in the development of the new advanced IoT key security services.
EIT Digital Innovation Activities deliver new products or services, create startups and spinoffs to commercialise outputs from projects, and encourage the transfer of technologies for market entry.
**Bootstrapping refers to the process of loading the basic software, especially the operating system, into the memory of a device after power-on or general reset, which will then take care of loading other software as needed.
About EIT Digital
EIT Digital is a leading European open innovation organisation. Our mission is to foster digital technology innovation and entrepreneurial talent for economic growth and quality of life in Europe. We bring together entrepreneurs from a partnership of over 130 top European corporations, SMEs, start-ups, universities and research institutes.
EIT Digital invests in strategic areas to accelerate the market uptake of research-based digital technologies and to bring entrepreneurial talent and leadership to Europe. Our innovation and education activities are organised in and around our co-location centres, where students, researchers, engineers, business developers and entrepreneurs come together to drive the digitalisation of society.
EIT Digital is a Knowledge and Innovation Community of the European Institute of Innovation and Technology (EIT). Since 2010, EIT Digital has consistently mobilised talent, ideas, technologies, investments and business across Europe and beyond to stimulate disruptive digital innovation. EIT Digital headquarters are in Brussels with co-location centres in Berlin, Budapest, Eindhoven, Helsinki, London, Madrid, Paris, Stockholm, Trento and a hub in Silicon Valley.
For more information visit: http://www.eitdigital.eu/
Follow EIT Digital on Twitter:@EIT_Digital
— EIT Digital (@EIT_Digital) March 8, 2017