Edge Computing Security: It Starts With Solid Device Identity and Attestation
Scaling IoT and Edge solutions without security is just scaling your problems. Device management and the entire edge application lifecycle require that you can trust the underlying sources of information. This is readily apparent when onboarding devices for large-scale deployments. This is not just our personal opinion. Year after year, the respondents to the IoT and Edge Developer Surveys conducted by the Eclipse Foundation identified security as their top concern. In the 2021 edition, for example, that was the case for 46% of respondents, well ahead of connectivity (38%) and deployment (31%).
Device attestation is a technical way to prove that a device possesses a unique identity and is trustworthy. This quote from GlobalSign’s Martin Lowry expresses it well:
Building a nearly impenetrable IoT security defense with unique, strong and trusted device identities that move through the supply chain, overcomes many security challenges to deliver protection throughout the lifecycle of the device […].
Achieving identity management integration throughout the entire lifecycle is difficult for most organizations. The first identity aspects already surface in the early stages of the supply chain. To establish a solid hardware root of trust, suppliers (i.e., manufacturers of edge computing systems, IoT Gateways, and other intelligent edge nodes) may need to verify the identity of components that come from their supply chain — especially in the case of security chips. Most important is that as part of the production process of the gateway or edge computer, the manufacturer augments the product with its own identity. This process attests to the identity and integrity of the manufactured device.
Device Identity management is a substantial factor in the TCO (Total Cost of Ownership) of secure and robust IoT and edge computing infrastructures. First, there is a cost associated with the additional security-related hardware components included in the device. In addition, the identity tracking and management systems used in the process also have a cost. Finally, the ownership transfer and other identity-related operations during the business flow also contribute to the TCO of device identity management.
In a more detailed perspective, the ownership transfer process must consider several distinct pieces of hierarchical information. Those pieces of information include:
- The origin of the device itself and its embedded security hardware. This information is immutable and will not change over the device’s lifetime.
- The current ownership of the device. For example, this will change if you deploy the device at a new customer site.
- A signed dataset reflecting the state of the device as well as the software currently deployed on it. This dataset can be used to verify the integrity of the installed software stack.
- Certificates or signatures enabling the use of third-party Software as a Service (SaaS) or Platform as a Service (PaaS) offerings that are part of the infrastructure.
In highly-regulated industries, organizations could leverage the same mechanisms to attest that the core hardware or additional devices connected to it, such as sensors, have been calibrated or are certified for a specific purpose by the relevant authority.
There are several ways to implement device attestation. In our next article, we will explore the topic further and look at some of the supporting technologies.
All Edge of Things contributors belong to Eclipse Foundation member organizations or are Foundation staff. The contributors to this particular post are Robert Andres (Eurotech), Frédéric Desbiens (Eclipse Foundation), and Kilton Hopkins (Edgeworx).