Zero Trust for IoT
The Internet of Things presents an increasingly interconnected world of devices that connect, compute and communicate, from low-power sensor networks, to high-end devices resembling conventional IT. The increased autonomy of IoT devices increases the need for resilient systems that maintain integrity over extended periods and support device-based identity management for secure access to interconnected services.
Collaborating with the UK National Cyber Security Centre (NCSC) on the NCSC Cloud Client project, Becrypt have implemented a standards-based device identity management platform using an end to end remote attestation protocol.
Becrypt’s flagship secure Linux-based operating system provides the ideal platform for managing diverse IoT endpoints. Currently deployed in environments that range from manufacturing, aviation and military, Paradox provides a secure resilient platform for conventional IT as well as bespoke IoT endpoints and embedded systems.
Device Identity management for IoT platforms can be an essential component of system security, given the absence of user authentication, and the physical exposure of IoT systems.
As IoT extends the enterprise IT perimeter, the importance of adhering to Zero trust principles increases. Authentication of device identity, as well as the integrity of operating system and applications, should be used to determine subsequent fine-grain access to connected services.
Paradox includes certificate-based device identity management, using a hardware root of trust where available, and implements robust health measurement of device software using a standards-based remote attestation protocol.