Collaboration to strengthen IoT device identity
GMO GlobalSign and Infineon Technologies have announced a solution that secures, simplifies, and streamlines device enrolment into Microsoft Azure IoT Hub and IoT Hub Device Provisioning Service. The collaboration eases complex device identity integration challenges and delivers a proven path for IoT device security literally from chip to cloud.
Central to the solution is the cross-signing of Infineon’s on-premises CA, by GlobalSign’s globally recognised and WebTrust audited CA, expanding the trustworthiness of the endorsement certificates that Infineon self-issues and flashes onto each of their OPTIGA TPM SLM 9670, and making them verifiable up to the GlobalSign Root CA. With a globally recognised and trusted endorsement certificate, each Infineon TPM can then connect to GlobalSign’s IoT Edge Enrol Registration Authority on the IoT Identity Platform anytime throughout their lifecycle to be seamlessly enrolled into Azure with verifiable identity and security confidence.
“A healthy and secure IoT ecosystem is stronger with strategic partners who innovate and collaborate,” said Lancen LaChance, Vice President IoT Solutions, GlobalSign. “GlobalSign and key technology partners like Infineon and Microsoft Azure foster success for our mutual customers. Together we have built a competitive advantage for IoT device manufacturers, system integrators and operators that gives them a secure, seamless path to Azure enrolment.”
“Unique device identities are essential to connect securely to the cloud,” added Juergen Rebel, Vice President and General Manager Embedded Security at Infineon Technologies. “With our new OPTIGA TPM integration kit, you can connect your device securely to Microsoft Azure IoT in less than an hour.”
The result is that the process of secure device enrolment into Azure services is streamlined and simplified. “All devices enrolled into Microsoft Azure require authenticated identities, so the importance of strong, secure device identities is crucial,” said Sam George, Corporate Vice President of Azure IoT, Microsoft Corp. “Infineon and GlobalSign have minimised the effort needed for system integrators and solution operators to securely enrol their devices into Azure, helping everyone in the supply chain. It delivers a secure, low touch option for Azure enrolment.”
Adding a cross-signed TPM into the supply chain also offers a unique opportunity to align secure device identity with a device's origin at production, hardening device identity and authentication, while expanding trust in the ecosystem at every stage in the device identity lifecycle, anywhere downstream.
Azure IoT Hub provides a cloud-hosted solution backend to connect virtually any device and enables highly secure and reliable communication between your IoT application and the devices it manages.