IoT and IIoT security solutions from PrimeKey PrimeKey is a pioneer in the open source PKI and Signing security software that provides businesses and organizations around the world with the ability to implement secure IoT and IIoT solutions in the healthcare industry, for smart factories, to secure supply chains and more. PKI has been the de-facto standard on the Internet for more than a decade and it has been proven to be both scalable and flexible. It is now also instrumental for secure IoT and IIoT solutions. PrimeKey’s solutions include: EJBCA Enterprise, PrimeKey SignServer Enterprise, PrimeKey SEE and the PrimeKey EJBCA Appliance.
IoT, EJBCA Enterprise Creating the future of PoS-solutions based on PrimeKey PKI IoT, IIoT, EJBCA Enterprise Enabling Innovations – Transforming Healthcare IoT Siemens – Ingenuity for life and safe communications
Why are Security Solutions for IoT important to reduce threats? IoT is often defined as a network of physical objects that can interact with other Internet-enabled systems and devices to share information and perform actions. This means Internet of Things encompasses everything from cars to cooking devices, from MRI scanners to wind turbines. For businesses across a range of industries, Internet of Things provides opportunities for cost reductions and increased revenues. By 2024, there will be more than 22 billion connected devices in the world. So where do security solutions for IoT and IIoT fit in? There is no question that the impact of IoT and Industry 4.0 is transforming industries, businesses and ultimately, our lives. But as the physical objects around us become connected, they also become susceptible to a variety of cybersecurity threats. With IoT solutions maturing and taking on a key responsibility in the new revenue streams, workflows and value propositions of progressive businesses, IoT security becomes a central issue – and a complex one at that.
It is imperative to provide a secure foundation for Internet-enabled physical objects that is able to: Assure the identity and authenticity of all devices. Make sure devices run only on authorized code. Manage the lifecycle of each device, ensuring the chain of custody. Enable safe over-the-air updates to maintain security and allow for new features over time. Protect communication across unsecure networks. Secure sensitive data and safeguard regulatory compliance. In addition to the functional aspects, security solutions for IoT and Industrial IoT (IIoT) must also be scalable, potentially handling billions of devices, and flexible enough to cost-efficiently integrate with IoT and IIoT platforms along with back-end enterprise systems. Because PKI and Signing solutions are the fundamental building blocks of IoT and IIoT security, it enables businesses developing IoT offerings to ensure the Internet of Things does not become an Internet of Threats.
When developing IoT and IIoT security solutions, PKI and Signing are fundamental for security and compliance. It enables secure communication between parties and provides security through trusted identities that are necessary for authentication, integrity and confidentiality. Benefitting from the proven track-record of PKI and Signing, all aspects of IoT and IIoT security can be addressed: Protect IoT and IIoT devices Guarantee that each device has a unique and traceable identity. Ensure that code running on devices – including firmware, operating system and applications – is authorized and not tampered with. Enable secure, over-the-air updates to add features, improve performance and ensure security over time. Protect device communication Safeguard communication through encryption, protecting data when in transit across unsecure networks. Validate the identity and authenticity of devices attempting to communicate with IoT and IIoT platforms and back-end systems. Protect sensitive data and safeguard regulatory compliance Enable sensitive data to be encrypted on the device when in transit and stored centrally, ensuring the ability to stay compliant with regulatory demands. Manage lifecycle and chain of custody Provision devices in manufacturing, establishing a unique and traceable identity of every device. Manage devices in operation, ensure correct authority to take action and handle how devices are decommissioned or repurposed, or if ownership changes. PKI and Signing are a proven way to protect valuable assets and functions within the complex and diverse security challenges of IoT.
Cybersecurity: An Enabler for Critical Infrastructure Learn about the secure implementation of an IoT solution in an IIoT electric utilities environment, specifically transmission. This white paper also covers PKI, mutual authentication, secure certificate imprinting, product components designed for industrial use, and firmware signing.
IoT and IIoT security solutions built on open standards For an end-to-end take on Internet of Things security, PrimeKey delivers IoT PKI, Signing and secure execution hardware solutions built on open standards, with proven scalability and more than 20 years of history protecting the world’s most valuable digital assets. EJBCA® Enterprise is an open source based PKI that has been proven in a range of contexts — from critical telecom and power infrastructure to smart products from several of the world’s most recognized brands. EJBCA is proven as the leading security software for Certificate Issuance and Certificate Management across industries, including several of the most demanding use cases in the world. Due to mature and proven source code, EJBCA provides the least likelihood of disruptive software defects and it has been proven time and again to enable standards-based, cost-efficient integrations. Read more about how PrimeKey products offer a secure foundation for IoT: PKI Security supporting the full IoT eco system
The code signing capabilities delivered by open source based SignServer Enterprise ensures authenticity and integrity of both data and code on devices. PrimeKey has vast knowledge and experience in partnering with globally leading software and hardware vendors, utility providers, car manufacturers and system integrators, to secure their software distribution chain. Learn more about SignServer Enterprise: SignServer Enterprise
By using the trusted execution environment, PrimeKey SEE, you can run your mission-critical application in any uncontrolled environment. PrimeKey SEE is a full-size rack-mount application server that comes with a patented FIPS protected execution environment where your application and data can only be accessed by an authorized security administrators, making it impossible to access, to extract or to modify by an unauthorized party. Learn about PrimeKey SEE: PrimeKey SEE
In a pilot project, PrimeKey and Infineon present a solution that enables the safe commercial use of multicopters. It combines Public Key Infrastructure (PKI) with the OPTIGA™ Trust X security controller and the SLS37 Ready-to-Connect eSIM for mobile IoT applications. Check out our joint white paper with Infineon about multicopter authentication and our illustration explaining Multicopter Safety via Security. PKI in Action
Fill in your contact information below and we will get in touch with you. First name* Last name* Company* Email* Country*CountryYour locationAfghanistanAlbaniaAlgeriaAmerican SamoaAndorraAngolaAntigua and BarbudaArgentinaArmeniaAustraliaAustriaAzerbaijanBahamasBahrainBangladeshBarbadosBelarusBelgiumBelizeBeninBermudaBhutanBoliviaBosnia and HerzegovinaBotswanaBrazilBruneiBulgariaBurkina FasoBurundiCambodiaCameroonCanadaCape VerdeCayman IslandsCentral African RepublicChadChileChinaColombiaComorosCongo, Republic of theCosta RicaCôte d'IvoireCroatiaCubaCuraçaoCyprusCzech RepublicDemocratic Republic of the CongoDenmarkDjiboutiDominicaDominican RepublicEast TimorEcuadorEgyptEl SalvadorEquatorial GuineaEritreaEstoniaEthiopiaFaroe IslandsFijiFinlandFranceFrench PolynesiaGabonGambiaGeorgiaGermanyGhanaGreeceGreenlandGrenadaGuamGuatemalaGuineaGuinea-BissauGuyanaHaitiHondurasHong KongHungaryIcelandIndiaIndonesiaIranIraqIrelandIsraelItalyJamaicaJapanJordanKazakhstanKenyaKiribatiKosovoKuwaitKyrgyzstanLaosLatviaLebanonLesothoLiberiaLibyaLiechtensteinLithuaniaLuxembourgMacedoniaMadagascarMalawiMalaysiaMaldivesMaliMaltaMarshall IslandsMauritaniaMauritiusMexicoMicronesiaMoldovaMonacoMongoliaMontenegroMoroccoMozambiqueMyanmarNamibiaNauruNepalNetherlandsNew ZealandNicaraguaNigerNigeriaNorth KoreaNorwayOmanPakistanPalauPalestine, State ofPanamaPapua New GuineaParaguayPeruPhilippinesPolandPortugalPuerto RicoQatarRomaniaRussiaRwandaSaint Kitts and NevisSaint LuciaSaint Vincent and the GrenadinesSamoaSan MarinoSao Tome and PrincipeSaudi ArabiaSenegalSerbiaSeychellesSierra LeoneSingaporeSint MaartenSlovakiaSloveniaSolomon IslandsSomaliaSouth AfricaSouth KoreaSpainSri LankaSudanSudan, SouthSurinameSwazilandSwedenSwitzerlandSyriaTaiwanTajikistanTanzaniaThailandTimor-LesteTogoTongaTrinidad and TobagoTunisiaTurkeyTurkmenistanTuvaluUgandaUkraineUnited Arab EmiratesUnited KingdomUnited StatesUruguayUzbekistanVanuatuVatican CityVenezuelaVietnamVirgin Islands, BritishVirgin Islands, U.S.YemenZambiaZimbabweHiddenRegion MessageInformation storage and cookies* I Accept I accept that PrimeKey stores my information, and I accept cookies for analysis and business identification. Read more about cookies and privacy policy here.CAPTCHA
Protect IoT and IIoT devices Establish device identity Issue X.509 and RFC5280 certificates RSA and Elliptic Curve algorithms Supports both batch production and single-instance issuance Support both client- and server-generated keys Ensure software integrity with PrimeKey SignServer CMS/PKCS#7 Authenticode for signing Windows executable files and installer applications. JAR signing for signing Java and Android files. Plain signature, for generic signing. Protect device communication Supports TLS certificates for both client and server to encrypt communication in transit Protect sensitive data and ensure regulatory compliance RFC 5280, ETSI/eIDAS and WebTrust-compliant Support for HSMs from leading vendors Compliance support for NSA SUITE B algorithms Tamper-proof hardware for insecure environments with PrimeKey SEE Enabling GDPR-compliance across platforms and systems Future-proof and flexible to support regulatory demands of the future Manage lifecycle and chain of custody Full lifecycle support with certificate issuance, renewal and revocation Time-stamped digital signatures enabling traceability Support for vendor certificates and digital twins Ensuring identity and correctness in representation of digital twins Secure audit logs in all certificate lifecycle and digital signature operations Scale over time Linear scalability for performance and high availability by adding multiple nodes High performance, >500 requests per second can be achieved on a single server Configurable to support a multitude of use cases Use standard SQL database, scaling infinitely Highly scalable Java Enterprise applications Proven to support billions of certificates in operation