IoT security requires, Icon Labs observes, strong authentication; all IoT devices, including the smallest endpoints, must support mutual authentication, ensuring all communication is between known, trusted devices, and that all access is authorized. Certificate-based authentication using Public Key Infrastructure provides a proven, reliable authentication method.
The Floodgate CA can be deployed on a hardened server or hierarchy of servers in a private environment to provide a closed PKI system without dependence upon public certificate authorities or other third-parties. It can also operate as a sub-CA of a public CA, allowing OEMs to choose the operating model based on their IoT authentication requirements.
Floodgate CA can be used with any PKI client, including Icon Labs’ Floodgate PKI Client Toolkit; an embeddable PKI client for IoT devices. Floodgate PKI Client enables even the smallest of IoT devices to generate keys, create certificate signing requests, and retrieve signed certificates from the Certificate Authority.
“This is the only security solution that provides both the client and server side required to automate secure provisioning and enrollment,” said Alan Grau, President of Icon Labs. “The Floodgate Certificate Authority and Floodgate PKI Client toolkit enables developers to easily and efficiently integrate certificate-based machine-to-machine authentication for IoT devices.”
The PKI client supports SCEP, EST, and OCSP on all RTOS, embedded Linux, and Windows devices. The Floodgate Certificate Authority encompasses a wide-range of potential use cases including key management, generating public key infrastructure certificates, and injecting pre-generated keys during the manufacturing process.
Icon Labs; www.iconlabs.com