Identity authentication is the most fundamental qualification for all of the things connecting to the Internet. In particular for the IoT era, the data is exchanged between various things and players in addition to the traditional internet usage.
In this blog post, the flexibility of identity authentication for IoT is explained.
For the authentication of communication partner, client-server authentication is the simplest way. In this case, client and server can share the authentication information before the client starts using the service. However, if various communication players come into the stage, some creative thinking is required to achieve flexible identity authentication.
Example for simple authentication
In the simple client-server authentication example, the server will have the list of users who can login to the server, and the list of their authentication data, namely password or the hash value of the password.
When we intend to communicate between multiple service providers and users, we might need to share the authentication data with the 3rd party servers. Maintaining high security according to increasing players may be difficult.
Requirement of flexible authentication for IoT
Things – Things communication
In the IoT world, so many kinds of things and players communicate with each other. For example, let’s illustrate this using an automobile industry case. As you know, there are multiple global companies manufacturing cars, and each will assign identities to their cars. Here, as illustrated in the graphic below, a truck when the driver hits it's brakes hard, the truck will send a signal to the car behind it so the car can avoid rear-ending the truck. Furthermore, in case an ambulance is driving in emergency, the ambulance car will send instruction to nearby cars to move out of the way to let it pass promptly. In situations like this, the cars need to be able to verify the instruction is correct, and signals between them are not compromised.
Data gathering from Things
The data generated by Things, becomes more and more important information. And the information has two sides. One is private data for the company and the other is data that can be shared with other companies and also the public. The example of the former is the data of improvement of fuel efficiency like engine conditions. The latter is location and traffic speed, temperature, weather conditions, etc. These are helpful for weather observation, and in case of disaster, the real time information about the road situation is really valuable for the public.
In such cases, we need to verify whether the data includes fault and bad data or not. If fault or bad data comes to be mixed in the big data, the value of the data becomes empty. In order to avoid the data being interfused, methods are needed to verify the trust and integrity of the data. Because the products are made by multiple manufactures, the methods must be flexible.
The GlobalSign Solutions
GlobalSign is providing various solutions for the flexible authentication requirements of IoT. PKI can address such high level security requirements for identity of data in addition to identity of things. Specifically, cross certification technology can spread trust relationship coverage.
In addition, GlobalSign identity and access management (IAM) solution is providing identity federation capabilities, and can propose a simple and flexible solution for identity linkage requirements.
For more detail, please contact GlobalSign.