GlobalSign News & Events

26 June 2018

GlobalSign Launches Next-Generation IoT Identity Platform Addressing Critical IoT Device Security Requirements

GlobalSign’s solution enables highly scalable identity lifecycle management, including certificate issuance, renewal and revocation, device enrollment and flexible API-driven integrations

GlobalSign Launches Next-Generation IoT Identity Platform Addressing Critical IoT Device Security Requirements 

GlobalSign’s solution enables highly scalable identity lifecycle management, including certificate issuance, renewal and revocation, device enrollment and flexible API-driven integrations

BOSTON, Mass., June 26, 2018 -- GMO GlobalSign (www.globalsign.com), a global Certificate Authority and leading provider of identity and security solutions for the Internet of Things (IoT), today announced the launch of its IoT Identity Platform addressing critical IoT device security requirements. GlobalSign’s next-generation IoT Identity Platform is a set of products and services flexible and scalable enough to issue and manage billions of identities for IoT devices of all types. Using Public Key Infrastructure (PKI) as the core identity mechanism, the IoT Identify Platform can serve the varied security use-cases of the IoT across all verticals, including manufacturing, agriculture, smart grid, payments, IoT gateways, healthcare, other industrial ecosystems and more. The Platform supports the full device identity lifecycle, from initial certificate provisioning (both greenfield and brownfield deployments) to lifetime maintenance through to final sunsetting, decommissioning or transfer of ownership. Giving each device or endpoint a unique identity allows them to get authenticated when they come online and then throughout their lifetime, prove their integrity, and securely communicate with other devices, services and users.

The central feature of the Platform is IoT Edge Enroll, a full-fledged enrollment client used to provision and manage PKI-based identities to IoT devices of all types. Providing these unique identities to all devices enables trust within the ecosystem, allowing for mutual authentication between devices and systems as well as protecting communications from eavesdropping or tampering. IoT Edge Enroll provides a flexible and scalable way to deploy these identities and maintain them throughout the full device lifecycle, with added features such as device Registration Authority (RA), certificate lifecycle management, and expanded protocol support. The cloud-based IoT Identity Platform needs a way to communicate with end devices to deliver, validate and revoke identities, and IoT Edge Enroll acts as the enrollment mechanism.

GlobalSign can issue certificates at unprecedented speed and volume – more than 3,000 per second. There are three integration options and a combination of these can be used depending on a user’s environment.

  • IoT Edge Enroll - Delivering a comprehensive enrollment client with enhanced features that include device RA, certificate lifecycle management and expanded protocol support.
  • IoT CA Direct – Created for environments that only require a device identity issuance engine. In-house systems are able to communicate with GlobalSign’s services via a modern RESTful API, and handle device enrollment and lifecycle management.
  • IoT CA Connect - Ideal for environments using a third-party device and identity management solution which handles device enrollment and lifecycle management. In addition, it enables developers to issue certificates to devices directly from their own platforms.

“The GlobalSign IoT Identity Platform greatly improves the process of identity lifecycle management, from enabling customers to use our highly scalable managed PKI solution as an identity issuing engine to full-fledged enrollment and flexible API integrations with other application and platforms,” said Lancen LaChance, Vice President, IoT Solutions, GlobalSign. “The Platform meets a tremendous need in the marketplace as security is essential to IoT ecosystems, and is well-suited to low-cost IoT device implementations. Currently, we have a number of early adopter companies using the IoT Identity Platform with very positive results.”

By offering highly scalable certificate issuance and flexible API integrations, GlobalSign’s IoT Identity Platform offers the essentials of implementing PKI for IoT devices. Key features of the platform include:

  • PKI-based, strong and unique device identities
    • Leverage standards-based PKI to authenticate and establish trust between devices and services, as well as encrypt and ensure the integrity of the source of all data transmitted within your ecosystem.
  • Scalable
    • Modern, secure RESTful APIs support high volume and throughput, capable of issuing millions of certificates per day and more than 3,000 certificates per second.
  • Flexible
    • Support for complex PKI hierarchies, with dedicated intermediates and public or private trust, along with flexible certificate formats or extensions to accommodate virtually any ecosystem and industry.
  • Interoperability
    • GlobalSign enables trust through the entire IoT stack, via partnerships on the device side with secure elements (e.g., TPMs, PUFs) and Secure MCUs, and on the cloud side with virtually every cloud platform provider (e.g., Arm® Mbed™ Cloud platform, AWS IoT, Azure IoT Hub).

GlobalSign’s IoT Identity Platform is available today. To learn more, visit https://www.globalsign.com/en/internet-of-things/

About GMO GlobalSign
GlobalSign is the leading provider of trusted identity and security solutions enabling businesses, large enterprises, cloud-based service providers and IoT innovators around the world to conduct secure online communications, manage millions of verified digital identities and automate authentication and encryption. Its high-scale PKI and identity solutions support the billions of services, devices, people and things comprising the Internet of Things (IoT). The company has offices in the Americas, Europe and Asia. For more information, visit https://www.globalsign.com

About GMO Cloud KK
GMO Cloud K.K. (TSE: 3788) is a full-service IT infrastructure provider focused on cloud solutions. Established as a hosting company in 1996, the company has managed servers for more than 130,000 businesses and now has 6,500 sales partners throughout Japan. In February of 2011, the company launched GMO Cloud to enhance its focus on cloud-based solutions. Since 2007, the company has also grown its GlobalSign SSL security brand through offices in Belgium, U.K., U.S., China and Singapore. For more information, visit https://ir.gmocloud.com/english/

About GMO Internet Group
GMO Internet Group is an Internet service industry leader, developing and operating Japan’s most widely used domain, hosting & cloud, ecommerce, security, and payment solutions. The Group also includes the world’s largest online FX trading platform, as well as online advertising, Internet media, and cryptocurrency related services. GMO Internet, Inc. (TSE: 9449) is headquartered in Tokyo, Japan. For more information, please visit https://www.gmo.jp/en/

Media Relations Contact:

Amy Krigman

GlobalSign
Public Relations Manager
Phone: 603-570-7091
Email: amy.krigman@globalsign.com

Share this article

Back to GlobalSign Newsroom

Media Relations

For further information on GlobalSign press releases,
events or for media enquires please contact:

Amy Krigman
Public Relations Manager
Call: 603-570-7091
Email: amy.krigman@globalsign.com