Authenta, an IoT Security Solution to Lookout

Micron recently unveiled its partnership with TATA Communications in India to accelerate IoT deployment leveraging Authenta, an IoT security solution that provides protection for the lowest layers of Internet of Things (IoT) device software. Authenta allows developers to strengthen security using standard flash memory sockets without any additional hardware, thus, making their solution more affordable without compromising on the level of security. Couple that with their cloud security solution, and you have zero-touch onboarding with the ability to modify the configuration in the future via the cloud.

How This IoT Security Solution Works?

illustrates its background functions with architecture. “Leveraging the Device Identity Composition Engine (DICE), an upcoming standard from the Trusted Computing Group (TCG), Micron’s Authenta-based memory demonstrates how only trusted IoT devices with healthy software can gain access to the Microsoft Azure IoT cloud platform. One key aspect of the solution is the health and identity of an IoT device is verified in memory where critical code and data are typically stored. The unique DNA of each IoT device can offer customers end-to-end device integrity at a new level—starting at the boot process, where a cryptographic measurement is securely monitored by Microsoft’s DPS that can then attest to the health of the firmware on IoT devices. This solution can also enable additional functionality such as administrative provisioning, remediation, and secure updates directly to the flash memory—simplifying device management deployments at the lowest cost to customers.“

How This IoT Security Solution Manage the Problem of Customization?

A lot of the loT clients generally prefer some sort of customization with the solution that they procure. There is a question that may arise. When we bake it onto Silicon, at what level this IoT security solution offers the flexibility of customizing that solution? To answer the questions. let’s say, a company has an authentication system that requires the swappable security module instead of a cloud-based solution. Wild things can be baked in Silicon, and they can also be programmable with some flexibility to customize it. And the important customization that is needed in security is the provisioning of a key. So it’s a two-edged sword. If you provision a key on this at a software level, it’s easy, and you can do it after. However, you’re not doing it safely because somebody could take the key and change it. Somebody could steal it, you know, so it’s important to put keys in very important key storage areas usually buried underneath the Silicon. So, you put it inside technologies that obscure or obfuscate it. The key is the first point of trust, and you give that to the customer. But this technology is programmable so you can also then administer a change of key and allow the customer to replace it. So there’s that flexibility present. However, you always need that — they usually call it — the birth Root of Trust (RoT).

How This IoT Security Solution Deal the Problem of Data Localization?

Countries have been increasingly pushing for the localization of data. With a solution, which aims to remove borders and would require a centralized system. The very foundation that you need when you localize it to a state or a country is that you need identifiers so that you can track and administer the machine that’s talking to you and strongly authenticate that. But there is another localization that’s occurring not just with the machines that are in data centers but with the machines that are in the field. And you even have a much more fine-grained localization there. And you actually then start to put some localization storage and data there. Now, these are no longer protected in the data center within a locked system where you know that you have to have privileged access, but It’s out in the field-deployed, and so security is also very important there.

How This IoT Security Solution Maintain Intercommunication Between Different Standards?

With loT, there’s this requirement for intercommunication between different standards. One client might be using a particular standard, and you might have to ensure that their devices can talk to Authenta, which could be using a different standard. There are definitely different standards to communicate from machine to machine. It would be with HTTP or other Internet standards. Then there are different standards for cryptography. There are some basic hardware foundations, and you have to put the appropriate layers to work with the public key infrastructure. Those are all standard cryptography, and you don’t want to change that. What you do want to have is the ability to do that on the devices. And that’s also the harder thing.

Thanks for reading this post. Read more such interesting things on our blog.