IoT Security

The IoT is set for a period of extraordinary growth, with a predicted 3.5 billion cellular IoT connections by 2023 (Ericsson Mobility Report, June 2018).

To reach this figure, there is a clear opportunity for everyone involved in the IoT ecosystem to leverage widely deployed and field-proven networks.

There's more.

The emergence of new generation 5G networks will be a tremendous asset in this respect, helping to enable an explosive increase in the number of devices connected to people and each other. 

The five main stakeholders in the cellular IoT ecosystem

  • Mobile network / Telecoms operators - preparing for significant new commercial opportunities by providing the connectivity that embraces not only billions of people but also billions of device
  • Service providers - developing applications for clouds and devices.
  • IoT cloud providers - hosting and managing IoT applications and credentials.
  • IoT device makers / OEMs - building IoT devices.
  • Chipset makers - producing the components that are at the heart of IoT devices

IoT applications

Within the IoT ecosystem, devices collect, process and send data to the cloud, where various IoT applications are executed.

But while the emergence of billions more IoT devices creates a wealth of new opportunities for stakeholders, it also presents profound security challenges. 

Increasing attacks on the IoT 

Reflecting this, in January 2019 Forrester reported a 217% annual increase in the volume of attacks on the IoT.

Similarly, Irdeto's 2019 Global Connected Cybersecurity Survey notes that 80% of IoT devices used or manufactured by large enterprises have experienced a cyberattack in the past 12 months. 

To address these threats, the IoT cloud service must have absolute trust in the data received from IoT devices.

This is only possible by ensuring that both the device and the server are mutually authenticated (i.e. the device knows it is sending its data to the right server, and the server knows it is a genuine device which requests data to be sent). 

However, the IoT is set to be characterized by fragmentation in terms of the OS and chips employed.

An array of open source and proprietary IoT OS is already on the market and, given the rich and varied mix of applications, hardware and connectivity encompassed by the IoT, it is likely that the market will continue to sustain multiple OS and chips for the foreseeable future.

The result?

Proprietary IoT security solutions will not be able to scale or be duplicated.

Leveraging the Secure Element by design 

The critical challenge is, therefore, how the device middleware can leverage the security services embedded in Secure Elements in a scalable manner.

This is the problem that the GSMA IoT SAFE (IoT on-SIM Applet For Secure End-2-End Communication) initiative solves:

specifying an API so the device middleware can use the credentials and security services in the Secure Element (SIM, eSIM, eSE) in a standardized manner.

In short, utilizing Secure Elements to secure IoT applications by design. 

java Card Forum

How Thales uses Java Card technology to secure IoT end-to-end communication

Find out with this article from the Java Card Forum

 

tel-info-IoT-Safe.png

Secure Elements deliver scalable trust for IoT applications

Infographic

Secure Elements deliver scalable trust for IoT applications [PDF - 182kb]

The foundation of IoT security is the TLS handshake protocol between the IoT device and the IoT cloud; mutual authentication must be enabled before any data exchange can occur.

Specifically, this is achieved through Secure Element-based security and cryptography, and GSMA IoT SAFE specifications. 

Secure Elements are ideally suited to the three key requirements of IoT security

Secure Elements are a standard technology that integrates the new GSMA IoT SAFE specifications. They deliver scalable 'security by design' for the IoT, meeting the scalability requirements of an IoT security framework by utilizing standardized and field-proven SIM, eSIM and eSE technology, irrespective of form factor, and leveraging the multitude of devices already deployed in the field. 

Secure Elements address the three key IoT security requirements: 

  1. Mutual trust between the IoT device and cloud
    This end-to-end mutual authentication enables a TLS connection
  2. Protection of data at rest and in motion
    Data integrity
    Data confidentiality
  3. Scalability
    There are already billions of Secure Elements in the field

GSMA IoT SAFE

Secure Elements deliver scalable trust for IoT applications.

They act as the root of trust / cryptographic toolbox, based on tamper-proof hardware that stores private keys, digital certificates and security services.

tel-wp-gsma-iot-safe-specifications

Secure Elements deliver scalable trust for IoT applications

Secure Elements deliver scalable trust for IoT applications

Our solutions

We can address the challenge of securely and efficiently connecting IoT devices to clouds through cellular networks, thereby offering demonstrable benefits for all key stakeholders.

Specifically, we enable the opportunity to leverage assets that include widely deployed and field-proven cellular networks and Secure Element-based security solutions that store credentials, to deliver services that can be enhanced to address IoT security in an interoperable environment defined by GSMA IoT SAFE specifications. 

We proactively lead the creation of new specifications, collaborating with the GSMA and other key industries to facilitate streamlined deployment of IoT security, and offer THALES' advanced implementation of the GSMA IoT SAFE initiative. 

We are the world leader in OTA (Over The Air) platform solutions that enable credential life cycle management. 

Need more information on scalable security for the IoT?

Interested in a proof of concept?

Contact us:

Thales Wins Gold for Best Cellular IoT Initiative

Thales Wins Gold for Best Cellular IoT Initiative” Award

‘We are honoured to be awarded for Best Cellular IoT initiative. Given increased 5G roll-outs, billions of IoT devices in all industry sectors, such as healthcare and smart metering, need to securely send data to their cloud. Thales has implemented GSMA IoT SAFE specifications now available as a service, to provide a scalable and efficient security framework, built on field-proven, standardised SIM/eSIM technology. This approach eliminates integration and provisioning challenges for operators, compliancy issues for device makers and service providers.
Guillaume Lafaix, VP Mobile Connectivity Solutions at Thales

An interview with Juniper Research
Analysts expect a drastic growth of connected objects, and among them, a number will be connected to cellular networks. Telecom Operators have a key role to play 
in the development of cellular IoT and especially for security. Find out how our award-winning cellular IoT service help them  achieve scalable and sustainable security for IoT,  in a cost-effective manner.
Read the interview
 

Case Study

Slide01-cs.jpg

Thales IoT SAFE case study in Canada

TELUS and CIRA to implement the Thales GSMA IoT SAFE service for a new country-wide security management system for IoT devices

Read more on Thales IoT SAFE case study in Canada

Press Release

Get in touch with us

For more information regarding our services and solutions contact one of our sales representatives. We have agents worldwide that are available to help with your digital security needs. Fill out our contact form and one of our representatives will be in touch to discuss how we can assist you.

Please note we do not sell any products nor offer support directly to end users. If you have questions regarding one of our products provided by e.g. your bank or government, then please contact them for advice first.