It has been projected that by 2020, the world will have over 20 billion connected devices. With this growth, there is a critical need to ramp up the security of “things” and the data they create. To guide the industry, the Smart Card Alliance released today a high-level educational resource outlining the security value of embedded hardware technology in end devices used in IoT applications.
The white paper, “Embedded Hardware Security for IoT Applications,” was created by the Smart Card Alliance’s Internet of Things Security Council. “Too often, security is an afterthought in emerging markets experiencing rapid growth, like the IoT, that are lacking strong standards and regulations,” said Randy Vanderhoof, executive director of the Smart Card Alliance. “As the number of connected devices continues to rapidly increase, the need for security solutions is urgent. This white paper provides a primer to embedded security technology for securing IoT ecosystems, and is the first in the Smart Card Alliance’s series of efforts to provide usable guidance and education for this market.”
To describe the basic security principles that are critical for IoT implementations, this white paper:
- Discusses embedded security – where hardware and/or software security mechanisms are built into the end devices used in an IoT architecture
- Discusses basic security principles that are critical for IoT implementations and reviews the application of these security principles for an example use case – managing the lifecycle of IoT devices
- Focuses on embedded hardware security, where end devices include hardware features and functions to ensure that the appropriate security requirements are implemented and maintained
The Smart Card Alliance also recently launched a new content portal that features relevant news, resources, expert commentary and thought leadership on the security and privacy of IoT. Visit the portal at IoTSecurityConnection.com.
The Smart Card Alliance formed its Internet of Things Security Council to provide a single forum where all industry stakeholders can discuss applications and security approaches, develop best practices and advocate for the use of standards for IoT security implementations. The council welcomes participation from organizations involved in the many IoT ecosystems to participate in these efforts, as well as to network and share implementation experiences.
Participants involved in the development of this white paper included: Accenture; Allegion; CH2M; Discover Financial Services; Exponent, Inc.; First Data; Giesecke & Devrient; Hewlett Packard Enterprise; Intercede Limited; IQ Devices; Metropolitan Transportation Commission (MTC); NextGen ID, Inc.; NXP Semiconductors; Safran Identity & Security; Underwriters Laboratories (UL); and Verifone.