Thales, Telstra, Microsoft and Arduino have implemented the GSMA IoT SAFE solution to address the IoT devices market fragmentation and enable robust and effective IoT Security at scale.
The solution enables instant and standardised mutual authentication between a device and a cloud platform via cellular networks, while fully-complying with GSMA IoT SAFE security specifications.
Within the IoT ecosystem, billions of devices collect, process and send data to the cloud, where a range of different IoT services are executed. To enable security, the IoT cloud service must have absolute trust in data received from connected devices. Equally, devices need to trust the cloud. This is only possible if the device and server are mutually authenticated. However, the IoT devices market is so fragmented – with a patchwork of different operating systems and chips being utilised – that security services scalability and duplication are very limited.
That’s why Thales, Telstra, Microsoft1 and Arduino2 decided to team up to work on a solution that addresses the challenge of securely and efficiently connecting IoT devices to clouds in the most simplified way and through cellular networks. The level of trust required is enabled by a sophisticated ‘security-by-design’ approach for any IoT devices based on field-proven and standardised SIM or eSIM technology.
As a result, as soon as an IoT device is switched on, any SIM or eSIM featuring Thales’s IoT SAFE application is automatically and securely provisioned. Once the IoT device gets a proper Digital Certificate created and stored in the SIM/eSIM, then a trusted communication between the device and the server is permitted, in full respect of data integrity and confidentiality.
“The key role of GSMA IoT Safe specifications is to deliver scalable and future-proof IoT security for cellular networks. Being able to in future offer standardised easy to implement IoT security to our customers as part of our existing IoT connectivity service, is a huge leap forward in terms of IoT security for all use cases, including smart energy, automotive, health, and home solutions. We look forward to trialling this reference design with our IoT solutions,” said Gerhard Loots, Global IoT Solutions Executive at Telstra.
“As an active contributor of the GSMA specifications, and world leader in over-the-air platform solutions for credential life-cycle management, Thales is a key partner to address the challenge of scalable IoT security. With this hassle-free approach we support a sustainable and scalable trusted ecosystem from which all key stakeholders such as mobile network operators, device manufacturers, and IoT industries can benefit,” said Emmanuel Unguran, SVP Mobile and Connectivity Solutions at Thales.
“The collaborative effort between these international organizations demonstrates the importance of simplifying IoT security without compromise. By bringing together each IoT technology layer; device, software, network and cloud, we can deliver a more streamlined approach to IoT security. This allows customers and partners to focus on creating business value from their solutions while ensuring their IoT deployments remain secure,” said Tony Shakib, General Manager, Azure IoT Business Acceleration at Microsoft Corp.
“We are very pleased to be part of the dream team composed by Thales, Telstra and Microsoft” said Fabio Violante, CEO of Arduino. “The development of this tool was a teamwork and a proof that Arduino is a great partner to create solid, reliable and easy to integrate hardware and software IoT solutions.”