Earlier this month, Charles Murray of Design News sat down with Rambus Sr. Director of Security Products Asaf Ashkenazi to discuss the company’s recently launched IoT Device Management service.
According to Ashkenazi, the service provides a secure channel between IoT devices and their cloud servers – and requires little or no security expertise on the part of the equipment designers.
“With many of these [IoT] devices, anyone can connect to them. They have no authentication, no encryption. You can connect to them from anywhere in the world and manipulate them. It’s really scary,” he told Design News. “[So], we’re providing end-to-end secure connectivity and it’s all pre-integrated. You don’t need to have security experts – not in the cloud or at the client.”
Ashkenazi also emphasized that IoT systems are particularly vulnerable to security lapses, largely because they are at once simpler, yet more difficult and costly to protect. Moreover, developers of such systems tend to be less familiar with the importance of security.
“If I’m an engineer who has worked throughout my career on washing machines, I can put a wireless module on my product, but I may not know what to do for security,” he stated.
This is why Rambus designed its new service as a turnkey, fast-time-to-market solution, says Ashkenazi. Because the software modules are pre-integrated at both ends of the IoT wireless connection, design engineers don’t need to be security experts.
“In terms of security fundamentals, the IoT doesn’t need anything new. Those were invented a long time ago. We’re just making it easy to use,” he added.
As Murray points out, Rambus launched its IoT Device Management only days after a massive cyberattack crippled computer hardware around the world.
“Rambus aims to head off such attacks with a form of security that locks up all the IoT system’s Internet communication. Once a Rambus-supported device is powered up and connected to the Internet, it is automatically identified and authenticated by the IoT Device Management system,” he explained. “The device is then securely provisioned over the air, creating a secure communication channel. Data encryption and decryption, mutual authentication and key management is handled automatically by the software. The service could potentially plug a gaping hole in IoT applications, the majority of which are woefully unsecured.”
The Rambus IoT Device Management, says Murray, comprises software modules that are pre-integrated into the firmware of chipsets made by silicon vendors who manufacture microprocessors, microcontrollers and wireless devices. The technology can also be pre-integrated into the platforms of cloud service providers.
Interested in learning more about Rambus’s IoT Device Management? You can check out our product page here and download our eBook below.