Security icon


CryptoManager IoT Security Service

The CryptoManager IoT Security Service is a Security-as-a-Service solution that provides IoT service providers and OEMs an easy to use security solution from device-to-cloud.


Product Brief

IoT Security Service User Interface

With an ever-increasing number of IoT devices coming online every day, there is a critical need to have an easy to implement security between the physical devices and the cloud. The Rambus CryptoManager IoT Security Service is a turnkey device-to-cloud security solution for IoT devices and services that provides seamless secure device connectivity, security lifecycle management, and advanced device monitoring capabilities. Our solution is pre-integrated with leading cloud Platform as a Service (PaaS) providers and chipset manufacturers, creating a one-stop shop solution for OEMs and Service Providers.

Protecting Service High-Availability

The IoT Security Service significantly reduces the risk of application layer Distributed Denial of Service (DDoS) attacks and related service outages, utilizing the robust and easy to integrate turnkey security solution.

The IoT Security Service reduces the risk of devices being hijacked, copied, re-purposed, or even disabled, by a remote attacker by leveraging strong authentication between the device and service.

Mitigating DDoS Attacks with Secure IoT Endpoints

IoT life-cycle management should be implemented via a hardware root-of-trust to ensure secure updates of firmware and cryptographic keys. A hardware root-of-trust with a cryptographic identifier also allows each IoT device to be uniquely and cryptographically verified to determine if it is authorized to connect to a specific cloud service. Spoofed or unauthorized devices are easily identified by the service and denied access. This secure connectivity paradigm helps mitigate the effectiveness (and damage) of DDoS attacks against the IoT service itself, while ensuring the integrity and protection of collected data.

Download White Paper

How CryptoManager IoT Security Service works

The CryptoManager IoT Security Service is comprised of a client software development kit (SDK) that is pre-integrated with the chipset SDK and IoT PaaS provider to enable an easy to deploy security solution. When a supported device is first powered up and connected to the internet, it is automatically identified and authenticated by our solution. IoT Security Service utilizes the IoT device root of trust to authenticate the device, provisions it with certificates to enable the secure connection between devices and the IoT service, and facilitates service providers to manage the security lifecycle management of their devices.

  • Turnkey Security: Security layer is transparent to the service provider and does not require changes to their service1. IoT Security Service is built, tested and provided as one integrated solution from chipset to service.
  • Rapid Time to Market: IoT Security Service is pre-integrated with the chipset hardware and SDK, and with the service provider’s selected cloud PaaS. It does not require the OEM to develop additional security software and it does not require the service provider to spend resources and time on cloud integration. It provides quick, easy and secure new device onboarding to quickly scale services.
  • In selected chipsets products, IoT Security Service utilizes Rambus CryptoManager™ hardware and pre-provisioned unique key, included in the IoT chipset. CryptoManager hardware have already shipped on over a billion chipsets.

CryptoManager IoT Security Service

Rambus CryptoManager IoT Security Service client can be pre-integrated in three primary device architectures for IoT devices: a CryptoManager Security Engine with pre-provisioned keys, a third-party secure hardware and a ‘no security’ hardware scenario. For the first option, IoT Security Service utilizes Rambus CryptoManager hardware and pre-provisioned keys, which are already integrated in billions of chipsets. Rambus CryptoManagerIoT Security Service is available to customers on a Software-as-a-Service (SaaS) subscription basis.

Download eBook
secure connectivity from device to cloud

IoT Security Service Components

The IoT Security Service client comes pre-integrated in three device architectures, allowing for it to be easily deployed on any type of device. Additionally, the IoT Security Service is integrated with leading IoT PaaS solutions allowing for flexible product deployment. Rambus provides all the required components to enable seamless integration for the OEM and service provider.

Device architecture 1 – CryptoManager Hardware
IoT device includes a silicon chip that integrates CryptoManager Root of Trust, and provisioned with Rambus unique device key.

Device architecture 2 – 3rd Party security hardware
IoT device utilizes a third pary hardware security engine, where Rambus can either use pre-provisioned key delivered to Rambus or offer factory key provisioning solution utilizing CryptoManager Infrastructure.

Device Architecture 3 – No security hardware
For cases where hardware security engine is not available, IoT device can utilize Rambus software base security engine, included in the IoT Security Service Software packages (SDKs). Keys can be provisioned by CryptoManager Infrastructure platform, Rambus factory key provisioning solution.

1When working with supported PaaS platform

Securing the Connected Ecosystem: Leading Security Solutions and Approaches for IoT

In this Frost & Sullivan analysis, the report describes key requirements in the Internet of Things (IoT) security market and presents details of how Rambus addresses these needs through effective, economical and easy-to-deploy IoT security solutions.

Download Report

Solution Offering

From the blog

Related Markets & Applications

Mobile Edge
Data Center