Security icon

Security

CryptoManager IoT Security Service

The CryptoManager IoT Security Service is a Security-as-a-Service solution that provides IoT service providers and OEMs an easy to use security solution from device-to-cloud.

Contact

Product Brief

IoT Security Service User Interface

With an ever-increasing number of IoT devices coming online every day, there is a critical need to have an easy to implement security between the physical devices and the cloud. The Rambus CryptoManager IoT Security Service is a turnkey device-to-cloud security solution for IoT devices and services that provides seamless secure device connectivity, security lifecycle management, and advanced device monitoring capabilities. Our solution is pre-integrated with leading cloud Platform as a Service (PaaS) providers and chipset manufacturers, creating a one-stop shop solution for OEMs and Service Providers.

Protecting Service High-Availability

The IoT Security Service significantly reduces the risk of application layer Distributed Denial of Service (DDoS) attacks and related service outages, utilizing the robust and easy to integrate turnkey security solution.

The IoT Security Service reduces the risk of devices being hijacked, copied, re-purposed, or even disabled, by a remote attacker by leveraging strong authentication between the device and service.

How it works

The CryptoManager IoT Security Service is comprised of a client software development kit (SDK) that is pre-integrated with the chipset SDK and IoT PaaS provider to enable an easy to deploy security solution. When a supported device is first powered up and connected to the internet, it is automatically identified and authenticated by our solution. IoT Security Service utilizes the IoT device root of trust to authenticate the device, provisions it with certificates to enable the secure connection between devices and the IoT service, and facilitates service providers to manage the security lifecycle management of their devices.

  • Turnkey Security: Security layer is transparent to the service provider and does not require changes to their service1. IoT Security Service is built, tested and provided as one integrated solution from chipset to service.
  • Rapid Time to Market: IoT Security Service is pre-integrated with the chipset hardware and SDK, and with the service provider’s selected cloud PaaS. It does not require the OEM to develop additional security software and it does not require the service provider to spend resources and time on cloud integration. It provides quick, easy and secure new device onboarding to quickly scale services.
  • In selected chipsets products, IoT Security Service utilizes Rambus CryptoManager™ hardware and pre-provisioned unique key, included in the IoT chipset. CryptoManager hardware have already shipped on over a billion chipsets.

CryptoManager IoT Security Service

Rambus CryptoManager IoT Security Service provides device-to-cloud secure connection to protect high availability of service and reduce risk of application layer DDoS attacks. Our out-of-the-box IoT security solution also features disaster recovery and key management, device verification, and key decommissioning and re-assignment. Rambus CryptoManager IoT Security Service client can be pre-integrated in three primary device architectures for IoT devices: a CryptoManager Security Engine with pre-provisioned keys, a third-party secure hardware and a ‘no security’ hardware scenario. For the first option, IoT Security Service utilizes Rambus CryptoManager hardware and pre-provisioned keys, which are already integrated in billions of chipsets.

Download eBook

IoT Security Service Components

The IoT Security Service client comes pre-integrated in three device architectures, allowing for it to be easily deployed on any type of device. Additionally, the IoT Security Service is integrated with leading IoT PaaS solutions allowing for flexible product deployment. Rambus provides all the required components to enable seamless integration for the OEM and service provider.

Device architecture 1 – CryptoManager Hardware
IoT device includes a silicon chip that integrates CryptoManager hardware Security Engine, and provisioned with Rambus unique device key.

Device architecture 2 – 3rd Party security hardware
IoT device utilizes a third pary hardware security engine, where Rambus can either use pre-provisioned key delivered to Rambus or offer factory key provisioning solution utilizing CryptoManager Infrastructure.

Device Architecture 3 – No security hardware
For cases where hardware security engine is not available, IoT device can utilize Rambus software base security engine, included in the IoT Security Service Software packages (SDKs). Keys can be provisioned by CryptoManager Infrastructure platform, Rambus factory key provisioning solution.

1When working with supported PaaS platform

Securing the Industrial Internet of Things

The rapid deployment of Industrial Internet of Things (IIoT) infrastructure has provided an attractive platform for targeted cyber attacks. IIoT security should therefore be viewed as a primary design goal, rather than a tertiary afterthought. To be sure, IIoT operators increasingly expect their devices to be protected out-of-the-box, whether on the factory floor, in an electrical substation or a water treatment plant. However, IIoT device OEMs and service providers need to be assured that securing the IIoT is not an insurmountable goal that negatively impacts routine operations, time to market or profitability. As such, industrial IoT devices should be protected by a turnkey security solution that can be easily implemented, maintained and upgraded to meet the evolving challenges of a dynamic threat landscape.

Download Whitepaper

Solution Offering

Cyber Security in the Era of the Smart Home

The widespread use of connected smart home devices has created an attractive target for cyber criminals and other unscrupulous operators. Smart home security should therefore be viewed as a primary design goal, rather than a tertiary afterthought. To be sure, consumers increasingly expect their devices to be protected out of the box, with seamless over-the air-updates (OTA) implemented securely. However, OEMs need to be assured that securing smart home devices is not an insurmountable goal that negatively impacts profitability or time to market. As such, smart home devices should be protected by a turnkey security solution that can be easily implemented, maintained and upgraded to meet the evolving challenges of a dynamic threat landscape.

Download Whitepaper

Inventions

DPA Countermeasures

security-icon
DPA Countermeasures are fundamental techniques for protecting against Differential Power Analysis (DPA) and related side-channel attacks. Consisting of a broad range of software, hardware, and protocol techniques, DPA Countermeasures include reducing leakage, introducing amplitude and temporal noise, balancing hardware and software, incorporating randomness, and implementing protocol level countermeasures.

IoT Cyber-Security – A Missing Piece of the Smart City Puzzle

Smart cities present a huge market opportunity of $1.56 trillion. However, the interconnectedness of devices introduces cyber-physical technologies that link cyber systems to physical systems, thereby removing the barrier between the cyber and physical worlds in smart cities and expanding the potential attack surface for malicious actors. As such, connected smart city devices and services should be protected by a turnkey security solution that can be easily implemented, maintained and upgraded to meet the evolving challenges of a dynamic threat landscape.

Download Whitepaper

Related Markets & Applications

Automotive
Mobile Edge
Data Center
IoT