WISeKey Unique Root of Trust Model
A Root of Trust (RoT) is the basis for a global end-to-end security solution. A RoT serves as a common trust anchor, which is recognized by the operating system (OS) and applications, to ensure the authenticity, confidentiality and integrity of on-line transactions. With the certificates signed by this cryptographic RoT, embedded in the device, the IoT product manufacturers can use PKI (Public Key Infrastructure) technologies to secure interaction among objects and between objects and people.
WISeKey is the trusted operator of the International Organization for the Security of Electronic Transaction (OISTE) Global Root, which is widely distributed in commonly used software.
The OISTE Foundation is working with the United Nations and International Organizations. Swiss neutrality, security, and privacy laws allow operations without geo-political or governmental constraints. It Root of Trust is set in a military grade bunker located in the Swiss Alps.
Based on Trusted Root Keys, WISeKey can be the Certificate Authority (C.A.) generating digital certificates for your application.
Use of Digital Certificates
The digital certificate and associated cryptographic assets are used to identify and authenticate devices during their entire life. Only trusted devices can connect to secure networks.
Digital certificates, for instance SSL certificates, can also be used to secure communication channels from devices to gateways/routers, and from gateways/routers to servers.
WISeKey also offers solutions to control the device’s firmware integrity at initial stage (bootloader) and during upgrades in the field.
Certificate Management System
The WISeKey Certificate Management System (CMS) is a software tool with user friendly interface that allows to manage the life-cycle of subscribers and their digital certificates.
The optional security broker allows to authenticate and validate the messages coming from the different IoT devices and transfer only trusted messages to the IoT platform of our customer. The WISeTrust IoT framework can be easily integrated into customer IoT platform as the customer does not need to implement additional security mechanisms.
The WISeKey CMS also includes secure provisioning solutions to help maintain a consistent high system security, even when the IoT device is in an unsecured environment (contract manufacturers, in the field). Devices configuration and firmware upgrades are made easy and secure at any time.
WISeKey CMS can be installed in customer premises, bur for the ones not willing to deploy their own infrastructure, WISeKey can provide trusted services from any of its local secure datacenters in Switzerland, USA, India or China. The managed platform can be accesses through a browser and a web-service API.
WISeKey Certificate Management System is also compatible with third party C.A. based on Microsoft or Enterprise Java Beans Certificate Authority (EJCBA) open source C.A.
It’s mandatory to protect the data when the devices are in operation, but it is as important to protect the devices and related data when the devices are being manufactured or in maintenance.
WISeKey Provisioning solution allows to securely inject security assets, perform device configuration, upgrade software when the devices are being manufactured or in the field running in a non-secure environment.
Secure Element: VaultIC
VaultIC is a product family, ranging from tamper-resistant Integrated Circuits to software vaults, to be used as a companion to the IoT-device host processor. VaultIC chips feature a configurable cryptographic tool box for authentication, confidentiality and integrity, executed in a secure environment. VaultIC embeds on-chip non-volatile tamper resistant data storage capabilities for keys, certificates and customer data.
The VaultIC chips’ low-power consumption profile make them a viable solution to meet the limited power budgets of IoT devices. VaultIC comes with middleware enabling secure boot, secure firmware update for IoT devices secure communication (SSL/TLS).
Summary data sheets
VaultIC182 is a Secure microcontroller solution designed to secure various types of systems against counterfeiting, cloning or identity theft. It is a hardware security module that can be used in many applications such as IP protection, access control or hardware protection.
The proven technology used in VaultIC182 security modules is already widespread and used in national ID/health cards, e-passports, bank cards (storing user Personal Identification Number, account numbers and authentication keys among others), pay-TV access control and cell phone SIM cards (allowing the storage of subscribers’ unique ID, PIN code, and authentication to the network), where cloning must definitely be prevented.
Read More about WISeKey’ solution by downloading VaultIC 182
The VaultIC405 is an ASSP designed to secure various systems against counterfeiting, cloning or identity theft. It is a hardware security module that can be used in many applications such as IP protection, access control or hardware protection.
Read More about WISeKey’ solution by downloading VaultIC405