Creating IoT security standards

Oct. 13, 2018
Security-solutions provider Kyrio, a subsidiary of CableLabs, has been named the Public Key Infrastructure (PKI) Management Authority for the Open Connectivity Foundation (OCF), an Internet of Things (IoT) standards body ...

Security-solutions provider Kyrio, a subsidiary of CableLabs, has been named the Public Key Infrastructure (PKI) Management Authority for the Open Connectivity Foundation (OCF), an Internet of Things (IoT) standards body that has created specifications dealing with device identity and access, among others. Kyrio also has been chosen as a Registration Authority provider with Comodo CA as a certificate authority to provide digital keys to the OCF's qualifying members.

"OCF was looking for suppliers of certificates, but also looking for a company to manage the process and act on behalf of OCF," said Mitch Ashley, president and general manager, Kyrio.

As such, Kyrio will be responsible that anyone contributing to the OCF ecosystem is in compliance with standards to make sure that high levels of security are delivered through PKI. In addition to audits, Kyrio will coordinate timelines so that IoT device manufacturers, which require a long lead time, can have PKI delivered on the line at the right time. Ongoing will be how to manage an ecosystem of devices and ensure certificates can be and are upgraded.

"Things happen, and (companies or technology) are bought and sold all the time. If there is a new company or product line, how can it be subsumed into the PKI (authority)?" Ashley said.

The goal is to make sure different IoT devices interoperate with other products and can communicate securely. "Communications is what the OCF standard is about. PKI is one aspect of how it is implemented," Ashley said.

In other words, a thermostat might need to talk with outdoor sensors, and must know that they are what they say they are and that they are authorized to have access to the smart home network. The OCF specification helps the devices understand each other even if they are from different manufacturers, and the PKI certificates help authenticate the products.

As a registration authority, Kyrio, with Commodo, assigns and manages the process for getting certificates. It helps businesses get inventory and makes sure that the device certification is passed and that it can be part of the OCF ecosystem.

Kyrio was selected by OCF because through its parent company it operated one of the largest global multivendor PKI ecosystems and has issued more than half a billion certificates to devices that go into homes and businesses globally.

"That is a (great) deal of experience we bring to the manufacturers," Ashley said. "How do they get certificates into the manufacturing environment."

Sponsored Recommendations

Coherent Routing and Optical Transport – Getting Under the Covers

April 11, 2024
Join us as we delve into the symbiotic relationship between IPoDWDM and cutting-edge optical transport innovations, revolutionizing the landscape of data transmission.

Data Center Network Advances

April 2, 2024
Lightwave’s latest on-topic eBook, which AFL and Henkel sponsor, will address advances in data center technology. The eBook looks at various topics, ranging...

Supporting 5G with Fiber

April 12, 2023
Network operators continue their 5G coverage expansion – which means they also continue to roll out fiber to support such initiatives. The articles in this Lightwave On ...

FTTx Deployment Strategies

March 29, 2023
Cable operators continue to deploy fiber in their networks at anincreasing rate. As fiber grows in importance, proper choices regardinghow to best fit fiber to the home together...