| Trusted Objects and Nexus Group partner to expand secure digital identity to all IoT devices
Trusted Objects, an expert in cybersecurity technologies for embedded systems and cloud device management platforms, is pleased to announce its partnership with Nexus Group, a part of the French IN Groupe, a European leader and innovative identity management company.
AIX-EN-PROVENCE, FRANCE, February 22, 2022
According to IoT Analytics, the global number of connected IoT devices has hit 12 billion active endpoints; by 2025, there will likely be more than 27 billion IoT devices connected. This trend will inevitably lead to an increasing number of cyberattacks and will result in greater risks for enterprises. Securing the full IoT chain is becoming crucial. The cornerstone for device-to-cloud security is the capability to assign to each device a unique digital identity and to manage it securely all along the life cycle.
Nexus Group has developed the Smart ID IoT software and Nexus GO IoT cloud platform which enable companies from all industries to issue and manage the lifecycle of trusted identities for IoT devices. This is achieved using Public Key Infrastructure (PKI) security technology that provides secure digital identities in the form of cryptographic keys and digital certificates.
Securely provisioning, storing and managing these keys and certificates inside IoT devices is a major challenge for IoT application providers. Trusted Objects and Nexus Group have worked closely to fill the gap; the two companies offer a joint security solution to manage devices’ identities automatically over the lifetime of the devices; from manufacturing to usage in the field. In this way, all IoT devices, including those with limited computing power and communication bandwidth, can secure device-to-cloud or machine-to-machine communication and firmware upgrades.
The joint security solution comprises several standard products of the partners:
- to-protect, Trusted Objects’ software-based Root-of-Trust for any microcontroller unit (MCU), and tops plug&go, a secure MCU manufacturing solution. Both products are fully integrated into the Nexus PKI solution. At the time of the MCU production, tops plug&go provisions an initial PKI-based identity to the IoT device. tops plug&go operates securely even in an uncontrolled environment. tops plug&go securely connects to the Nexus Factory CA (Certificate Authority) to obtain the “factory certificate” and forwards it to the MCU during programming. The factory certificate can be used to trace and authenticate the device at any point throughout the supply chain and once deployed.
- to-protect, Trusted Objects’ software Root-of-Trust, is an on-board security solution for the storage and the protection of the “factory key and certificate”. Once the IoT device should be onboarded to a cloud-based IoT service, to-protect will generate a new PKI key and request an “application certificate” from Nexus GO IoT, Nexus Group’s cloud-based PKI service. With the help of the securely stored PKI key and application certificate, and the trusted TLS client software in to-protect, the device can authenticate at the cloud application and establish secure encrypted communication.
- to-protect, Trusted Objects’ software Root-of-Trust, is an on-board security solution for the storage and the protection of the “factory key and certificate”. Once the IoT device should be onboarded to a cloud-based IoT service, to-protect will generate a new PKI key and request an “application certificate” from Nexus GO IoT, Nexus Group’s cloud-based PKI service. With the help of the securely stored PKI key and application certificate, and the trusted TLS client software in to-protect, the device can authenticate at the cloud application and establish secure encrypted communication.
- Nexus’ general-purpose PKI solution is based on 30+ years of consequent development of Certificate Authority software and the adaptation of a broad range of open PKI standards. The CA software is delivered for the joint solution, on one hand, as a Factory CA software appliance for easy on-premises deployment and, on the other hand, as cloud-based SaaS service under the brand Nexus GO IoT. In both delivery forms, the PKI solution is very flexible in terms of certificate templates, CA hierarchy and certificate management APIs. The Nexus GO IoT service takes the burden of investment, staffing and compliant operation of a PKI service from the subscribers, and provides CA services at affordable costs even for small-mid size organizations.
Trusted Objects and Nexus’ partnership empowers IoT device vendors and application providers to implement a seamless, secure, and automated certificate management solution in their supply chain and applications.
Jean-Pierre Delesse, COO and co-founder of Trusted Objects, declares: “Thanks to great synergies and complementarities with Nexus, we could reach an important milestone of our mission to secure the IoT applications. We are eager to continue this cooperation with Nexus and together change the game in the field of IoT security.”
Tamás Horváth, Innovations Manager IoT at Nexus Group says: “IoT device manufacturers and application vendors should be able to focus on creating the core business value of their application and add security as an off-the-shelf solution. Our joint proposal with Trusted Objects provides automated certificate management and a secure communication solution very much transparently to the application software. IoT vendors can put a check on secure device-to-cloud communication.”
About Trusted Objects
Trusted Objects is a leading independent player in cybersecurity technologies for embedded systems and cloud device management platforms. Trusted Objects provides innovative solutions including secure software and secure operations to dramatically enhance the whole security chain, from device to cloud. Thanks to its longstanding expertise, Trusted Objects designs products and solutions that change the game, with a focus on ease of integration and user-friendliness, while complying with the latest standards in terms of security.
Trusted Objects to-security products and services for constrained devices are positioned to create trust all along the value chain including devices, networks, clouds and manufacturing.
Contact:
More information at www.trusted-objects.com
About Nexus
Nexus Group, a part of IN Groupe, is a European leader and innovative identity management company. It secures society by enabling trusted identities for people and things. Nexus develops a range of security products that form the Smart ID platform and the Nexus GO services based on it. Through Nexus solutions, organizations are enabled to issue and manage the lifecycle of trusted workforce identities as well as identities for workplace devices and the internet of things (IoT). The Nexus Smart ID platform and GO services empower customers to implement a smooth, automated, and governed environment for secure trusted identities.
Nexus is headquartered in Stockholm, Sweden and has over 300 committed employees across Europe and India, as well as a global partner network. Nexus Group is certified in information security according to ISO 27001 and TISAX. Since transparency is a prerequisite for trust, all our products and services are documented online.
Contact:
Daniel Hjort, CMO, contact@nexusgroup.com
More information at www.nexusgroup.com