Security Experts:

IoT Security: The EdgeX Advantage

It’s the best of the internet of things and the worst of the internet of things: unprecedented connectivity that creates both tremendous opportunity and considerable risk. In an environment extending from sensors and devices at the network edge to applications and services in the cloud, an end-to-end IoT ecosystem is essential to realizing opportunity without risking security, manageability and interoperability. That’s why I applaud The Linux Foundation’s recent announcement of the EdgeX Foundry™ Project

Created to build an open framework for IoT edge computing, EdgeX Foundry addresses the risks created by IoT’s complex interplay between multiple devices, connectivity protocols, applications and tools. This complexity is already fragmenting the nascent IoT market into competing segments, each promoting a different set of standards and frameworks. The resulting lack of a common framework makes it increasingly difficult and costly to develop pluggable services for capabilities such as security and management in a consistent and interoperable way. 

EdgeX Foundry couldn’t come at a better time, as architectural models such as fog computing emerge to bring data collection, storage and compute closer to data in devices and sensors. While there are clear advantages to such an approach, it also creates security and manageability challenges as apps and data are deployed at remote and potentially hostile edge environments.

With a modular architecture based on loosely coupled microservices, EdgeX Foundry attempts to unify the marketplace and enable vendors to provide interoperable components built to a common framework. It is designed to run on any hardware and operating system and support diverse application environments.

EdgeX Foundry High-level Architecture

EdgeX Foundry High-level Architecture (source: EdgeX Foundry)

It’s exciting to think of the many IoT edge security challenges EdgeX Foundry can address. Here are a few that spring immediately to mind.

 Visibility and monitoring for EdgeX nodes and connected devices: There is an increasing concern from enterprise IT about the lack of visibility into IoT endpoints. Ideally, IT needs global visibility from sensors and devices to gateways, routers, servers and other IT assets. 

 • Identity and access management for operators as well as devices:  Tasks such as device authenticity and onboarding, credential provisioning and device runtime authentication must be performed securely and at scale to meet IoT requirements. 

 • Data protection: For IoT to deliver its promised value and insight, data integrity and data provenance are key. As analytics and processing move closer to data sources (sensors and devices), protecting data at the edge, whether at rest or in transit, is critical.

With more than 50 members representing a diverse set of expertise, the EdgeX Foundry community provides a powerful and dynamic force for addressing IoT challenges in a collaborative environment under Linux Foundation governance. This environment allows for core services, such as security, to be built into a common foundation, while individual members can continue to innovate and add unique extensions as differentiated values. For RSA and other security vendors who would otherwise face the likely insurmountable challenge of attempting to secure competing platforms built to different architecture and for different hardware and software stacks, this announcement is great news. 
view counter
Riaz Zolfonoon is an RSA Distinguished Engineer and leads the Emerging Technologies group at RSA. He is responsible for defining the strategic vision for IoT security and collaborates closely with other divisions of Dell Technologies on IoT initiatives. Prior to this role, Riaz was responsible for the technical direction and architecture for RSA Identity products. Previously, he worked on a number of security technologies such as PKI, Multi-Factor Authentication, Web Access Management, and Identity-as-a-Service. Riaz is a co-inventor on 12 granted patents.
Previous Columns by Riaz Zolfonoon: