Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cloud Security

Tech Companies Partner to Securely Connect IoT to Cloud

Thales, Telstra, Microsoft, and Arduino this week announced a partnership aimed at enabling the secure connection of IoT devices to the cloud.

Delivering end-to-end connectivity between devices and cloud platforms, the solution enables “instant and standardized mutual authentication” over cellular networks.

Thales, Telstra, Microsoft, and Arduino this week announced a partnership aimed at enabling the secure connection of IoT devices to the cloud.

Delivering end-to-end connectivity between devices and cloud platforms, the solution enables “instant and standardized mutual authentication” over cellular networks.

Moreover, it is fully compliant with the GSMA IoT SAFE (IoT on-SIM Applet For Secure End-2-End Communication) security specifications, which provide a standard for the use of Secure Elements (SIM, eSIM, eSE) to secure IoT applications.

With billions of IoT devices transferring data to and from the cloud, ensuring security requires both the IoT cloud service and the device to trust the received data. Mutual authentication ensures that the device and the cloud trust each other, but the fragmentation of the IoT market means that security services scalability and duplication are very limited.

Thales, Telstra, Microsoft, and Arduino seek to address the challenge of connecting IoT devices to clouds in a secure manner through cellular networks. The required level of trust is ensured through the use of the standardized SIM or eSIM technology.

Through this partnership, the SIM or eSIM inside an IoT device is automatically and securely provisioned, as long as they have Thales’s IoT SAFE application on them. The trusted communication with the cloud is ensured through digital certificates created and stored in the SIM/eSIM.

Microsoft’s contribution to the IoT SAFE solution includes Azure IoT Hub, Azure Stream Analytics, Cosmos DB, and Power BI services. Arduino contributed with a new open-source library that implements the security mechanism of GSMA IoT Safe on the MKR NB 1500 boards and also provides an alternative to the crypto chip on the Arduino board.

“The collaborative effort between these international organizations demonstrates the importance of simplifying IoT security without compromise. By bringing together each IoT technology layer; device, software, network and cloud, we can deliver a more streamlined approach to IoT security. This allows customers and partners to focus on creating business value from their solutions while ensuring their IoT deployments remain secure,” said Tony Shakib, general manager of Azure IoT Business Acceleration at Microsoft.

Related: Kr00k Vulnerability Exposed Data From Over a Billion Wi-Fi Devices

Related: Cisco Launches Industrial IoT Security Solution

Related: Microsoft Makes Azure Security Center for IoT Generally Available

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Management & Strategy

Tens of cybersecurity companies have announced cutting staff over the past year, in some cases significant portions of their global workforce.

Management & Strategy

Microsoft making a multiyear, multibillion dollar investment in the artificial intelligence startup OpenAI, maker of ChatGPT and other tools.

IoT Security

Lexmark warns of a remote code execution (RCE) vulnerability impacting over 120 printer models, for which PoC code has been published.

Application Security

A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.

Application Security

Many developers and security people admit to having experienced a breach effected through compromised API credentials.