AuthentiCA is a Cloud-based Certificate Authority Service
AuthentiCA is A cloud-based certificate authority service that allows users to easily issue certificates, manage queries, renewals, and revocations. From IoT device manufacturers where high security levels are required, IoT service providers who need safer services, and to developers wishing to strengthen security of existing IoT products – simple certificate issuance and management is available for all the above and anyone else in need.
- Issue X.509, IEEE 1609.2 certificates optimized for IoT environment.
- X.509 : Smart Factory, Smart Metering, Smart Home
- IEEE 1609.2 : Smart Car
- ISO 11518 : Electric Vehicle (will be supported on Feb 2018)
- Provides certificate management service such as certificate inquiry / verification / revocation.
- Supports certificate renewal function.
- Securely manage the certificate key.
Safe User and Device Authentication
Device identification and authentication are security’s two most important factors in the IoT environment where all devices are connected to the internet.
However due to difficulty and limitation in users actively carrying out authentication processes, it is recommended to have certificates within devices.
AuthentiCA authorizes devices via a simple certificate issuance process, and thereby verifying devices.
Sensitive Data Encryption
Threat of data deception and tampering exist in the communication process between IoT devices.
There is also the risk of personal information leakage such as user location and access records.
AuthentiCA is a PKI-based service that encrypts data through public key cryptography, and encrypts all data including communication data within the IoT device.
What is CA?
CA (Certificate Authority) is an authority that issues and manages certificates. As it verifies user ID, and signs certificates to prevent certificate forgery and manipulation, it plays a similar role as government agencies that check and handle traveller passports.
What are certificates?
Certificates are electronic files used for unique identification of user or device using the internet. It can be regarded as passports for internet users as it identifies certificate owners and provides important information.
Why provide cloud-based certificates?
Deploying a private certificate authority requires high costs. Despite the importance of security, such high costs are difficult to be overlooked. The management of certificates is also demanding as it calls for an internal security expert, and the need for developing certificate integration modules. All the above difficulties can be resolved by utilizing the Cloud CA platform. The Cloud CA platform offers a simple and low cost certificate issuance & management service available for all types of users.
How are certificates used in IoT environments?
Certificates for device authentication can be issued prior to connecting devices to the internet. Furthermore, device authentication can be carried out during service and transmission.
User privacy can be violated when data is hacked during data transmission from device to server. Accordingly, data encryption with certificates becomes mandatory in order to protect sensitive data.
What environments can Penta AuthentiCA be used in?
Security environments for Smart Factory, Smart Home, and Smart Energy can be created using the X.509 certificate provided by AuthentiCA. Likewise, Smart Car specific certificates are available for securing Smart Cars. Moreover, SSL/TLS Server certificates can be utilized in securing sessions between server and client.