Hardening the security of Azure IoT Edge

Azure IoT Edge which recently became generally available, designs in security from the ground up with avenues for custom security hardening. Security hardening entails additional security measures for given deployments in response to perceived higher threats like physical accessibility of devices by malicious actors. But how do stakeholders go about with security hardening?

The nature of IoT, Azure IoT Edge included, is such that security threats differ between products and deployments, and solutions are seldom one size fits all. There’s always the need to balance security investments with protection goals and missing this balance results in either inadequate protection or overspending. One very important axis towards achieving this balance is to assess the risks on the IoT device and invest in adequate secure silicon hardware technologies like hardware security modules (HSM) for mitigation. HSM products widely vary in capabilities and cost with some costing orders of magnitude more than others. Rather than coerce the use of one HSM for security hardening, Azure IoT Edge takes a more customizing and accommodating approach.

Azure IoT Edge introduces the Azure IoT Edge security manager to facilitate achievement of this balance.

1807_EdgeSecurityManager

The Azure IoT Edge security manager is a well-bounded security core for protecting the IoT Edge device and all its components by abstracting the secure silicon hardware. It is the focal point for security hardening and provides technology integration point to original device manufacturers (OEM).

Azure IoT Edge security managers enable stakeholders to harden their deployments with secure silicon technologies optimal for their deployment. While original design and device manufacturers (ODM and OEM) are the primary technology integrators for hardening IoT Edge devices, all IoT Edge stakeholders participate in the choice of secure silicon technologies to integrate through independent contributions to demand and supply market forces.

One can envision IoT evolving to an era when the world adopts a single commonly trusted one security processor fits all with cost spread out across all stakeholders to become immaterial, but such is deep into the future. Until then, Azure IoT security manager enables all to meet custom security goals using technologies of choice.

Additional resources

Source: Azure Blog Feed

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.