In-brief: GlobalSign became the latest certificate authority to say that it can now do PKI certificate issuance at massive scale, providing a way to manage identities for the Internet of Things.
There was news on the “identity” front for Internet of Things this week. GlobalSign, the Certificate Authority, became the latest Certificate Authority to say that it can now do PKI certificate issuance at Internet of Things scale.
Get the New 2017 SANS Research Report on 'Threat Hunting' -- Written by experts from the SANS Institute, the survey reveals a number of interesting data points about the challenges and benefits of threat hunting.
The company said on Tuesday that its managed PKI service can now issue thousands of PKI certificates per second – billions per month – to meet the needs of device makers and other smart thing providers.
From their blog post:
We have reached a turning point where manufactures and integrators of SCADA systems, smart home appliances and consumer electronics, network core and customer premises equipment can easily create unique identities for their devices and mesh them into a trusted communication model. PKI has traditionally had a steep learning curve that has slowed down its adoption. Our new platform effectively commoditizes identity and security between devices by setting the bar of admission much lower in terms of both ease of use and service responsiveness.
The Internet of Things has presented a conundrum to CAs like GlobalSign, which grew to prominence issuing certificates for web sites and applications. The scale and demands of IoT devices, however, are far different and require both speed and agility in issuing and revoking certificates at the scale of millions or billions at a time. At the same time, the stakes for strong identity on the IoT are higher, especially where connected devices operate in the physical world with real world consequences. GlobalSign and other certificate issuers have gotten heat in the past for lax procedures around certificate issuance and verification.
That has led some – including the Department of Homeland Security – to look at alternative verification schemes, such as Blockchain, to prove the identity of connected things and do an end run around the IoT scale problem.
GlobalSign is just the latest identity provider to claim to have an IoT-ready solution. Earlier this month, DigiCert announced a program with the firm DeviceAuthority to allow connected device makers to do auto-provisioning of digital certificates at scale.