The Internet of Things on AWS – Official Blog
Tag: device security
Identifying IoT device certificates with a revoked intermediate CA using AWS IoT Device Defender
Introduction Dynamically verifiable device identity is a foundational component of a Zero Trust Architecture (ZTA). Ongoing dynamic evaluation of identity and trust requires complete and timely visibility into relevant components of that identity. Active device certificates issued by a revoked intermediate Certificate Authority (CA) can pose a security threat due to the intermediate CA being […]
How to manage IoT device certificate rotation using AWS IoT
Introduction The Internet of Things (IoT) is transforming business operations and customer experiences across a variety of industries. This unlimited opportunity enables business transformation, but if not implemented correctly, it also brings security, risk, and privacy concerns, compromising your data and brand. In industrial facilities, OT (Operational Technology) environments are leveraging more IT solutions to improve […]
How to detect anomalies in device metrics and improve your security posture using AWS IoT Device Defender custom metrics
Introduction IoT applications and devices can be diverse and are used across industries such as utilities, agriculture, manufacturing, mining, and consumer electronics. With the exponential growth of IoT devices and the increasing threat landscape, it also means that IoT security needs to be accounted for and designed into the solution from the ground up. AWS […]
How to implement zero trust IoT solutions with AWS IoT
Introduction Zero trust is often misunderstood. It’s not a product but a security model and associated set of architectural principles and patterns. One of the main challenges customers face is determining how zero-trust principles can be applied to Internet of Things (IoT) and how to get started with incorporating zero trust with Amazon Web Services […]
Unlock the value of embedded security IP to build secure IoT products at scale
Introduction IoT product development crosses several domains of expertise from embedded design to communication protocols and cloud computing. Because of this complexity “end-to-end” or “edge-to-cloud” IoT security is becoming a challenging concept in the industry. Edge in many cases refers to the device as a single element in the edge-to-cloud chain. But the device must […]
Using a Trusted Platform Module for endpoint device security in AWS IoT Greengrass
Co-authored by Aniruddh Chitre, AWS Solutions Architect This post demonstrates how AWS IoT Greengrass can be integrated with a Trusted Platform Module (TPM) to provide hardware-based endpoint device security. This integration ensures the private key used to establish device identity can be securely stored in tamper-proof hardware devices to prevent it from being taken out […]
Support for Secure Elements in FreeRTOS
Secure elements represent a category of devices intended to enhance security in connected devices. For microcontroller (MCU)–based devices, secure elements provide tamper-resistant storage of private keys and certificates, and offloading of cryptographic functions from the host microcontroller. You can now leverage two new qualifications that include support for secure elements within Amazon FreeRTOS. These qualifications […]
Securing Amazon FreeRTOS devices at scale with Infineon OPTIGA Trust X
Post by David Walters, Senior Partner Specialist Solutions Architect, IoT at Amazon Web Services, and Artem Yushev, Applications Engineer, Embedded Security Systems, at Infineon. One of the most significant challenges for device manufacturers developing new microcontroller-based IoT devices is how to manufacture and provision those devices at scale without compromising security. In this blog post, we […]
Announcing Mitigation Actions for AWS IoT Device Defender
There’s a new way for you to act on information discovered by AWS IoT Device Defender audits. Now you can create mitigation actions for audit results that automate a response to alerts from an audit. AWS IoT Device Defender customers often say that it’s invaluable for how AWS gives them visibility into potential malicious device […]