IoT Device to Cloud Authentication

A highly secure managed PKI solution covering IoT device authentication to public clouds.


IoT device authentication

There are many ways to authenticate IoT devices, i.e. pre-shared key, symmetric connection string, username & Password etc. Considering the ease of deploying IoT devices without compromising on security, Certificate-based (PKI) authentication would be the best practice for device authentication. 

Our managed PKI solution ensures the connected IoT devices are authenticated and users can manage the life-cycle of digital identity of the IoT devices by their preference. 

Picto SEAL SQ - Improved security

Improved Security

Compared to account/password login, certificate-based authentication is more secure and minimizes the risk of leakage of credentials.

Picto SEAL SQ - Ease of provisioning

Ease of provisioning

Certificates can be provisioned easily at the different stages of device manufacturing and the provisioning can be flexible to fit in IoT applications.  

Picto SEAL SQ - Lifecycle management

Lifecycle management

Managed PKI solution to handle all issued certificates through the full  lifecycle of IoT devices.

Picto SEAL SQ - Usage tracking

Focus on your dedication

Simple SaaS MPKI solution allows users to focus on their own application development

SEAL SQ ANAFI Ai & Skycontroller 4

The Challenge: The complexity of PKI technology and the maintenance

When designing the authentication of IoT devices in IoT applications, the tradeoff between security and convenience is always a debate. Especially when it requires significant investments, users are usually less informed about security and tend to compromise with security which can lead to disasters. PKI allows to give each object a unique identity avoiding the whole system to be compromised by an attack on a single device. However, implementing PKI can become very complex and costly.



The Solution: Managed PKI combined with a Secure device architecture

Our SaaS product, INeS CMS, is a “managed” PKI service that covers the PKI technologies, PKI infrastructures maintenance, digital identities management and continuous update. It reduces cost and complexity of implementing PKI technology into IoT applications. The combination of INeS MPKI with VaultIC Secure Elements provisioned using Vault-I-Trust services creates a unique vertical solution to easily and cost effectively implement secure Device-to-Cloud authentication across an IoT ecosystem. 

SEAL SQ Semiconductors Secure Device to Cloud or Network Authentication Drone_
Picto SEAL SQ - CA management

CA management

Users can configure the issuing CA for a specific organization of INeS CMS. INeS CMS supports Role Based Access Control (RBAC) for the users and its authority to manage resources in the organization (Multi-tenancy).

Picto SEAL SQ - Certificate Management

Certificate Management

INeS CMS supports the definition of certificate templates, the generation of standalone certificates or batch certificates, and the management of the issued certificates (i.e. monitor, revoke, re-key).

Picto SEAL SQ - Public cloud integration

Public cloud integration

INeS CMS integrates with public cloud services like AWS IoT Core and Azure DPS/IoT hub. IoT devices can easily onboard to a public cloud by using the certificates issued by INeS CMS for device attestation.

Picto SEAL SQ - Open interfaces support

Open interfaces support

RESTful APIs and EST enrolment are available for automating the certificate enrolment process and managing the life-cycle of devices. 

Picto SEAL SQ - Client library support-1

Client library support

Client library and sample code are supported in different programming languages.

Picto SEALSQ - Tamper Resistant

Secure Storage & Provisionning

Private keys can be provisioned and stored securely in VaultIC secure elements 

White Paper - Secure IoT Device to Cloud solution

 IoT Device to Cloud Authentication

In this paper we address a complex fundamental component of securing IoT: how to give devices and services secure identities so they can interact securely.


Fill the form to download our report