GlobalSign and Infineon combine forces to strengthen IoT device identity and trustworthiness
Cross-signed endorsement certificates for Trusted Platform Modules (TPM) enable system integrators and solution operators to securely enrol devices with minimum effort.
GMO GlobalSign and Infineon Technologies, have announced a solution that secures, simplifies, and streamlines device enrolment into Microsoft Azure IoT Hub and IoT Hub Device Provisioning Service. The collaboration eases complex device identity integration challenges and delivers a proven path for IoT device security literally from chip to cloud.
Central to the solution is the cross-signing of Infineon’s on-premises CA, by GlobalSign’s globally recognised and WebTrust audited CA, expanding the trustworthiness of the endorsement certificates that Infineon self-issues and flashes onto each of their OPTIGA™ TPM SLM 9670, and making them verifiable up to the GlobalSign Root CA. With a globally recognised and trusted endorsement certificate, each Infineon TPM can then connect to GlobalSign’s IoT Edge Enroll Registration Authority on the IoT Identity Platform anytime throughout their lifecycle to be seamlessly enrolled into Azure with verifiable identity and security confidence.
“A healthy and secure IoT ecosystem is stronger with strategic partners who innovate and collaborate,” said Lancen LaChance, Vice President IoT Solutions, GlobalSign. “GlobalSign and key technology partners like Infineon and Microsoft Azure foster success for our mutual customers. Together we have built a competitive advantage for IoT device manufacturers, system integrators and operators that gives them a secure, seamless path to Azure enrolment.”
“Unique device identities are essential to connect securely to the cloud,” said Juergen Rebel, Vice President and General Manager Embedded Security at Infineon Technologies. “With our new OPTIGA TPM integration kit, you can connect your device securely to Microsoft Azure IoT in less than an hour.”
The result is that the process of secure device enrolment into Azure services is streamlined and simplified. “All devices enrolled into Microsoft Azure require authenticated identities, so the importance of strong, secure device identities is crucial,” said Sam George, Corporate Vice President of Azure IoT, Microsoft Corp. “Infineon and GlobalSign have minimised the effort needed for system integrators and solution operators to securely enrol their devices into Azure, helping everyone in the supply chain. It delivers a secure, low-touch option for Azure enrolment.”
Adding a cross-signed TPM into the supply chain also offers a unique opportunity to align secure device identity with a device’s origin at production, hardening device identity and authentication, while expanding trust in the ecosystem at every stage in the device identity lifecycle, anywhere downstream.
Azure IoT Hub provides a cloud-hosted solution backend to connect virtually any device and enables highly secure and reliable communication between your IoT application and the devices it manages.
About GMO GlobalSign
As one of the world’s most deeply-rooted certificate authorities, GlobalSign is the leading provider of trusted identity and security solutions enabling businesses, large enterprises, cloud-based service providers and IoT innovators worldwide to conduct secure online communications, manage millions of verified digital identities and automate authentication and encryption. Its high-scale PKI and identity solutions support the billions of services, devices, people and things comprising the IoT. A subsidiary of Japan-based GMO Cloud KK and GMO Internet Group, GMO GlobalSign has offices in the Americas, Europe and Asia. For more information, visit https://www.globalsign.com