IoT SECURITY FIRST

 

To best serve our enterprise customers,

IoT security has always been ClearBlade's top priority.

 

 

IoT Security - ClearBlade Product Development Principles

 

 

 

 

 

 

This core drive to be secure results in product development practices that:

 

  • Embrace open community accepted standards.
  • Utilize approved practices and libraries with openness and public validation, security by open validation; not by obscurity.
  • Continual updates ensure the strongest and most current defense. We develop with the intent to update, resolve, and protect against  future vulnerability discoveries.
  • Default permissions are always set to none, no lazy development permitted.
  • No back doors! Build a security model that doesn’t require secret master permission.

IoT Security – Client IoT Solution Fundamentals

 

 

 

 

 

For our solutions and delivery this means:

 

  • Judicious privileges - Never over empower a user or device beyond its necessity.
  • API layer abstraction - Leverage API layers to protect and guard systems of record along with their system credentials.
  • Specific Auth Model - Create and implement the auth model that matches the needs of the solution.

IoT Security – Compliant and Flexible Architecture

 

Enterprises need solutions that are flexible beyond clouds and across their internal infrastructure. ClearBlade recognized this  and built a flexible deployment architecture from the ground up. Highly successful security practices today involve using layers of network trust.  This means that corporations leverage firewalls, DMZs, internal intranet and enterprise network control models as defined in the Purdue Enterprise Reference Architecture.

 

The flexibility of the architecture unique to ClearBlade is best summarized by:

 

  • Platform performs optimally on any infrastructure.  There is no dependency on cloud specific APIs or definitions.  The ClearBlade platform will run on any linux OS leveraging containers to fit within the boundaries of your secure network.  Whether virtualized or bare metal, ClearBlade can install and run securely next to your core systems and behind your firewall.
  • Local Edges – Even when using a cloud based platform its still possible to build IoT systems that have secure access behind your firewall.  The ClearBlade Edge devices can provide critical enterprise integration, run within the enterprise security requirement, and manage entire remote IoT applications.  The edges provide ways to leverage cloud value, while protecting your enterprise security.

IoT Security

Core Technical Implementation

 

Technically, the ClearBlade Platform provides IoT System security incorporating the elements as detailed below.

 

 

 

IoT Security Authentication

 

ClearBlade enforces a token based authentication model for both authenticated and anonymous interactions.  This means that every interaction in the system requires a device and user to gain a valid token.

 

 

This token model enables:

 

  • Comprehensive auditing of every session.
  • Simple customization to allow for system specific duration.
  • Extensibility for third party user registries to grant the permission.
  • Override capability to build 2 factor auth.
  • Flexibility to leverage user credentials / device keys / trusted certificates.

IoT Security Authority

 

ClearBlade provides a role based authority model for granting privileges.  The ability to allow only specific actors, whether a device or user, to access each granular element of a system.

 

 

This means you can design specific control limits or expand who can perform actions such as:

 

  • Which devices can send messages,
  • What users are able to read a data collection,
  • Which administrators can update user information,
  • What enterprise systems can call your APIs.

IoT Security Awareness

 

Recognizing the potential for emerging threats, ClearBlade has made IoT system awareness core to its offering. Security is always evolving and while building the best solution upfront is desired, there are often attempts at intrusion and abuse of your IoT system.

 

 

With ClearBlade you have the ability to:

 

  • Audit every transaction including API calls, messages, user actions, data CRUD ever performed.
  • Get real time system usage to identify for abnormal behavior like if a single credential is accessing large amounts of data.
  • Integration volume to rapidly see if enterprise applications are behaving with unidentified network traffic.
  • Device activity to ensure you are receive expected heart beats and payloads from your connected devices.

IoT Security Encryption

 

By encrypting your data you can be sure that no matter what server it resides on or what network infrastructure it travels over, the secured data can not be read by prying eyes.

 

 

ClearBlade leverages the community best practices to ensure that data is encrypted during:

 

  • Transit – TLS  using SHA-2 256 encryption
    • Engrained for all users communicating to the platform
    • Integrated for enterprise applications sharing information  (additional 3rd party encryption may be leveraged)
    • Embedded into devices, adding an additional protection layer, even when their source protocol offers limited security
    • Inherit in every transaction between the ClearBlade EDGE and IoT Platform
  • Internal Transit – As a platform instance scales into a cluster, many instances of the platform work together to handle a huge work load.  This communication between each node is encrypted with a third party trust authority so that you can be sure your data is not visible to your cloud vendor, hosting provider, or internal IT.
  • At REST -  When data is finally stored or cached in the ClearBlade platform it is optionally encrypted.  This encryption allows you to be sure that even if the low level file system hosting your platform is compromised, your data will be safe  from unwanted parties.

ClearBladeTM is the enterprise Internet of Things software company to rapidly engineer and run real-time, scalable Industrial IoT applications.

 

ClearBlade enables companies to build IoT solutions that make streaming data actionable by combining business rules and machine learning with powerful visualizations and integrations to existing business systems.  Built from an enterprise-first perspective, the ClearBlade Platform runs securely in any cloud, on-premise, and at the edge.

CONTACT INFO

103 E 5th Street, Austin TX 78701

1-512-686-3037

Patent numbers  9038015 | 9274763

© 2016 ClearBlade Inc. |  Terms of Use

ClearBladeTM is the enterprise Internet of Things software company to rapidly engineer and run real-time, scalable Industrial IoT applications.