cybersecurity
play

Cybersecurity P l a t f o r m Smart City Expo World Congress - PowerPoint PPT Presentation

The Vertical Cybersecurity P l a t f o r m Smart City Expo World Congress WISeKey Geneva November 2016 sales@wisekey.com www.wisekey.com 1 WISEKEY VISION AND MISSION Company Overview Vision Technology allows to connected People-to-


  1. The Vertical Cybersecurity P l a t f o r m Smart City Expo World Congress WISeKey Geneva November 2016 sales@wisekey.com www.wisekey.com 1

  2. WISEKEY – VISION AND MISSION Company Overview Vision • Technology allows to connected People-to- Machines and Machine-to-Machines, creating new opportunities to: • improve people life , Optimize Processes and resources, Reduce Risk toward end users, Improve Processes and end-user experience, Create new businesses and Improve existing business • Companies and customers can realize value and enable monetization when they can certify that they are receiving authenticated and secure device data • Gain insight from it, and propose appropriate actions as needed (applications) Mission Why Switzerland ? • WISeKey’s mission is to offers clients a Zone of Mobile Privacy Secured in The Swiss Vertical Cybersecurity Platform integrating Alps Root of Trust to Chip, empowering the Personal to be the Center of Gravity of the Internet. • Outstanding and unprecentend infrastructure • Leading technology center • WISeKey is bringing trust and security through identity, • Highly educated employees confidentiality and integrity based on trusted cryptographic • Intellectual property protection root keys. • Most innovative economy according to the Global Innovation Index 2014 • Political and financial stability WISeKey – IoT Offering- Company Confidential 2

  3. ROOT OF TRUST: UNIQUE TRUST MODEL • The OISTE Foundation was created by the WISeKey Founders to ensure the neutrality of the Trust Services • The Foundation is regulated by the Swiss laws and enforces values to protect the Neutrality and Sovereignty of the data and identities • WISeKey is nominated as the operator of the Trust Model, but the by-laws of the Foundation allow the participation of other players, operating their own Root WK WK of Trust Global IoT • The OISTE Foundation is recognized by the United Root Root Nation with an special ECOSOC consultative status, and participates in different initiatives promoted by UN to Partner universalize the access to the electronic identities Root Partner Partner General IoT SubCA SubCA WISeKey – IoT Offering- Company Confidential 3

  4. KEY MILESTONES – PROVEN TRACK RECORD SINCE THE INCORPORATION IN 1999 Transitional years 2007: 1999: 2005: 2011: 2016: Secure registration Incorporation of Security products for WISeID and WISfans WISeKey International and access control of WISeKey SA by Carlos computers and digital mobile products for Holding listed on the online offerings, Moreira video broadcasting securing social media SIX Swiss Exchange dematerialization and applications and for secure electronic effective data document protection dematerialization 2006: 2003: 2008: 2014: First ever binding Launch of CertifyID Citizen Services WISeAuthentic for the Internet vote in the product for digital Platform in security of luxury Canton of Geneva certification and partnership with goods, artwork, using biometric identity management Microsoft for pharmaceuticals, enabled public key confirming citizen spare parts and VIP infrastructure access to social networking government services and validity of citizen electronic WISeKey – IoT Offering- Company Confidential 4

  5. WISEKEY’S CERTIFYID: OUR PKI TECHNOLOGY • Complete suite of PKI Products: • Advanced Certificate Management solution • Fully integrated with Microsoft Certification Services and Active Directory • Open interfaces for custom integrations • Unique Mobile Device Strategy • TrustCenter License: Adherence to OISTE Trust Model: • Corporate CAs are signed by the WISeKey Trusted Root CA • Certificates issued by the Corporate PKI are automatically recognized as trusted for third parties • Reduces dramatically costs and time-to-market • Professional Services: • Deep understanding and experience in the technical, legal and operational implications of running trusted Certification Authorities • Full range of PS offering, from senior consultancy to software integration services WISeKey – IoT Offering- Company Confidential 5

  6. SECURITY FOR SMART CITIES Offering WISeKey – IoT Offering- Company Confidential 6

  7. SECURITY REQUIREMENTS FOR SMART CITIES IoT Requires Scalable Security Solutions (Different needs that may evolve) Attacks (Motivations: Fun, Money, Terrorists…) THEFT PRIVACY SAFETY PRODUCTIVITY Stop Valve Street Light malware infested Control garage door locking Frau d Stop Infotainment Activate factory system Stop energy Stop alarm Spying alarm supply Malware attacked sensor sensor Company know-how Behaviou Unlocke d r Stop car remotely Stop car engine engine Company Confidential WISeKey – IoT Offering- Company Confidential 7

  8. TECHNOLOGY ALLOWS TO CONNECTED PEOPLE-TO-MACHINES AND MACHINE-TO- MACHINES Improve Life quality Offer new Optimize Processes and Gather and resources, Reduce Risk products and Analyze data toward end users, services Improve Processes Possible only if data can be trusted: - Source: authentication A vertically integrated digital identity - Integrity platform interconnecting its cybersecurity (at rest and in transit) offering and IoT ecosystem. New Threats: Attacks THEFT (data, IP, objects..) PRIVACY DDoS, Men in the middle…) WISeKey is bringing trust and security through identity, confidentiality and SAFETY Motivations: Fun, Money, integrity based on trusted cryptographic PRODUCTIVITY (Quality of Terrorists… Service) root keys. WISeKey – IoT Offering- Company Confidential 8

  9. WISEKEY’S IOT SECURITY PLATFORM Identity Transaction Process Management Assurance Integration Trusted Identities for Using PKI technology to Open API to integrate the Objects, Applications and ensure authenticity, IoT platform with the Users: integrity and confidentiality business processes: of the transaction:  Root of Trust  Automation of identity  Standards-based  Only trusted entities can management tasks  Object’s attributes and Certificate Management connect and transact in solution the IoT platform lifecycle assurance  Open and scalable  Data managed by the  Custom connectors can identity distribution platform is protected be easily built for business applications WISeKey – IoT Offering- Company Confidential 9

  10. A CONNECTED WORLD THROUGH AN IOT PLATFORM – WISEKEY  Create an identity on a single format for each connected object  Identity based on Digital Certificate is a proven standard solution  Identity store in a tamper prof secure element for critical use cases  Secure messaging  Use one or a few message format for device to talk securely to the network IoT Platform  WISeKey Framework hosted an IoT Platform  Control the identity  Identity provisioning  Interconnect the devices  Control back-end applications 10 WISeKey – IoT Offering- Company Confidential

  11. WISEKEY OFFERING FOR IOT SUMMARY – TOP VIEW End to End Scalable and Flexible Security Solution WAN WPAN/WLAN/Ethernet Internet Wired / Cloud Wireles s Router/Gateway Terminal Video Surveillance Camera Server Traffic Control – Safety (Data Transfer/Aggregation) (User Application) (Data Analysis) (Data Collection) End-to-end security: In Operation: Identification, secure communication and Integrity through digital certificate and PKI technology Storage of critical asset in tamper resistant chip (Secure Element) - Optional Certificate Generation and Management tools and services Certificate Authority Data Management Solutions During Manufacturing /Maintenance Device configuration, software upgrade late in the manufacturing process, operated in a non-secure environment 11 WISeKey – IoT Offering- Company Confidential

  12. VAULTIC: TAMPER RESISTANT CHIP (SECURITY MODULE/ELEMENT) VaultIC is a tamper resistant chipset product family (companion chip to IoT device Host processor) • Embedded configurable cryptographic tool boxes for Authentication, Confidentiality, Integrity* executed in a secure environment • Embedded on-chip tamper resistant data storage capabilities (NVM) for keys, certificates, and customer data* • Embed True Number Generator to guarantee the entropy needed for crypto • Top security assessed through Certifications • VaultIC is FIPS 140-2 Level 3 certified • VaultIC is based on state of the art security chip: certified against Common Criteria EAL4+/5+ • Tiny industry standard packages and interfaces (I²C, SPI, USB…) VaultIC Middleware • Drivers for interfaces (I²C, SPI, USB…) • EasyPlug Middleware (PKCS#11 Windows CSP) to redirect crypto function to the vaultIC • Secure boot (under construction) • Secure firmware update • Secure Communication software (linked to VaultIC) (under construction) • MacSec, SSL (depending on the targeted communication layer) • Secure Binding (establishing a strong link between a VaultIC with the device) * Product dependent WISeKey – IoT Offering- Company Confidential 12

Recommend


More recommend