Beyond Passwords: Secure Symphonies with Authentication and Authorisation

Device authentication and authorisation are both critical to secure the connections between devices and protect exchanges of data in an IoT ecosystem. In the previous articles we introduced the notion of device identity, and with this month’s article we are going to explain how we rely on them.

IoT device authentication refers to the process of verifying the identity of an IoT device before permitting communication with other devices or allowing access to information across an unsecured network such as the Internet. Authentication ensures that only known and expected devices can transact in the IoT system. Common authentication methods include secure digital certificates, passwords, and biometric data, obviously not all of them are applicable to IoT devices.

IoT device authorisation, on the other hand, assigns the appropriate rights to authenticated devices. This includes defining permitted actions for the device, its data-access privileges, and any restrictions on communication with other devices in the IoT network. Authorisation mechanisms help enforce security policies and limit potential losses if a device were to become compromised.

Authentication and authorisation work together to protect the IoT ecosystem from unauthorised access, data breaches, and malicious activities. These security measures are essential to safeguard the integrity, confidentiality, and availability of IoT devices and the data they generate.

Device Authentication

IoT Authentication

Strong authentication is needed so that connected IoT devices and machines can be trusted. It protects against receiving rogue control commands and sharing sensitive information with unknown or untrusted users or devices. Authentication also helps prevent attackers from claiming to be IoT devices in the hope of accessing data on servers.

Any of several approaches may be valid, depending on the use case. In one-way authentication, only one of the two communicating parties will authenticate itself to the other. The other party will not be authenticated. There is also two-way authentication, otherwise known as mutual authentication, in which both entities authenticate each other. This involves both the IoT device and server, using a protocol such as mTLS (mutual Transport Layer Security), presenting their credentials – TLS certificates – for authentication. mTLS is often used in a zero-trust security environment, where no user or device is assumed to be trusted and continuous verification and strict access controls are enforced. In most serious IoT deployment, mutual authentication is a must, as you want each side to be properly authenticated before checking for authorisations.

Authentication and Authorisation Methods

While authentication is focused on validating the identity of any device seeking to connect to an IoT system, authorisation is dependent on methods for establishing access controls. It is important to choose a suitable method for each, from the various options that are available, to ensure correct operation and proper security.

Password-based authentication is commonly used and requires users or devices to authenticate themselves using a username and password combination. Strong, unique passwords must be used, and security best practices followed. This is only applicable when the device has a UI and requires the user to be present at the authentication time. Not very practical for most of the small devices without much of an UI that we expect in IoT.

Among other approaches, pre-shared key (PSK) authentication is based on a pre-configured secret key shared by devices and the IoT system. The device presents its key to verify its identity. Although simple in concept, PSK authentication requires secure management and distribution of the secret keys. An alternative is certificate-based authentication, which relies on digital certificates that are signed by a trusted certificate authority (CA). The authenticating device presents its certificate, which the server then validates using the CA’s public key. This approach combines strong security with scalability, although a robust public key infrastructure and certificate management are required. There is also token-based authentication, using tokens that are securely generated and exchanged between the device and the server during authentication. While this approach can provide superior control over device access, a token-management infrastructure is required.

Methods for authorisation include Role-Based Access Control (RBAC), which assigns roles to different users or devices and grants access permissions based on those roles. This ensures that only authorised entities can perform specific actions or access certain resources within the IoT ecosystem. Alternatively, Lightweight Directory Access Protocol (LDAP) enables authentication and authorisation through a centralised directory server and can be used for accessing and maintaining distributed directory information.

The choice of authorisation method depends on factors such as the level of security required, the specific use case, and the capabilities of the IoT devices involved.

Choosing the Right Authentication Model

To select the right IoT authentication model, several factors must be considered such as the power available to the IoT device and the hardware capabilities, any cost restrictions on the device architecture, available security expertise, security requirements, and connectivity.

We understand that the IoT can be overwhelming, so if you need support with your next IoT project or IoT security in particular, why not get in touch with our experts? Our IoT, Wireless and Connectivity teams are on hand to help you with your next IoT challenge.

Learn More

Security

Secure Provisioning

Services providing keys and certificate injection into Secure Elements or MCU for full end-to-end Security.

Learn More

If digital certificates are to be used, a protocol such as X.509 (IETF RFC 5280) provides effective secure digital identity authentication. A Public Key Infrastructure (PKI), on the other hand, maintains a list of trusted root certificates. Each certificate contains the device’s public key and is signed with the issuing authority’s private key. It can be validated using a cryptographic algorithm.

To establish a delegated chain of trust from the trusted root certificate authority, digital certificates are typically arranged in a chain in which each certificate is signed by the private key of another trusted certificate. This chain must return to a globally trusted root certificate. While this requires a lot of management control, there are many vendor options. Consequently, many organisations that setup and use IoT networks rely on external vendors for certificates and lifecycle automation.

A Hardware Security Module (HSM) may be used to establish a delegated chain of trust from the trusted root certificate authority. This can provide the safest secure, hardware-protected storage of secret data.

Depending on the device resources available and performance and security requirements, a Secure Element (SE) may be suitable for use in some IoT devices. A SE can be implemented as a discrete hardware IC or integrated in the application IC. Often used standalone on banking or ID systems, these SE are designed for efficient and frugal use of system resources making them suitable for use in low-end IoT devices. Typically having cryptographic capabilities, the SE can handle various functions relevant to authentication and authorisation, including establishing a hardware root of trust (RoT) and managing secure boot-up as well as device identification.

The SE can be used at various points along the supply chain to verify that the device has not been incorrectly modified. It can store cryptographic keys securely in tamper-resistant hardware. The keys are generated within the SE itself and are therefore protected from being retrieved by external programs. If appropriate, the SE can be used simply as a hardware key store without utilising its RoT and secure boot capabilities.

Choosing the Right Model

To determine the most suitable model, it is critical to assess the level of security needed for the IoT system. Factors such as data sensitivity, risk tolerance, and compliance regulations can help to choose between the different models.

It is also important to ensure that the chosen model allows scalability to handle the growing number of devices, users, and access requests as the IoT implementation grows, without compromising performance or security.

It is important also to bear in mind that known IoT device constraints such as limitations on computing power and memory can impact the feasibility of certain authorisation models. Lightweight protocols like MQTT or CoAP (Constrained Application Protocol Security) may be suitable for resource-constrained devices.

It is also important to ensure that the chosen authorisation model integrates with existing infrastructure and systems and can accommodate future policy updates, new device types, and integration with emerging technologies. Most of the authorisation model implementation is done on the server, so the focus on devices is really put on the authentication.

Conclusion

Proper implementation of IoT authentication and authorisation has many beneficial effects on IoT security. However, choosing the right method can be challenging, and the wrong choice can significantly increase risks.

In terms of authentication, some risks can be mitigated by securely storing the keys and credentials safely on the device and following best practices around key storage.

As far as authorisation is concerned, scalability is critical and the chosen approach must integrate with legacy systems, as well as offering flexibility and future proofing.

Ultimately, authentication and authorisation, based on immutable and provable device identities, are critical to establish trust between IoT devices and the application server, to protect the ecosystem and the sensitive data within it against hacking and other malicious activity.

Security

Secure Elements

Hardware Root of Trust used for crypto operations and key storage.

Learn More

Security

Secure Library

Software Root of Trust integrated into any MCU/MPU used for crypto operations and key storage.

Learn More

Security

Secure MCU

MCU with built in security features and key storage.

Learn More

Service

See IoTConnect

The IoT can be overwhelming. You need to leverage new technologies like AI, deep learning and data mining to make the most of your investment. Let us help you.

Learn More