The FIDO Alliance launched a new, open IoT standard that enables devices to simply and securely onboard to cloud and on-premise management platforms.
IoT device onboarding involves the installation of the physical device and the setup of credentials so that it can securely communicate with its target cloud or platform. Today, this onboarding process is usually done manually by a technician – a process that is slow, expensive, and insecure. FDO is an automated onboarding protocol for IoT devices, leveraging asymmetric public key cryptography to provide the industrial IoT industry with a fast and secure way to onboard any device to any device management system. The specification is founded on Intel’s Secure Device Onboarding (SDO) technology.
Benefits of the FIDO Device Onboard protocol include:
- Simplicity – Businesses no longer have to pay more for the lengthy and highly technical installation process than they do for the devices themselves. The highly automated FDO process can be carried out by people of any level of experience quickly and efficiently.
- Flexibility – Businesses can decide which cloud platforms they want to onboard devices to at the point of installation (as opposed to manufacture). A single device SKU can be onboarded to any platform, thereby greatly simplifying the device supply chain.
- Security – FDO leverages an “untrusted installer” approach, which means the installer no longer needs – nor do they have access to – any sensitive infrastructure/access control information to add a device to a network.
The front-end access control solution to be implemented by IoTAC is also based on the use of asymmetric cryptography. We will assess how the two solutions can be harmonized to cover all types of access (inclusion) into a service environment.
You can find more information about FDO at https://fidoalliance.org/fido-alliance-creates-new-onboarding-standard-to-secure-internet-of-things-iot/ and at https://www.intel.com/content/www/us/en/newsroom/opinion/ushering-new-open-standard-securely-onboard-iot-devices.html#gs.05prh3.