Hack-proof M2M connections to the Cloud

Paul Boughton

Although seemingly trivial to the user, M2M system messages and measurement data are open to client or server side spoofing attacks. Once compromised the packets can be monitored or changed. Embedded VPN gateways protect M2M data by encrypting packet data directly at the source.
 
In order to increase the cyber security in M2M applications SSV is now offering a security kit. The kit consists of embedded VPN gateways which are directly integrated into the subsystem, as well as software components for the cloud servers. These building blocks create a secure M2M application over public networks.
 
The integrated gateway firmware, in co-operation with the cloud server building blocks, allows for a certificate-based, bidirectional authentication. In contrast to a simple HTTPS transfer the bidirectional authentication guaranties that both communication partners can verify the identity of each other. In addition the cloud server has the full surveillance over the individual embedded VPN gateways. Should the digital identity of a gateway come into question, the certificate will be declared invalid and the user will be excluded from the VPN. Every single data packet will be encrypted and signed with a digital finger print in addition to the authentication.
 
In order to securely operate this solution, it is necessary to run the cloud server in an environment protected from intrusion. Users can run the server in their own IT departments or via certified service providers.

For more information, visit www.ssv-embedded.de