August 28, 2013 -- Companies can now secure their digital links with Trusted Source™ -- a new, cost-effective, easy-to-implement turnkey platform devised by product development firm Cambridge Consultants. It's an efficient way of allowing brand owners to give each of their products -- even low-cost ones -- a unique digital identity before they leave the manufacturer's production line. This kind of secure identification is becoming more important with the growth in "smart" devices which rely on being able to connect securely to digital services such as healthcare apps.
As well as supporting this move towards the "Internet of Things", Trusted Source™ also enables digital security for a wide range of applications. These include coding for anti-counterfeiting and brand protection, establishing secure links for track-and-trace applications as well as smart devices, and simplifying wireless connection set-up.
Low-cost security techniques increasingly require sending secrets between a digital end point -- whether it's a factory testing station or a smartphone -- and a brand owner's database, often using untrusted internet connections. Cambridge Consultants has developed a turnkey solution which deploys the relevant key management software to both ends of a digital link, establishing end-to-end security from an enterprise dataserver to any number of business partners or devices including remote factories or suppliers.
The technology could be used to exchange data with a factory floor to retrieve anti-counterfeit codes, for example, or to monitor yield or output data. In a healthcare context it could be used to meet pharmaceutical packaging serialization regulations or for the secure exchange of clinical trials data. In mobile security, the technology could enable an end-to-end connection directly to the secure components in a smartphone -- and in "smart metering" and "smart home" environments it could be used for security "personalization" of devices.
"We developed Trusted Source™ because the end-to-end solutions we've been developing across our consumer, industrial and medical programs all required this core component," said Jon Edgcombe, leader of the software technologies group at Cambridge Consultants. "The traditional one-size-fits-all model for issuing digital certificates --generally used for one-way authentication on a web browser -- isn't the right tool for connected devices and online factories, which have fundamentally different security requirements.
"With product companies starting to run more digital services and becoming more capable of controlling their own roots of trust and security model, there are clear advantages to being able to customize your digital security to your needs. Our technology enables companies to have the tools and capabilities to control their own data flows, helping them comply with increasing privacy regulations, while increasing support for low-power devices as well as the variable quality internet connections often found in factory environments"
The Trusted Source™ system is typically integrated as part of a Cambridge Consultants product development. It provides a company with a pre-packaged Certificate Authority server system, software and hardware token components which can be issued to third-party factories for easy installation -- plus optional integration of a serialization module for identity issuance. This set-up gives overall control of security and operational cost savings to the brand owner, compared with the alternative of outsourcing to a third-party certificate provider, and then auditing and securely integrating with a factory's own IT system.
"As digital tasks become more complex, sending data securely between product locations is increasingly important to our clients, especially those supporting multiple factories producing millions of devices," said Edgcombe. "This design platform simplifies setting up secure links, whether for anti-counterfeit brand protection or enabling secured digital services. We can host the server side for smaller deployments -- which a number of our clients find beneficial when piloting a new connected product or digital system which needs to be secure -- or hand over the system to the client for full-scale deployments."
The design uses well-established security algorithms that can be implemented across a wide range of industries. The system can either be licensed as part of a product development or customized for deployment as fee-for-service work, depending on the overall product and digital service requirements. (continued...)
Is IBM's 5 in 5 List Realistic? Big Blue has unveiled its eighth annual "IBM 5 in 5." It’s a list of innovations that IBM is betting has the potential to change the way people work, live and interact over the next five years.
Snowden: NSA's Indiscriminate Spying 'Collapsing' National Security Agency leaker Edward Snowden wrote in a lengthy "open letter to the people of Brazil" that he's been inspired by the global debate ignited by his release of thousands of NSA docs.
Dell Targets Educational Market with a Chromebook The latest in a string of PC manufacturers to bring a Google Chromebook to the market is Dell. The company's Chromebook 11 is aimed at students and teachers, and will only be available to schools.
Microsoft Offers Details of CEO Hunt The chatter about Microsoft’s next CEO just won’t die down, even as candidates on Redmond’s short list are declining the job. Microsoft board member John Thompson offers some answers, sort of.
Lawmakers Ask Trade Czar To Stem Data Threats Members of Congress want the Obama administration to demand that U.S. allies back away from restrictions on global data transmissions, saying those actions could hurt U.S. companies.
Oracle Finally Joins OpenStack Foundation Some industry analysts wonder what took it so long, but Oracle has finally signed on as a corporate sponsor of the OpenStack Foundation so customers can use OpenStack to manage Oracle clouds.