Trusting IoT Devices at Scale in the Computing Continuum Through SPIFFE/SPIRE Certificates
摘要
Secure data access and transmission in IoT systems necessitates strong authentication and authorization techniques because of the broad accessibility of communication channels and the sensitive nature of the data being gathered and sent. Designing such IoT strategies is difficult, though, because the majority of IoT sensors are placed in unsupervised, resource-constrained areas with little storage, connection, or processing capacity. In order to provide anonymous authentication, current systems usually use shared temporary public keys to verify sender certificates or conceal device IDs. We address the significant challenge of securing the computing continuum, which includes cloud, edge, and IoT infrastructures, by using the SPIFFE/SPIRE framework to create a trusted infrastructure that can guarantee that not only authentic software entities are executing, but also that only verified, trusted IoT devices are permitted to communicate.