|updated: 9/5/2017||About IoT Vendor Scorecards|
IoT Function Provider
Rambus Cryptography division has announced an expansion of their CryptoManager solution into the IoT market with their CryptoManager IoT Device Management (IDM) security service. Rambus Cryptography division was built from their 2011 acquisition of Cryptography Research Inc. (CRI). The CryptoManager Security Platform was created by the division to provide security based on a root of trust embedded in the chip, primarily in mobile devices (smartphones). CryptoManager IDM appears to be an extension of this functionality to IoT devices. Based on announcement details it provides device identity management through secure key provisioning, communication encryption, and some level of Security lifecycle management.
Rambus is a public company that is historically known as a semiconductor company. While the company largely generates revenue from IP licensing and engineering for hire relationships, it has been trying to expand into as a service offerings, largely around security.
- Physical Devices – While Rambus doesn’t make any physical devices, their CryptoManager hardware Security Engine can be licensed by chip manufacturers or device manufacturers for embedding in their devices at the silicon level. The Security Engine stores a unique identifying key for each device which can’t be tampered with.
- Physical Edge Gateways – While the CryptoManager literature doesn’t talk about edge gateways specifically, their Security Engine could in theory be embedded within edge gateway vendor’s hardware.
- Data Storage
Data & Insight
- Things Operational Big Data
- Stream Analytics
- Machine Learning
- Thing Meta Data
- User Meta Data
Messaging & Automation
- Communications and Messaging
- Identity Access Management
- Event Processing
- Web Interface
- Mobile Interface
- Voice Interface
- Interface Development APIs – CryptoManager IDM provides some SDK’s to allow customers to tie the CryptoManager Service into applications that need to authenticate devices. These SDK’s are also available through selected cloud Platform as a Service (PaaS), specific PaaS are not currently named. There also appears to be SDK’s that allow secure key provisioning from the chip/device manufacturer at the start of a device’s lifecycle.
- Interface Development Environment
- Encryption – CryptoManager allows the use of the device key to establish encrypted communication from the device to the cloud. CryptoManager’s own hardware Security Engine stores a unique identifying key for each device in hardware which can’t be tampered with like a software stored key could. Cryptomanager can also use other 3rd party hardware security keys or software security keys, which should provide greater flexibility based on the IoT Solution specific needs.
- Access Control
- Identity Management – CryptoManager IDM is appears to provide Identity Management for the device from the start of a device’s lifecycle (at the manufacturer) through the entire device lifecycle. Specifics here were not provided at announcement time.
- Secure Device Updates
- Device Lifecycle / Operations
- Security – CryptoManager IDM is providing device key management across the device lifecycle. Specifics here were not provided at announcement time.