Users can control and manage mission-critical industrial, medical and infrastructure devices via smartphone and Bluetooth.
IoT security and end-to-end connectivity vendor Thirdwayv announced AppAuth software for protecting mission-critical IoT applications. The product’s three software modules bring comprehensive protection to all IoT devices, smartphone apps and cloud services attached to the customer’s network, the company said.
With AppAuth, users can control and manage their mission-critical IoT devices in industrial, medical and infrastructure settings using their own smartphones and Bluetooth connection. The software gives each component of the IoT system a digital cryptographic identity and protects communication links and the surrounding environment. Each element of the system can then validate the authority and privileges of the others.
“Mission-critical IoT systems are typically related to the safety of individuals or the protection of high-value property,” said Vinay Gokhale, vice president of business development with Thirdwayv. “AppAuth enables our enterprise and commercial customers to bring trust to these systems through reliable user and device authentication, identity management and, most importantly, attestation of one system component to the other.”
The smartphone app uses the hardware root of trust to continually monitor the phone’s operating system, authenticity, and integrity in real time. This protects the app from both malware attacks and OS vulnerabilities. AppAuth’s cloud infrastructure provides over-the-air certificate issuance once verification is complete, and its cloud module allows for lifecycle management of all IoT components on the network.
Growing Worry About Smartphone Vulnerabilities
Safety- and mission-critical IoT applications are increasingly becoming targets for cybersecurity attacks, and the vulnerability of the smartphone is a growing concern.
“IoT systems are especially at risk of attack through connectivity to their cloud services, smartphone apps, and other IoT devices,” said Steve Hoffenberg, director at industry analyst firm VDC Research. “IoT device makers need to ensure that only currently trusted entities can communicate with their products by enforcing authentication and access privileges in all levels of communications.”
AppAuth is available for both iOS and Android and is now available via via a collection of software development kits (SDKs) and application programming interfaces (APIs). The product is said ready out of the box to work with the company’s SecureConnectivity platform, which works to connect and protect wireless IoT deployments that are mission and safety-critical.