Utimaco debuts SecurityServer 4.0 to protect industrial IoT through connected machine data and commands



Utimaco announced latest hardware security module SecurityServer 4.0 to address the security and data protection requirements of the Industrial Internet of Things through new features that include distributed responsibility, provisioning and decentralization.

The SecurityServer 4.0 includes features such as configurable role-based access control which supports the implementation of numerous stringent security policies, like n-person-rules or m-of-n quorum authentication for up to 15 users on a per-function basis, and the definition of custom roles.Interface hardening that enables customers to deactivate applications and functions that are not used or shall not be accessible, ensuring that the HSM is limited to required functionalities only.

“As the Internet of Things expands into the industrial realm, security is needed at every point of intersection between intelligent machines, people and data. We are committed to enabling the smart device industry grow from potential to reality by offering next-generation security capabilities,” said Thorsten Groetker, Utimaco’s chief technology officer. “SecurityServer 4.0 provides a root of trust that starts protection on the manufacturing floor and safeguards the keys to connected devices throughout their lifespan.”

Administration-only mode which lets customers configure the HSM to execute administration functions only. Administration-only mode requires explicit activation of cryptographic functions after booting the HSM, and prevents interruption or delay of administrative actions by cryptographic operations during a maintenance window.

As Industrial IoT and Smart Manufacturing take off, intelligent machines will share critical data security and encryption requirements. A hardware security module (HSM) works by creating and securing cryptographic keys, and managing them for strong authentication.

Utimaco’s scalable and customizable HSM serves as the cornerstone of trust within connected industries, generating and assigning cryptographic signatures to connected devices to verify the authenticity and integrity of the permit—before executing commands.

The Utimaco SecurityServer 4.0 is currently available for both the CSe- and Se-Series.

With SecurityServer 4.0, Utimaco is able to deliver the same root of trust to the manufacturing floor with new features that enable distributed responsibility, provisioning and configurable security APIs.

Utimaco delivers a general-purpose hardware security module as a customizable platform to  integrate into existing software solutions, embed business logic and build secure applications.

Utimaco announced in November new cryptographic capabilities to its Utimaco CryptoScript Runtime Engine innovation, while speaking at the International Cryptographic Module Conference in Rockville, Maryland.

To power user interfaces, HSM vendors rely on implementations of cryptographic application programming interfaces (APIs) such as the Public-Key Cryptography Standard, PKCS#11 or Java Cryptographic Extension, JCE. But by using these APIs, cryptographic applications are broken into strings of operations that incur communication overhead and demand extensive expertise and resources to perform even a single application command.

To overcome these issues, the Utimaco CryptoScript Runtime Engine will provide a programming environment designed to let customers develop code that runs within the secure perimeter of an HSM—at ten times the speed compared to current solutions, while executing at the highest security mode: FIPS 140-2. With no embedded software development skills or tools required, users will be able to deploy custom cryptographic functions, while still maintaining industry secure certifications.

Leave a Reply

WWPI – Covering the best in IT since 1980