Intercede joins ARM and Symantec to build security standard for IoT
Leicester security firm Intercede joined ARM, Solacia and Symantec to assess the security challenges of connecting billions of devices across multiple sectors; including industrial, home, health services and transportation.
Other members of the OTrP Joint Stakeholder Agreement are: Beanpod, Sequitur Labs, Sprint, Thundersoft, Trustkernel and Verimatrix.
Symantec estimates that one million internet attacks were carried out every day during 2015. The Internet of Things (IoT) expands the attack surface and according to Gartner, the analyst firm, security is now the number one priority when building any connected product.
OTrP in more detail
OTrP is a high level management protocol that works with security solutions such as ARM® TrustZone®-based Trusted Execution Environments that are designed to protect mobile computing devices from malicious attack. The protocol is available for download from the IETF website today for prototyping and testing.
The protocol paves the way for an open interoperable standard to enable the management of trusted software without the need for a centralized database by reusing the established security architecture of e-commerce. The management protocol is used with Public Key Infrastructure (PKI) and Certificate Authority-based trust architectures, enabling service providers, app developers and OEMs to use their own keys to authenticate and manage trusted software and assets. OTrP is a high level and simple protocol that can be easily added to existing Trusted Execution Environments or to microcontroller-based platforms capable of RSA cryptography.
OTrP is available as an IETF informational and it is planned that it will be further developed by a standards defining organization that can encourage its mass adoption as an interoperable standard.