Smart Card Alliance Whitepaper: Securing the Internet of Things

Current estimates project that by 2020, the world will have more t han 20 billion connected devices. With this growth, there is a critical need to ramp up the security of “things” and the data they create. To guide the industry, the Smart Card Alliance said it released a high-level educational resource outlining the security value of embedded hardware technology in end devices used in IoT applications. The Smart Card Alliance is a not-for-profit, multi-industry association working to stimulate the understanding, adoption, use and widespread application of smart card technology.

The white paper, “Embedded Hardware Security for IoT Applications,” was created by the Smart Card Alliance’s Internet of Things Security Council, and can be downloaded at http://www.smartcardalliance.org/publications-embedded-hardware-security-for-iot-applications/.  
 
To describe the basic security principles that are critical for IoT implementations, the white paper:

• Discusses embedded security – where hardware and/or software security mechanisms are built into the end devices used in an IoT architecture
• Discusses basic security principles that are critical for IoT implementations and reviews the application of these security principles for an example use case – managing the lifecycle of IoT devices
• Focuses on embedded hardware security, where end devices include hardware features and functions to ensure that the appropriate security requirements are implemented and maintained

 

The Smart Card Alliance also recently launched a new content portal that features relevant news, resources, expert commentary and thought leadership on the security and privacy of IoT. Visit the portal at IoTSecurityConnection.com.
 
The Smart Card Alliance formed its Internet of Things Security Council to provide a single forum where all industry stakeholders can discuss applications and security approaches, develop best practices and advocate for the use of standards for IoT security implementations. The council welcomes participation from organizations involved in the many IoT ecosystems to participate in these efforts, as well as to network and share implementation experiences. More information about the council is available athttp://www.smartcardalliance.org/activities-councils-internet-of-things-security/.
 
Participants involved in the development of this white paper included: Accenture; Allegion; CH2M; Discover Financial Services; Exponent, Inc.; First Data; Giesecke & Devrient; Hewlett Packard Enterprise; Intercede Limited; IQ Devices; Metropolitan Transportation Commission (MTC); NextGen ID, Inc.; NXP Semiconductors; Safran Identity & Security; Underwriters Laboratories (UL); and Verifone.