Technical Spec

Technical Spec

We deal with all this stuff so you don’t have to, but for the ‘techies’ among us this is what we do.

Code Libraries.

Starting at the sensor, we provide code libraries for multiple processor types and development frameworks to integrate into your application. This provides methods of exchanging data between sensors and the cloud using either TCP or UDP socket connections.

Authentication.

When establishing communications with the cloud, each sensor is authenticated before encryption keys are exchanged. This is a key part of the Ioetec Service as it allows the identity of the sensor to be established thereby guaranteeing the authenticity of the data. The method used for this authentication will vary depending on the resources available in the sensor device but typically will use some form of certification, secure link (TLS) or public key infrastructure (PKI/RSA). Whenever possible, pre-programmed identities are avoided, this means that the manufacturing and provisioning process is greatly simplified.

Encryption

Standard methods of encryption are used once the keys have been exchanged. Depending on the sensor device, either hardware or software encryption can be supported using AES-CBC or ECC (Elliptic Curve Cryptography). Encryption is not the issue for IoT devices, its the exchange of secret keys that causes the problems. An additional feature of the Ioetec service is that keys are charged on a regular and random basis, further protecting the integrity of the data.

Encrypted databases

Data is always encrypted at rest as well as in transit. Different keys are used to encrypt the communication sessions and the readings themselves so that the readings are never decrypted. Public/Private keys protect the information in the database so that only the user – who has the private key – can access the data.

Retrieval Libraries

Code libraries are also provided for integration into web or smartphone applications to allow retrieval of data from the encrypted databases.

Data integrity

Protects against the 6 types of protocol attack

– Inspection
– Interception
– Tampering
– Injection
– Replay
– Side channel

Server infrastructure

Ioetec provide system hardened server infrastructure either as a service or customer hosted. Cloud servers use elastic scaling to ensure that sufficient capacity is always available.