GMO GlobalSign Launches "Managed PKI for IoT," A High-Volume Client Certificate Issuing Service for IoT Devices: Contributing to IoT security measures by executing certificate installation during production

　Tokyo, Japan – April 26, 2017 – GMO GlobalSign (https://www.globalsign.com ), a leading provider of identity and security solutions for the Internet of Everything (IoE), today announced its new Managed PKI for IoT, capable of issuing 3,000 digital certificates (Client Certificates) per second. Digital certificates are required to verify IoT devices.

　Managed PKI for IoT allows digital certificates to be installed in IoT devices during production processes, and is now being offered to IoT device manufacturers.

　GMO GlobalSign will run a booth at the 8th Cloud Computing Expo Japan in Japan IT Week Spring 2017 to be held at Tokyo Big Sight from Wednesday, May 10, 2017 to Friday, May 12, 2017 to introduce its Managed PKI for IoT solution.

　While products such as mobile and wearable devices, industrial machines, automobiles, and home appliances have become IoT enabled worldwide, security measures in IoT are still lacking. In fact, cyberattacks targeting IoT devices were reported, including a massive cyberattack called a DDoS attack^*1 that a major Internet company encountered in October 2016 which took over IoT devices such as routers, web cameras, and printers.
　If inappropriate programs are installed on IoT devices, that could lead to serious incidents, and devices may become platforms for cyberattacks, information could be stolen, and machines might be operated without authorization.


　GlobalSign offers Managed PKI Lite, a Client Certificate issuing and management service that installs GlobalSign’s Client Certificates on a device, verifies the identity of the device’s owner, and authorizes and controls access to cloud servers. Client Certificates can confirm the identity of the owner of a device accessing cloud servers to prevent incorrect operation due to access from device spoofing and facilitate a secure IoT environment.
　GMO GlobalSign has been offering the GlobalSign IoT Program, which helps realize a secure IoT environment, to vendors since April 2016. Through this program, GMO GlobalSign discovered that IoT vendors need Client Certificates installation in devices to be flexible (i.e. support the usage of the devices) and also want them to be issued quickly.
　That is why GMO GlobalSign developed Managed PKI for IoT, enabling automatic and high-speed installation of Client Certificates in IoT devices during the production process with certificates flexible enough to set various certificate profiles (items) to suit specific devices and purposes.

　GMO GlobalSign aims to expand the availability of secure IoT devices globally and realize secure IoT environments by launching Managed PKI for IoT.

*1 A major Internet service, Dyn, was attacked (DDoS attack) on October 22, 2016 (JST), and it was difficult to access services worldwide for more than five hours.

【Overview of Managed PKI for IoT】

(URL: https://jp.globalsign.com/internet-of-things/ )
　GMO GlobalSign’s Managed PKI Lite is a Certificate Authority software as a service (SaaS) solution that issues and manages Client Certificates, as well as confirms the identity of an owner (an individual or an organization) of a device using PKI technology², guaranteeing the certification, confidentiality, and security of data. Managed PKI for IoT is the top service offered to IoT device manufacturers.
　Managed PKI for IoT issues GMO GlobalSign’s Client Certificates, which set various certificate profiles to suit specific devices and purposes, and supports high-volume certificate issuing (3,000 per second), which was difficult before Managed PKI Lite. Managed PKI for IoT is capable of ID information processing, which is crucial in the IoT environment, enabling GlobalSign to meet the needs of IoT device manufacturers that manage identities (IDs) for each of the millions of products (serial numbers).
　As a Certificate Authority that issues and manages Client Certificates, in Managed PKI for IoT, customers may choose between Public Certificate Authority^*3, which issues Client Certificates for up to 3 years of usage, and Private Certificate Authority^*4, which issues certificates for prolonged use of up to 40 years. Therefore, it is unnecessary for IoT devices to have their certificates replaced for as many as 40 years.
　Customers may choose between Public Certificate Authority and Private Certificate Authority to suit the environment in which they use digital certificates. A Public Certificate Authority does not require complicated browser settings when using digital certificates and is suitable for external communication, such as browser login certification and e-mail signature, whereas a Private Certificate Authority, in which customers can customize certificate profiles freely, is suitable for usage in a limited internal network environment.

*2 PKI is an abbreviation of Public Key Infrastructure, a public key cryptosystem technology consisting of public/private key pair. Encryption and decoding require two different keys (a pair). Data that was encrypted using one key cannot be decoded without using the other key.
*3 Certificate Authority with root certificates, which are associated with issued digital certificates and prove original issuer of certificates, embedded in popular web browser and e-mail software in advance. Its benefit is that it does not require to set browser for using digital certificates in external communication.
*4 Certificate Authority formed by (and guidelines of which were set by) business companies. Although customers need to go to the trouble of setting and installing root certificates, as they can set the rules freely, they can easily use digital certificates in limited internal or external (customers only) network environment.

Reference: GMO GlobalSign’s IoT related endeavors

About GMO GlobalSign

GlobalSign is the leading provider of trusted identity and security solutions enabling businesses, large enterprises, cloud-based service providers and IoT innovators around the world to conduct secure online communications, manage millions of verified digital identities and automate authentication and encryption. Its high-scale PKI and identity solutions support the billions of services, devices, people and things comprising the Internet of Everything (IoE). The company has offices in the Americas, Europe and Asia. For more information, visit https://www.globalsign.com

GMO Internet Group

GMO Internet Group is an Internet services industry leader, developing and operating Japan’s most widely used domain, hosting & cloud, ecommerce, security, and payment solutions. The Group also includes the world’s largest online FX trading platform, as well as online advertising, Internet media, and mobile entertainment products. GMO Internet, Inc. (TSE: 9449) is headquartered in Tokyo, Japan. For more information, please visit http://www.gmo.jp/en/