The cities are vulnerable to threats such as signal jamming, remote systems or data manipulation, Denial of Service (DoS), malware attacks and the recent rampant ransomware and wiping attacks. There is a need therefore for comprehensive smart city plans to minimize cybersecurity risks and protect critical infrastructure in smart cities so as to defend stakeholders, ranging from residents to private and public service providers.
Smart cities’ virtual doors will need virtual keys and locks controlled through remote communications. In real sense, these virtual doors to smart cities are never fully locked, creating loopholes cyber attackers will sure attempt to exploit. This, then means smart cities are not safe until proven, hence measures must be put in place, spanning physical security and network security, to continuously ensure, guarantee and verify key components of the infrastructure never fail.
The LoRaWAN specification has been designed from the outset with security as an essential aspect, providing state-of-the-art security properties that meet the needs of highly scalable low-power IoT networks. Unlike many other IoT technologies, the LoRaWAN specification already offers dedicated end-to-end encryption:
The specification defines two layers of cryptography:
AES algorithms are used to provide authentication and integrity of packets to the network server and end-to-end encryption to the application server. By providing these two levels, it becomes possible to implement “multi-tenant” shared networks without the network operator having visibility of the users’ payload data. The devices can be activated by Personalization on the production line or during commissioning, or can be over the air activated (OTAA) in the field. OTAA allows device sessions to be rekeyed if necessary.
LoRaWAN relies on symmetric cryptography, which requires sharing keys in a safe and secure way. To further aid with this process, LoRa Alliance members have developed:
Though LoRaWAN is inherently secure, the LoRa Alliance is constantly reviewing, designing and implementing security enhancements and best practices to ensure LoRaWAN stays ahead of the changing security landscape and Ambimat offers itself as an aide in this process with a value added solution.
Ambi-Secure is a hardware-software solution based on 3 decades of experience in the field of IoT. The solution is a combination of a System on Chip (SoC) and Ambimat’s firmware residing on it which helps cater to almost all of the challenges present on your IoT (read: LoRa) device
Our Ambi-Secure acts as a secure hardware memory to help customers store their AppKey, NwkKey, AppSKey and other keys used for the communication in a secure location outside the memory of the main controller
Our Ambi-Secure can also help generate the most secure keys for your application while communicating with the gateway or the network server.
Ambi-Secure can confirm the authenticity and the validity of the source of the Firmware sent over the air for updation.
Ambi-secure implements the encryption algorithms in itself taking away the need to implement such algorithms in the main controller thereby providing more security to the solution as well as more flexibility to choose the controller of choice.
Ambi-Secure protects your infrastructure as well as your customers’ infrastructure from any challenges arising from a security perspective for the entire lifetime of your product.
The AmbiSecure Key is a hardware-based authentication solution that is FIDO2 standard compliant. The Key is used to provide a simple and highly secure sign-in feature to any online server supporting FIDO authentication algorithm and enables compliance requirements for strong authentication.
Now that passwords are fast becoming obsolete and your privacy, as well as the security of your digital profile, is very often compromised it is necessary to up the anté with hardware security.
The AmbiSecure Key Series offers superior security by combining hardware-based authentication and public key cryptography to effectively defend against phishing attacks and eliminate account takeovers. It offers support for FIDO U2F v1.2.
The AmbiSecure Key Series helps organizations accelerate to a passwordless future by providing support for the FIDO2 protocol. FIDO2 supports not only today’s two-factor authentication but also paves the way for eliminating weak password authentication, with strong single factor hardware-based authentication.
The AmbiSecure Key Series provides a simple and intuitive authentication experience that users find easy to use, ensuring rapid adoption and organizational security. Ambisecure Keys do not require a battery or network connectivity, making authentication always accessible.
No battery or network connectivity required, users simply insert and tap to authenticate
Establish user presence, and prevent remote takeovers, with a simple touch on the AmbiSecure Key during login
AmbiSecure Key provides the user a secure authentication
Reduce password reset or account lockout queries.
AmbiSecure Key fits into any standard USB port
Fit AmbiSecure Key on a keyring and carry without any worry
|Supported Operating Systems||: Windows, Linux, macOS, iOS, Android|
|USB Type||: USB-A/C|
|Authentication Methods||: Passwordless, Strong Two Factor Authentication|
|Identity & Access Management||: Any FIDO compliant cloud|
|Password Managers||: Can be provided on request|
|Function||: FIDO2, U2F|
|Certifications||: FIDO2 Certification (Underway)|
|Cryptographic Specifications||: ECC P256|
|Design & Durability||: Rugged enclosure, No batteries required, No moving parts|
|Device Type||: USB HID Device|
|Single Sign ON||: Supported (Currently under development)|