How IoT device provisioning to the Arduino IoT Cloud works

How IoT device provisioning to the Arduino IoT Cloud works

Be kind to the end user. At Arduino, we like to develop powerful ideas into simple tools. This is the spirit behind our team’s efforts in launching our IoT Cloud platform: making the Internet of Things accessible and easy for everyone. We can now offer a complete low-code IoT application development platform that seamlessly integrates with our hardware products: Arduino IoT Cloud.

Be kind to the end user. _At Arduino, we like to develop powerful ideas into simple tools. This is the spirit behind our team’s efforts in launching our IoT Cloud platform: making the Internet of Things _accessible and easy for everyone. We can now offer a complete low-code IoT application development platform that seamlessly integrates with our hardware products: Arduino IoT Cloud.

Behind such simplicity, you’ll always find a thorough design study carried out by our team in order to offer a user-friendly IoT cloud solution, which is suitable for everything from your first IoT project to state-of-the-art professional use — what the user needs to do is connect their compatible Arduino board to a computer and follow the steps displayed in the browser window. The process will configure the device to securely connect to the Arduino IoT Cloud, thus creating an Internet-connected device in minutes.

So how does Arduino IoT Cloud provisioning work?

TLS Client Authentication

In a previous blog post titled “Arduino Security Primer,” we began to introduce how the device provisioning works, showing how security is a fundamental requirement for us. The Arduino IoT Cloud security model is based on three key elements: an open-source library named ArduinoBearSSL, a Hardware Secure Element, and a device certificate provisioning for TLS Client Authentication. 

The TLS Client Authentication (or TLS Mutual Authentication) is an authentication method in which the server verifies the client’s identity through a certificate to grant or deny access to the device. In the standard TLS handshake, only a client authenticating a server is required, while in TLS Client Authentication, the server also needs to authenticate the client by verifying its identity. If the server cannot trust the client’s identity, it does not authorize a connection.

In the TLS Client Authentication system, the device’s credentials are replaced by a signed certificate that guarantees the device identity, thereby eliminating some security risks such as credentials stealing, weak passwords, or brute-force attacks. During the device provisioning process, a certificate — signed by our certificate authority — is stored inside the hardware secure element of supported Arduino boards to be used when identity verification is required.

ArduinoECCX08 Library

In order to communicate with the Microchip secure element (ATECC508A or ATECC608A) mounted on some Arduino boards, our engineering team developed an open-source library (ArduinoECCX8) which is used for device provisioning by the Arduino IoT Cloud. This library is responsible for writing and reading data from the secure element. In particular — during the provisioning stage — it manages the generation of private keys, certificate signing requests, and certificate storage. This library can also be used to generate self-signed certificates and to sign JWT, using the public key generated by the crypto chip.

featured ide iot cloud arduino iot cloud cloud cloud computing

Bootstrap 5 Complete Course with Examples

Bootstrap 5 Tutorial - Bootstrap 5 Crash Course for Beginners

Nest.JS Tutorial for Beginners

Hello Vue 3: A First Look at Vue 3 and the Composition API

Building a simple Applications with Vue 3

Deno Crash Course: Explore Deno and Create a full REST API with Deno

How to Build a Real-time Chat App with Deno and WebSockets

Convert HTML to Markdown Online

HTML entity encoder decoder Online

Multi-cloud Spending: 8 Tips To Lower Cost

Mismanagement of multi-cloud expense costs an arm and leg to business and its management has become a major pain point. Here we break down some crucial tips to take some of the management challenges off your plate and help you optimize your cloud spend.

Best Custom Web & Mobile App Development Company

Top Web & Mobile Application Development Company in India & USA. We specialize in Golang, Ruby on Rails, Symfony, Laravel PHP, Python, Angular, Mobile Apps, Blockchain, & Chatbots

What are the benefits of cloud migration? Reasons you should migrate

To move or not to move? Benefits are multifold when you are migrating to the cloud. Get the correct information to make your decision, with our cloud engineering expertise.

Clearing the air by debunking The Myths associated with Cloud Computing

Cloud computing is a one-stop solution to what can be the biggest problems for businesses in the future, i.e., storage of data. Therefore, whether your company belongs to the private or public sector, you should consider including cloud computing...

Best Cloud Computing (AWS) Development Company

Develop highly scalable apps on Amazon Cloud Services in India. Mobile App Development India Offers Amazon cloud web services (AWS) for app development, database storage solution, hosting solution etc.