GlobalPlatform offers IoT cloud platform providers a secure foundation for developing, deploying, and securely managing a customized portfolio of services across multiple devices in a cost-effective way.
As the value of the IoT market continues to grow, IoT cloud platform providers need to build customized applications and services to support as many markets as possible, while also reducing costs. At the same time, they need to ensure that users receive a secure and consistent experience regardless of the device operating system or design.
GlobalPlatform’s standardized technologies and certifications provide a foundation for building and managing differentiated IoT applications with the assurance that they will work across multiple devices and enable consistent usage of secure services. Using this foundation enables IoT cloud platform providers to save time and money, customize their offerings by adding proprietary elements and protect their Intellectual Property (IP).
GlobalPlatform’s standardized technologies create a secure foundation that IoT cloud platform providers can leverage to build and deploy solutions across multiple devices, while protecting their brand, IP and customer data.
Using GlobalPlatform’s Device Trust Architecture (DTA) Framework and Trusted Platform Service (TPS) APIs, IoT cloud platform providers have a standardized way to access and remotely manage the security features enabled by GlobalPlatform-certified Secure Elements (SE), Trusted Execution Environments (TEE) and secure MCUs which are anchored in Roots of Trust (RoT). Together, they empower IoT cloud platform providers to offer customized services that meet the security needs of their ecosystems.
Building on GlobalPlatform’s work to secure the IoT, the IoTopia Framework offers practical guidance to help IoT cloud platform providers securely manage their applications and services across the full device lifecycle. The framework offers best practices on how to securely onboard devices, push remote updates and decommission applications.
GlobalPlatform-certified components provide a proven and cost-effective platform that meets the functional and security needs of multiple use cases and vertical markets.
When an IoT cloud platform provider onboards with a GlobalPlatform-certified device they can trust their service is protected in a secure and controlled environment that is proven to meet the requirements of multiple markets and regulations. IoT cloud platform providers benefit from reduced cost and time to market, and can more quickly respond to market newcomers.
GlobalPlatform also supports IoT cloud platform providers in establishing their IoT device certification schemes using the Secure Evaluation Standard for IoT Platforms (SESIP) Methodology, which provides a consistent and flexible way to demonstrate the security capability of their IoT products. Leveraging the GlobalPlatform ecosystem enables them to efficiently define their security requirements and use SESIP laboratories to set up their own certification schemes.
IoT cloud platform providers can engage in the work of GlobalPlatform’s Technical Committees and Task Forces to help drive the development of standardized technologies that meet the specific security and business needs of their use cases.
GlobalPlatform Technical Committees manage the maintenance and evolution of GlobalPlatform standardized technologies and certifications. Task Forces provide guidance on market sector and geographical requirements, opportunities, and challenges. These groups are chaired by representatives from GlobalPlatform member organizations.
GlobalPlatform welcomes participation from IoT cloud platform providers to learn and contribute best practices, align products to market requirements, contribute key use cases and help drive the organization’s technical roadmap and ensure it answers market requirements.
DTA: Developing and Deploying Secure Services
GlobalPlatform’s DTA Framework helps IoT cloud platform providers to utilize secure component technology and Chain of Trust to provide consistency in secure service delivery within a device. It ensures devices can be securely enrolled to multiple IoT cloud platforms, can securely support different device Operating Systems (OS) and can manage secure remote updates while enabling end-to-end data privacy, secure communications and device attestation services.
IoTopia: Secure IoT device on-boarding and management
Industry, service provider, device maker and end-user requirements change rapidly, making the ability to securely update devices and applications essential. IoTopia provides a practical framework for IoT cloud platform providers to onboard their apps and securely manage them throughout the device lifecycle. It provides guidance on software, firmware and hardware patching and updates, update tracking, end-of-life support and service.
SESIP: Establishing an IoT Certification Scheme
SESIP is a common and optimized approach for evaluating the security of connected products for the evolving IoT ecosystem. IoT cloud platform providers can work with GlobalPlatform to identify the security requirements of their ecosystems and use GlobalPlatform’s SESIP documents to establish and maintain their own certification scheme.
Become a member