Hardware security module for AWS IoT Greengrass
With the addition of iShield HSM, Swissbit has expanded its range of plug-and-play security products. In the form of a USB-A stick, the hardware security module (HSM) enables secure storage of cryptographic keys and credentials required for identification, authentication, and registration of IoT devices.
With the addition of iShield HSM, Swissbit has expanded its range of plug-and-play security products. In the form of a USB-A stick, the hardware security module (HSM) enables secure storage of cryptographic keys and credentials required for identification, authentication, and registration of IoT devices. iShield HSM is designed and fully qualified for Hardware Security Integration (HSI) in AWS IoT Greengrass.
As such, system integrators can easily upgrade and retrofit existing AWS IoT Greengrass devices like gateways or industrial controllers with a hardware security module. Once connected, iShield HSM provides the maximum level of hardware security for the private key and certificate of the respective IoT device. The secure element (CC EAL6+) is embedded in the hardware via chip-on-board technology. This not only renders iShield HSM tamper-proof, but also makes Swissbit’s hardware security module the ideal solution for use in harsh operating environments.
Whilst software-based storage of cryptographic keys for securing IoT devices is standard practice, this method is susceptible to accidental disclosure or deliberate theft of private keys by savvy hackers.
Secure hardware protection for cryptographic keys
With iShield HSM, Swissbit provides a retrofittable hardware security module that offers flexibility thanks to its standard USB interface. The open source edge runtime and cloud service AWS IoT Greengrass are compatible with iShield HSM, which makes it the perfect choice for ready-made hardware designs and devices that are already in use. Device private keys and certificates cannot be copied, extracted, accessed by software since they are stored in the tamper-proof hardware security module.
iShield HSM is based on an industrial-grade USB memory stick with a compact and robust metal housing. It is manufactured in Swissbit’s own factory in Berlin, Germany. The plug-and-play security anchor is compatible with OpenSC, the open-source software stack, and supports PKCS#11 and PKCS#15 cryptographic standards.
Compatibility and availability
Swissbit is an AWS Advanced Technology Partner, and iShield HMS is certified for AWS IoT Greengrass Hardware Security Integration (HSI). More information is available in the AWS Partner Device Catalog.
iShield HSM is available through Swissbit’s online partner stores (Mouser Electronics, Farnell, and Digi-Key Electronics), as well as other distribution partners. Additional information is available at https://www.swissbit.com/ishield-hsm. Individual inquiries can be emailed at any time directly to Swissbit at firstname.lastname@example.org.