In small embedded systems, WLAN security features applied are usually various forms of encryption such as WPA-PSK, WPA2-PSK. Typically, the assigned authentication key is the same for all distributed wireless units. However, with EAP-TLS, each wireless client is assigned a unique authentication certificate.
Rolf Nilsson, CEO of connectBlue, comments: “Applying EAP-TLS in small embedded systems is unusual as it is mostly seen in large, complicated systems. But since a key component of the connectBlue delivery is a repeatedly robust wireless experience, we have put extensive resources into applying the EAP-TLS security feature. Now, also mobile or portable WLAN applications can enjoy real-time handover as well as disturbance-free roaming.”
The connectBlue WLAN UART Serial Port Module OWS451 is now shipped with the EAP-TLS security feature. With EAP-TLS each wireless client is assigned a unique identifying key. Thereby, authentication servers can black-list certain wireless clients without affecting the other clients.
New connectBlue WLAN UART Serial Port Module OWS451s are shipped with the added-on EAP-TLS feature whereas customers who have installed OWS451 modules can easily download upgrade firmware from the connectBlue support site. The OWS451 EAP-TLS feature has already been tested and validated in key mission critical applications.
EAP-TLS is considered as one of the most secure standards and is thus often required by central IT management. For instance, EAP-TLS makes it possible to centrally manage individual units when one, for example, would like to centrally revoke a certain client’s certificate. Thanks to the client-side certificate, security is also sustained as a compromised password is not enough to break into EAP-TLS enabled systems as the potential intruder would also need the client-side private key. Both these advantages make EAP-TLS particularly beneficial in demanding factory automation and medical installations.
