Things'Cloud involves the use of several server components. The core component acts as a Device Gateway vis-à-vis the installed IoT devices. The data thus collected is transmitted via HTTPS API REST to the server on which the specific customer solution is implemented.
To ensure a high level of robustness, Things' Cloud has been structured on several security layers that are summarized in part below.
Each IoT Things' Cloud module is censored at the production stage and given a personal UUID and Key. The information on the module is encrypted with AES algorithm and IV procedurally generated with a 256-bit symmetric key.
Device Gateway requires the module to use an OTP (One Time Password) with each connection. Through Device Gateway it is also possible to revoke the Key used by any compromised device.
The communication REST APIs exploit the HTTPS protocol with SSL certificate making communication impenetrable to external attacks. For additional security, Server-to-Server connections are always made via VPN or Private Networks.
Sensitive information stored on databases can be encrypted using the AES algorithm and to ensure maximum compliance in terms of GDPR can be made accessible only to authorized personnel.
The use of infrastructure such as Amazon AWS or Google Cloud Platform enables the highest level of uptime and robustness available for cloud-based solutions.
An IoT solution needs to be remotely deployable from wherever you are in the world, which is why we decided to outsource our infrastructure to Amazon AWS servers, so that we can scale the infrastructure in realtime based on the number of connected devices.