Icon Labs (www.iconlabs.com), a leading provider of security solutions for IoT and edge devices, announced the availability of the Floodgate Certificate Authority (CA).  Floodgate CA is the server side portion of Icon Labs’ PKI solution and provides certificate management for companies choosing to implement their own certificate-based authentication using public key infrastructure.

IoT security requires strong authentication.  All IoT devices, including the smallest endpoints, must support mutual authentication, ensuring all communication is between known, trusted devices, and that all access is authorized.  Certificate-based authentication using Public Key Infrastructure provides a proven, reliable authentication method. 

The Floodgate CA can be deployed on a hardened server or hierarchy of servers in a private environment to provide a closed PKI system without dependence upon public certificate authorities or other third-parties.   It can also operate as a sub-CA of a public CA, allowing OEMs to choose the operating model based on their IoT authentication requirements.

Floodgate CA can be used with any PKI client, including Icon Labs’ Floodgate PKI Client Toolkit; an embeddable PKI client for IoT devices.  Floodgate PKI Client enables even the smallest of IoT devices to generate keys, create certificate signing requests, and retrieve signed certificates from the Certificate Authority.

“This is the only security solution that provides both the client and server side required to automate secure provisioning and enrollment,” said Alan Grau, President of Icon Labs.  “The Floodgate Certificate Authority and Floodgate PKI Client toolkit enables developers to easily and efficiently integrate certificate-based machine-to-machine authentication for IoT devices.”

The PKI client supports SCEP, EST, and OCSP on all RTOS, embedded Linux, and Windows devices.  The Floodgate Certificate Authority encompasses a wide-range of potential use cases including key management, generating public key infrastructure certificates, and injecting pre-generated keys during the manufacturing process.

“PKI will re-emerge as one of the most relevant authentication mechanisms for organizations addressing the IOT authentication problem. PKI’s flexibility is important when adapting to changing requirements and represents identity verification in a cross-platform, multiprotocol approach.”  - Gartner Research

For more information, visit www.iconlabs.com.