t’s an efficient way of allowing brand owners to give each of their products – even low-cost ones – a unique digital identity before they leave the manufacturer’s production line. This kind of secure identification is becoming more important with the growth in ‘smart’ devices which rely on being able to connect securely to digital services such as healthcare apps.
As well as supporting this move towards the ‘Internet of Things’, Trusted Source™ also enables digital security for a wide range of applications. These include coding for anti-counterfeiting and brand protection, establishing secure links for track-and-trace applications as well as smart devices, and simplifying wireless connection set-up.
Low-cost security techniques increasingly require sending secrets between a digital end point – whether it’s a factory testing station or a smartphone – and a brand owner’s database, often using untrusted internet connections. Cambridge Consultants has developed a turnkey solution which deploys the relevant key management software to both ends of a digital link, establishing end-to-end security from an enterprise data server to any number of business partners or devices including remote factories or suppliers.
The technology could be used to exchange data with a factory floor to retrieve anti-counterfeit codes, for example, or to monitor yield or output data. In a healthcare context it could be used to meet pharmaceutical packaging serialisation regulations or for the secure exchange of clinical trials data. In mobile security, the technology could enable an end-to-end connection directly to the secure components in a smartphone – and in ‘smart metering’ and ‘smart home’ environments it could be used for security ‘personalisation’ of devices.
“We developed Trusted Source™ because the end-to-end solutions we’ve been developing across our consumer, industrial and medical programmes all required this core component,” said Jon Edgcombe, leader of the software technologies group at Cambridge Consultants. “The traditional one-size-fits-all model for issuing digital certificates – generally used for one-way authentication on a web browser – isn’t the right tool for connected devices and online factories, which have fundamentally different security requirements.
“With product companies starting to run more digital services and becoming more capable of controlling their own roots of trust and security model, there are clear advantages to being able to customise your digital security to your needs. Our technology enables companies to have the tools and capabilities to control their own data flows, helping them comply with increasing privacy regulations, while increasing support for low-power devices as well as the variable quality internet connections often found in factory environments.”
The Trusted Source™ system is typically integrated as part of a Cambridge Consultants product development. It provides a company with a pre-packaged Certificate Authority server system, software and hardware token components which can be issued to third-party factories for easy installation – plus optional integration of a serialisation module for identity issuance. This set-up gives overall control of security and operational cost savings to the brand owner, compared with the alternative of outsourcing to a third-party certificate provider, and then auditing and securely integrating with a factory’s own IT system.
“As digital tasks become more complex, sending data securely between product locations is increasingly important to our clients, especially those supporting multiple factories producing millions of devices,” said Edgcombe. “This design platform simplifies setting up secure links, whether for anti-counterfeit brand protection or enabling secured digital services. We can host the server side for smaller deployments – which a number of our clients find beneficial when piloting a new connected product or digital system which needs to be secure – or hand over the system to the client for full-scale deployments.”
The design uses well-established security algorithms that can be implemented across a wide range of industries. The system can either be licensed as part of a product development or customised for deployment as fee-for-service work, depending on the overall product and digital service requirements.