Security

I believe that good security is as simple as possible, so that requirements which are necessary to maintain it are understandable. The IOCOM security doesn’t answer device security as whole, only to communication security.

A simple way to see the security.

Contents:

• Process (device) and user identification
• Certificates and chain of trust
  • Organization - root certificate and private key
  • Certifying a server - server certificate and private key
  • If cloud server is maintained by different organization?
  • Certificate expiration
  • Client certificates
  • Restorable server backup copy vs. security
• Authentication
• Automatic pairing IO device and server
• About security vulnerabilities
• IOCOM secure network topology - take 1
• IOCOM secure network topology - take 2

updated 28.2.2021/pekka