Trust models – public key infrastructures and digital certificates
Public key infrastructures (PKI) are designed to provision public key certificates to devices and applications. PKI is designed to work exclusively with asymmetric cryptography, and relies upon the trust that the participants have in highly trusted centralized service providers. These providers, known as CA, serve as the root of trust, verify the identity of participants, and issue public key digital certificates.
In the web-based economy, PKI has been providing verifiable roots while conforming to a wide variety of architectures, and finding applicability in IIoT architectures as well. In some architectures, the end entity, which can be an IoT device, may be directly interfacing with the CA. In other cases, there may be deep trust chains, with many levels between the end entity and the root CA.
In the case of endpoints in an IIoT architecture, the devices are not inherently trustworthy. Besides, the main value proposition...