Security
🔤 Acronyms? See the Glossary
LoRaWAN, Sigfox, NB-IoT (and others) already secure the link between the device and the gateway. LoRaWAN adds security by encrypting the payload using an application key.
To further increase the level of security, Acklio brings SCHC and the IP stack security at the upper layers. It is then easy to use security solutions such as DTLS and OSCore.
Acklio IPCore follows the state of the art in terms of a secured environment relying on HTTPS/OAuth, encrypted interface, component isolation, and hardened operating systems.
Network Security​
Secured Item | Securing Means |
---|---|
External Interfaces | Authentication and encrypted interfaces (VPNs for remote networks). Frontend server secured through HTTPS access and credentials. |
Internal Interfaces | gRPCs interfaces are secured through login/password and encryption. Database interbases are secured through login/password. |
Operating System | Hardened OS based on Ubuntu 18.04 LTS |
Components | All components are containerized, i.e. run in virtualization layers to ensure isolation and minimal service exposition. |
Proxy​
A proxy secures the interactions between the devices and the application. A proxy is inserted between Acklio IPCore services and the HTTP server to translate CoAP into HTTP by uplinks and HTTP to CoAP by downlinks.