Se ha denunciado esta presentación.
Se está descargando tu SlideShare. ×

Automated Device Provisioning

Anuncio
Anuncio
Anuncio
Anuncio
Anuncio
Anuncio
Anuncio
Anuncio
Anuncio
Anuncio
Anuncio
Anuncio
Próximo SlideShare
Essential MDM configurations
Essential MDM configurations
Cargando en…3
×

Eche un vistazo a continuación

1 de 12 Anuncio

Automated Device Provisioning

Descargar para leer sin conexión

The IoT Hub Device Provisioning Service is a helper service for IoT Hub that enables zero-touch, just-in-time provisioning to the right IoT hub without requiring human intervention, allowing customers to provision millions of devices in a secure and scale-able manner.

This session described how to do IoT device provisioning in a global scale including a real case demonstration.

The IoT Hub Device Provisioning Service is a helper service for IoT Hub that enables zero-touch, just-in-time provisioning to the right IoT hub without requiring human intervention, allowing customers to provision millions of devices in a secure and scale-able manner.

This session described how to do IoT device provisioning in a global scale including a real case demonstration.

Anuncio
Anuncio

Más Contenido Relacionado

Presentaciones para usted (19)

Similares a Automated Device Provisioning (20)

Anuncio

Más reciente (20)

Anuncio

Automated Device Provisioning

  1. 1. Device Provisioning Service John Chang Commercial Software Engineering Microsoft 2019.09
  2. 2. Why provisioning is hard today • Solutions must have per-device revocable access • Provisioning is a manual process • Initial configuration can become irrelevant between manufacturing and deployment • Device supply chains are complex
  3. 3. An IoT device’s relationship to DPS
  4. 4. Provisioning process • There are two distinct steps with security flows • The manufacture step in which the enrollment information is harvested and placed in the enrollment list • The registration step in which the device phones home to the DPS
  5. 5. Automated Device Provisioning Device Management System 2. Return the device information. 1. Create the Enrollment list. Device Service Bus Logic App ASP.NET Core (On Device)
  6. 6. IoT Hub IoT Hub IoT Hub IoT Hub Provisioning with DPS IoT Hub Device Device Provisioning Service Business logic “where’s my home?”Identity attestation Device enrollment info Register new device, populate initial configRegistered device info Registered device info Establish connection Initial configuration Device telemetry Insights Device telemetry …etc
  7. 7. Brief feature overview • Cross-region, cross-subscription DPS→IoT Hub connection • Group and individual enrollment • Multiple auth methods supported • Symmetric keys • TPM endorsement key • X.509 certificates • Automatic re-provisioning • Factory reset • Migration • Enrollment-level device assignment logic • Static assignment • Evenly weighted • Lowest-latency (geo-sharding) • Custom assignment logic
  8. 8. Provision with Symmetric key attestation • Represents a "Hello world" experience for developers who are new to device provisioning, or do not have strict security requirements. • Device attestation using a TPM is more secure and should be used for more stringent security requirements. • Legacy devices may not have a certificate, TPM, or any other security feature that can be used to securely identify the device. • Symmetric key attestation can be used to identify a device based off information like the MAC address or a serial number.
  9. 9. Demo – Provision Device with Symmetric key https://github.com/michael-chi/automate-device-provisioning
  10. 10. Code Flow
  11. 11. Questions?

×