FIDO Alliance FDO Certification program will allow users to mix and match FDO solutions from different vendors with confidence
Mountain View, Calif., September 26, 2023 – The FIDO Alliance’s FIDO Device Onboard (FDO) technology allows edge and IoT users to quickly and securely onboard devices, thereby reducing cost, time and risk. Today the FIDO Alliance announced the launch of its FIDO Device Onboard (FDO) Certification Program, enabling edge node and IoT device vendors to prove that their solutions adhere to the security and interoperability requirements of the FDO specifications. Achieving certification allows vendors to demonstrate their products are high quality and at low risk of cyberthreats, while deploying companies can ensure devices will interoperate more seamlessly and securely within IoT and distributed computing infrastructures.
Leading vendors around the world, including Dell Technologies, IBM, Intel, Red Hat and VinCSS have already begun to include the FDO specification in products and services, which are being utilized by customers in a variety of settings and applications. [Media note: see quotes from FDO vendors at end of press release].
According to Markets and Markets in their June 2023 report, the “Edge Computing Market size is expected to grow from $53.6 billion in 2023 to $111.3 billion by 2028.”(1) They go on to say that “despite the benefits, the edge computing architecture is susceptible to cyberattacks with the addition of vulnerable edge nodes and IoT devices.” The FIDO Alliance’s FDO technology has been specifically defined by leaders including Infineon, Intel, Google, Microsoft, Qualcomm and ARM to address these concerns so that users in areas such as enterprise and industrial can fully take advantage of edge computing opportunities.
The FDO protocol is a freely available standard that champions a ‘zero trust’ approach to remove these barriers, enabling devices to quickly and securely onboard to cloud and edge management platforms. As a Dell Technologies white paper explained, “The installation of these systems must prioritize simplicity and must be zero-touch once plugged in and powered on. Secure operations require the ability to bring edge devices into your environment with zero touch in mind.”(2)
FDO Certification, testing for which will take place in early October provides conformance and interop testing, a security risk analysis, and assurance that a company’s device meets FDO Specification and Security and Privacy Requirements. Certification testing builds trust among device owners, as devices are validated as meeting a high level of security by a third-party. Companies interested in taking part in the FDO Certification interop test can register for free and get more information here.
“Edge nodes and IoT devices are bringing transformative benefits to a whole range of industries but overcoming the security risks that exist today is critical to enable more organizations to take the leap,” said Andrew Shikiar, executive director and CMO of the FIDO Alliance. “The appetite we’ve seen for the FIDO Device Onboard (FDO) standard since we launched last year is a testament to how urgent the business need is to secure the edge in a way that’s quick and cost-effective. Launching the certification program marks another step towards fostering trust in the edge and IoT space and taking mass deployments to the next level.”
FIDO Alliance brings together 250+ of the most influential and innovative companies and government agencies from across the globe to deliver unrivaled security specifications that offer strong security, are free to use and easy to deploy. The FDO Specification is an important pillar in the expansion of the Alliance’s core vision: to boost global cyber security levels, help eliminate data breaches and enable secure online experiences.
The business benefits of the FIDO Device Onboard (FDO) standard include:
- Simplicity – Businesses no longer have to pay more for the installation and onboarding process than they do for the actual hardware devices themselves. The highly automated FDO process effectively brings ‘plug and play’ to the world of onboarding edge nodes and IoT devices.
- Flexibility – Businesses can choose which cloud or edge platforms they want to onboard devices to at the point of installation (as opposed to when devices are manufactured). A single device SKU can be onboarded to any platform (edge or cloud), thereby greatly simplifying the device supply chain.
- Security – FDO leverages an “zero trust” approach, which means the installer no longer needs – nor has access to – any sensitive infrastructure/access control information.
Developers can view and download the FDO Specification here. Higher levels of security certification are planned for the program in future, and interested parties are encouraged to join the FIDO Alliance and contribute to the evolution of the FDO standard. For more information or help, please contact: firstname.lastname@example.org
FIDO Alliance will be hosting a workshop on FDO on the opening day of its annual Authenticate conference, which takes place October 16-18 in Carlsbad, CA. More information on Authenticate can be found on the event website.
Red Hat, Red Hat Enterprise Linux and the Red Hat logo are trademarks or registered trademarks of Red Hat, Inc. or its subsidiaries in the U.S. and other countries. Linux® is the registered trademark of Linus Torvalds in the U.S. and other countries.
About the FIDO Alliance
The FIDO (Fast IDentity Online) Alliance, www.fidoalliance.org, was formed in July 2012 to address the lack of interoperability among strong authentication technologies, and remedy the problems users face with creating and remembering multiple usernames and passwords. The FIDO Alliance is changing the nature of authentication with standards for simpler, stronger authentication that define an open, scalable, interoperable set of mechanisms that reduce reliance on passwords.
- Edge Computing Market Report Summary & Forecast Analysis, Markets and Markets, June 2023. https://www.marketsandmarkets.com/Market-Reports/edge-computing-market-133384090.html
- Introduction to the Dell NativeEdge Software Platform, Dell, August, 2023
Quotes from FDO Stakeholders
“ASRock Industrial is setting the stage for a new era in IoT onboarding through the development of FIDO Device Onboarding (FDO)-enabled devices, embodied by the iEP-5000G Industrial IoT Controller. Harnessing FIDO Alliance’s state-of-the-art FDO technology and the availability of FDO Certification, ASRock Industrial is thrilled to announce its commitment to move forward with the FDO Certification for the iEP-5000G. This achievement shall guarantee both functionality and security for all FDO implementations, reinforcing our dedication to delivering solutions that streamline device connectivity and management. This will mark a significant milestone in our journey to provide innovative and future-ready Industrial IoT solutions,” saidJames Lee, President of ASRock Industrial.
“The FDO protocol is extensible beyond IoT and can be used to modernize onboarding and scale of enterprise edge and IT infrastructure,” said Daniel Cummins, Dell Technologies Fellow, edge solutions. “As Dell helps customers simplify and securely manage their edge estate, we’re using the FDO protocol to solve for security constraints at the edge. With Dell NativeEdge, our edge operations software platform, we’ve implemented FDO and Zero Trust enabling technologies to make edge device onboarding secure while improving time to service.”
“Having FIDO Device Onboard integrated in our leading IAM solution, KeyScaler allows our customers to benefit from complete trust in their IoT devices and data throughout their entire lifecycle,” said Darron Antill, CEO of Device Authority. “FIDO’s standardized approach of securely enrolling a device in phase one of its lifecycle, coupled with KeyScaler’s credential management, end to end data crypto, Edge security functionality, and SBOM validation solves the complex and fundamental device security challenges of any connected environment and supports IoT deployments at scale.”
“FDO provides an easy and secure installation of devices into a customer’s environment. Certification is key in simplifying and speeding FDO adoption. For edge and IoT devices, FDO and Infineon`s OPTIGATM TPM are an excellent match. The Trusted Platform Module (TPM) secures the FDO credentials, reducing the risk that they could be compromised, while simultaneously simplifying the manufacturing process,” saidVijayaraghavan Narayanan, Infineon’s Head of Edge Identity and Authentication.
“The FDO standard has helped to reduce cost, save time, and improve security which is helping the industry to expand rapidly at the edge,” said Anand Pashupathy, Vice President and General Manager of Security, Software and Services Division in the Product Assurance and Security Group, at Intel. “The new FDO certification testing program from the FIDO Alliance enables us to increase the attach rate of new devices with confidence, foster interoperability between vendors, and allows the industry to meet the requirements of our customers and partners with an automated, highly secure industry solution.”
“Our products primarily serve government, law enforcement, banking, and critical infrastructure sectors, where top-notch security and data protection are paramount. By integrating FIDO Device Onboard into our passwordless cameras, we confidently ensure the high security for our products right off the shelf, safeguarding our customers’ sensitive data while simultaneously mitigating tampering risks and reducing deployment and maintenance costs,”said Cuong Tran, CTO/Co-Founder, Pavana Technologies.
“Red Hat Enterprise Linux is the world’s leading enterprise Linux platform and the operating system of choice for many organizations deploying IoT and edge compute applications, spanning use cases such as industrial automation, medical, retail and other segments. By collaborating with the FIDO Alliance to implement FDO specifications for Red Hat Enterprise Linux, we can help customers more easily and quickly onboard and provision their devices to support greater interoperability and enhanced security measures at the edge,” said Kelly Switt, senior director, Edge and AI Business Development, Red Hat.
“The deployment of FDO technology for a range of commercial cameras from a Vietnamese camera OEM has yielded remarkable results, which I refer to as a triple-ROI: the camera OEM itself benefits when their product incorporates cutting-edge technology, creating a distinct competitive advantage; customers reap significant benefits, especially if they have a large number of devices to deploy and manage; and the issue of security and personal privacy, one of the pressing national security concerns, has been perfectly addressed,” said Mr. Simon Trac Do, CEO & Founder of VinCSS JSC, Vietnam. “Not stopping there, the integration of FDO with other technologies such as mesh, cyber-physical,… is providing the ability to solve previously unsolvable challenges in various aspects simultaneously, including safety, flexibility in deployment/operation/maintain, and cost-effectively. We consider ourselves fortunate for having made the early decision to embrace and promptly develop our FDO platform in order to bring it to the market on time.”
The 2023 Workforce Authentication Report: Embracing the Passwordless Future
Businesses...10月 16, 2023