Mocana Certificate Management Secures Connected Devices

Mocana Corporation, a software company that is enabling a secure networked society, announced the availability of Mocana Certificate Management. Certificate Management, the latest extension to Mocana’s Device Security Framework, represents a new class of infrastructure software which Mocana calls network applications, and provides critical functionality over networks to connected devices. Mocana’s Device Security Framework is made up of a unique combination of device-resident security software and security-centric network applications, such as Certificate Management, and provides a holistic security model for securing devices and device communications.

Management of device certificates, which can be thought of as a device’s digital identity, is emerging as a way for IT to efficiently manage and administer the security of devices and services across an enterprise or service provider in an automated way. Historically, certificate management was approached manually, but with the number of devices requiring supervision today, manual management has become extremely difficult.

“Our research indicates that as connected devices continue to proliferate across all industries, the need to automate security and systems management will be paramount for enterprises and IT organizations,” said Glen Allmendinger, president, Harbor Research, Inc. “Connected devices will require security software that can deal with scalability while easing provisioning burdens for end users of devices as well as the service providers and enterprises that deploy them.”

Being able to efficiently provision and revoke device certificates in an easier, more automated way allows for certificates to be used in a completely different way with connected devices – opening up the potential for an entirely new class of identity-based, Internet-scale end user services. For example, Mocana’s Certificate Management solution allows certificate strength security to be used for authentication rather than insecure user names and passwords which could lead to compromised security or SPIT (Spam for Internet Telephony) hijacked VoIP services.

Adrian Turner, chief executive officer and president of Mocana, commented, “The rate at which connected devices are proliferating is staggering, as everything from handsets to medical devices, retail devices and consumer electronics become connected. IT organizations are experiencing the pain of not only making sure those devices are secure when rolled out, but more importantly, managing the on-going security of those devices.”

Device manufacturers can now differentiate themselves by offering their customers a complete security model for devices and an easier way to deploy and manage Internet scale device networks such as VoIP handsets. With this capability, device manufacturers can sell more devices without forcing their customers to sacrifice security.

Mocana Certificate Management is an embedded and platform-agnostic solution that can work in two enrollment modes – automatic or manual. Mocana Certificate Management is built around the Simple Certificate Enrollment Protocol (SCEP), the evolution of the original certificate enrollment protocol developed by Verisign, Inc. and Cisco Systems, Inc., and is designed to make the issuing and revocation of digital certificates as scalable as possible. Mocana Certificate Management is comprised of the Mocana Certificate Management Client and the Mocana Certificate Management Server.

Using Mocana’s Certificate Management, organizations can now seamlessly accomplish:

  • Certificate enrollment and renewal – issuing a certificate to a specific user or device and/or renewing that certificate at regular intervals before expiration
  • Certificate revocation – withdrawing a certificate from a specific device for a certain reason, making that device inoperable
  • Certificate query – obtaining the Certificate Authority certificate and/or obtaining the end entity’s certificate
  • CRL query – obtaining information on whether a certificate has been revoked

Additional Features
Mocana Certificate Management is fully configurable and comes with a well-defined set of APIs. Leveraging Mocana’s common abstraction layer, Mocana’s Certificate Management works with over fifteen different operating systems, including Linux, VxWorks, and ThreadX. Further it:

  • Provides implementation of the SCEP server, Certificate Authority (CA), and Registration Authority (RA)
  • Leverages the Mocana PKCS and crypto libraries, which are FIPS validated, full featured and standards-based, containing all of the strongest cryptography commonly used for securing systems and devices
  • Is easily integrated and portable with different operating systems
  • Supports SCEP transactions like certificate enrollment/renewal, certificate revocation operation, querying of the Certificate Authority (CA) or certificate chain, querying of the device certificate, querying of the CRL (Certificate Revocation List), querying of CA capabilities and server polling in manual authentication mode
  • Supports CA and RA implementations allowing registration of end entities, generation of key pairs and CSR (Certificate Signing Request), signing, publishing certificates and CRLs, and authentication of end entities for certificate enrollment and renewal

Mocana’s Certificate Management solution is available today.

About Mocana
Mocana securely enables Internet-scale applications and services for connected devices. Mocana’s industry-leading infrastructure software solutions ensure that wired and wireless devices, networks and services perform and scale with the utmost security – a necessary foundation for a networked society. Customers include Dell, Cisco, Avaya, Nortel Networks, Harris, Honeywell, Symbol, and Radvision, among others. Mocana was founded in 2002, is privately-held, and headquartered in San Francisco, California.