Core Protection Services
Core Protection services protect your data at rest and in transit by leveraging the root of trust of your u-blox SARA-R4 or SARA-R5 module . Through u-blox Thingstream, you can generate access keys to securely declare your ownership of the modules and establish the root of trust through which you can manage (enable, disable, configure, get usage, etc..) all of the features provided in Core Protection including:
- A unique Swiss-made Key Management System (KMS) which allows you to generate an infinite number of crypto keys on-the-fly to protect a single in-transit message. A perfect solution for those scenarios that require frequent secure transmission of small payloads.
- A ready-to-use, bi-directional solution to transmit encrypted data from device to cloud and vice versa ensuring confidentiality, authenticity and integrity
- Complete device control
- Simplified device certificate provisioning with a real zero-touch provisioning (ZTP) solution that works with major cloud service providers such as AWS, Microsoft Azure and Google
- Leverage the the hardware root of trust to protect data at rest and secure chip to chip communication e.g. MCU to modem, against device tampering, sniffing, brute-force attacks and counterfeiting
The Core Protection APIs themselves are designed to use standard HTTPS protocol and return JSON payloads in response to HTTPS requests, and are implemented based on the RESTful principles.
Generating Access Keys
In order to start using Core Protection Services, you'll need to generate an access key and secret pair to install on your module. You can do this by going to the Access Keys page under Core Protection and clicking on the "Generate Keys" button.
Once you have generated your key and secret, make sure you save them somewhere safe as the secret cannot be recovered after you leave the page.
You can now use the key and secret pair to configure your modem, ready to use the Core Protection Services APIs.