Usando AWS re:Post, accetti AWS re:Post Termini di utilizzo
AWS re:Postre:Post

IoT security: Using single certification across all devices?

0

In IoT Core, it is strongly suggested to use a uniq certificate per device. Is using same cert across many devices less secure? Or simply loosing functionalities like Shadow, etc?

Argomenti
Internet delle cose (IoT)
Tag
AWS IoT Core
Lingua
English
AWS-User-3532884
posta 2 anni fa441 visualizzazioni
1 Risposta
0

Hi,

there are several reasons why to use a unique certificate per device. When you deploy for example 1 million devices and your certificate is being compromised you must exchange the certificate on all devices. When you deactivate the certificate all devices which share a certificate are affected.

If you use one unique device per certificate you only need to exchange the certificate on one device. You can also deactivate such a certificate without impacting other devices.

When you attach IoT policies to a certificate, all devices will share the same permissions when they share a certificate. This can prevent you from using IoT policies that conform to the least privilege principle.

The shadow service is unrelated to the certificate you use. Your device logic defines which shadow name in classic or named shadow you are going to use.

KR,

Philipp

AWS
ESPERTO
Philipp S
con risposta 2 anni fa

Accesso non effettuato. Accedi per postare una risposta.

Una buona risposta soddisfa chiaramente la domanda, fornisce un feedback costruttivo e incoraggia la crescita professionale del richiedente.

Linee guida per rispondere alle domande

Contenuto pertinente