ZPaul Friday, 05/19/17 04:29:51 PM Re: Jtech post# 164919 Post # of 173741 Remember I talked about TLS @ https://investorshub.advfn.com/boards/read_msg.aspx?message_id=130538849 ? The TLS client authentication protocol has been part of the security standard for years, but it's now that we have started to use it in certifying secure IoT connections. TLS client authentication will provide a lower-level authentication for the client than login or password, and occurs before any application content (any data, i.e. text, music, photos) is shared between the two parties. TLS Client Authentication will be very useful in cases where a server is keeping track of hundreds of thousands or millions or billions of clients, as in IoT, or in a mobile app, with millions of installs exchanging secure information. For example, an IoT company can issue a unique client certificate per device, and then limit connections to their IoT infrastructure to only their devices by blocking connections where the client doesn't present a certificate signed by the company's certificate authority. TLS client authentication uses the strongest forms of cryptography to ensure that you are connecting with the right machines. TLS client authentication also eliminates use of passwords. It's perfect for machine authentication, including software containers in the cloud and IoT devices floating around in the real world. This is part of a trend to identify machines as we can't give out usernames and passwords to machine but we can give keys and certificates. We can have multiple credentials and attributes that can be evaluated simultaneously to make high assurance authentication and authorization decisions. There is tremendous value that can be gained from device certificates, and TLS client authentication is an established protocol that will be used for low level extremely secure authentication in IoT world. Have a good weekend everyone.