Device and artifact security

Hi Community,

I have seen a number of posts addressing security, but it is not conclusive to me that the following two issues are addressed. Could people share or discuss what they think about it?

Opinions are greatly appreciated!

1 Like

To answer my own question:
For the artifact, you could always compressed it and encrypt that.

do you have sensitive data in you payload that cannot be installed via the factory image?

Well, thinking ahead:
In the case of a full rootfs update, there might be some keys involved although that should be minimized anyway.

For specific file updates, that might be not a problem, but of course it would be great to ensure data integrity. For that reason, I figured that if you pack the artifact into an encrypted file, that already helps.

Encryption would be great. Although it might take some time to work out the process and get any changes upstream. So depending on your product timeline you may need to not include keys/sensitive data in the payload for now.

1 Like

Ultimately, secrets like keys should not be stored on the file system, for a myriad of reasons, not the least of which you have cited here. However, even given an encrypted artifact, a process like this presumes the secrets are the same for all nodes the artifact is being deployed to; which, second only to no security, is the bane of IoT’s future.
I would much rather see effort in the road map targeting PKCS#11/HSM support - but then Im biased, as all our devices include security chips that we are not yet able to utilize with Mender.

SLR-