By Claus Hetting, Wi-Fi NOW CEO & Chairman
With billions more devices in the forecast most will agree that Wi-Fi-based IoT is a huge new business opportunity in the making. But how can it be realised? Perhaps the biggest unresolved problem right now is the lack of a standardised scheme for securely auto-connecting IoT devices to Wi-Fi in the home, in the enterprise, or anywhere. Now Aptilo Networks says they’ve developed a solution for exactly that.
Anyone who has tried connecting an IoT device to Wi-Fi knows the drill: It is generally speaking hard – sometimes even nigh on impossible – to get them to work. Connecting all manner of devices, from light bulbs to webcams in your home to deployments of large volumes of devices for enterprise or industrial use, instead morph into tedious connectivity integration projects.
Exactly that problem – and similar onboarding issues – constitutes a formidable block on the road to realising the potential of Wi-Fi-based IoT. Fortunately, there is now a solution. And surprisingly, the solution for auto-connecting ‘things’ involves the use of Passpoint (802.11u) and EAP-TLS authentication, says Aptilo Networks.
Passpoint can be used to connect ‘things’
“Many IoT devices comes with built-in certificates to facilitate and secure device management. Interestingly, the full capability of the certificate is not used. With our zero-touch solution, we maximise the use of the certificate to also include authentication, authorisation, and policy management for Wi-Fi connectivity in a clever way. Combined with Passpoint, the jump to enabling auto-connect for ‘things’ is small,” says Jan Sjönell, VP Internet of Things at Aptilo Networks.
With Passpoint-enabled IoT devices, the rest of the zero-touch, auto-connect ‘magic’ happens by integrating Aptilo’s service management platform with IoT platforms such as Amazon Web Services (AWS) IoT Core, Sjönell explains. “We verify the certificate for a device managed by AWS IoT Core via our partnership with them. We then use the very same certificate for Passpoint authentication. The whole thing then becomes Wi-Fi IoT secure, auto-connect-IoT-as-a-service,” he says.
Important first steps taken including PoC trials
Jan Sjönell says there is still work to do to make the scheme happen in real life – and at scale – but that important first steps have been taken. “We’re operating a number of proof of concept trials right now, and the value of the solution is already undeniable. It works well and saves enormous amounts of manual device onboarding time,” Jan Sjönell says.
He also says that although using Amazon Web Services (AWS) IoT Core for certificate lookup and authentication is part of the current solution, other IoT platforms could also be used. Saving time by removing the need for manual onboarding can represent vast savings in operational expenditures especially in enterprise IoT segments such as healthcare or specialised industries.
The scheme is especially attractive – claims Aptilo – because it is standardised and applies no unknown or proprietary pieces of software or hardware in the device to work. “This is the onboarding solution for everyone – and there does not need to be even a discussion nor doubt about the technical details, it’s simply the Passpoint standard. That’s the beauty of using a standard,” he says.
Is 802.11u supported in all modern IoT devices?
For Aptilo’s scheme to be widely applicable, 802.11u protocol support in IoT devices is needed. The big question is of course whether this already exists or requires some form of industry-wide adoption.
“At first we assumed that 802.11u is already in the devices as it is included in many chipsets. In reality, it turns out 802.11u is not always enabled, simply because the manufacturers haven’t seen a use case for it. We are now working with IoT Wi-Fi modem vendors to convince them of the value and relevance of the use case. Of course we would prefer not resorting to suggest using hard-coded SSIDs, which is the alternative for legacy devices. We are also exploring an idea to do this with legacy devices without any pre-provisioned SSID,” Jan Sjönell says.
/Claus.
Last year Aptilo Networks won the Wi-Fi NOW Award for Best Wi-Fi IoT Solution. The award was presented to Aptilo Networks at Wi-Fi NOW Berlin in November 2018. For more details on the Aptilo Zero-touch Wi-Fi IoT Connectivity™ solution sign-up for their Webinar that goes live today Tuesday December 3 at 9am CET and 6pm CET. Both sessions will also be available as on-demand afterwards for all registrants.