The Things Industries Launches Global Join Server for Secure LoRaWAN

Co-Founder and CEO of The Things Industries Wienke Giezeman announced the launch of Global Join Server (GJS) which is a secure component of the LoRaWan server. As an ecosystem, Global Join Server allows activating devices of any LoRa network from anywhere on the World. According to Giezeman, it works with the Things Network, the Community Network, cloud hosting solutions, etc. It works no matter if it is a part of a network server outside the Things Industries, as long it uses LoRa standard interfaces.

Global Join Server

The Global Join Server’s role is to store root keys, generate session keys and send them securely to the Network Server and Application Server. There is no more need to send keys by email or to print them on the boxes, they are already in a secure place. The Things Industries offers to device makers, module makers and distributors, access to a network-agnostic Join Server of LoRaWAN. With GJS there is no need for manufacturers to keep several SKUs. They only need to provide keys to end-device which will be stored in a safe place. Buyers on the other side only need to use a one-click device claiming procedure to transfer the ownership in the Join Server. Buyers can claim ownership through a web interface, API or a QR code scanning application while selecting a preferred network and application server for LoRaWAN. Activation can be automated and the whole process makes this device activation more secure, faster, cheaper with less error-prone.

A hardware secure module inside the device is the next step. This module is the place where the root keys are provisioned. Nobody can read those keys while they are inside these modules, because they are physically protected from tampering. Last year’s solution from Microchip is accompanied by ST, Trusted Objects and Cypress. Microchips solution is Trust&GO Lora with ATTECC6080A Secure Element. This element is pre-provisioned with the corresponding authentication keys and provide a JIL rated secure key storage to isolated keys in the nodes. With this approach, the keys are never exposed to the outside world. The keys are inserted in a secure element inside the chip during production. Keys are linked with a Global Join Server of the Things Industries. Authentication goes this way: the manufacturer sends a manifest that does not contain any key to the device maker, device maker upload the manifest to a Join Server to claim secure elements in the device makers account. After that, makers can produce the device and print LoRa Alliance standardized QR code which is unique and helps the owner to claim the device. While we are talking about secure elements, we must mention that we are talking about a single chip of 2×2 mm. It is not an unfamiliar IC, as we mentioned it recently while talking about ESPRESSOBin ULTRA Gateway.

We believe that security is for security and not for commercial vendor lock-in. We have built-in features that will make sure that the device maker is never locked in to any network. Like for instance your SIM card is doing in 4G/5G.

-Wienke Giezeman, Co-Founder and CEO of The Things Industries

Share this:

Support CNX Software! Donate via cryptocurrencies, become a Patron on Patreon, or purchase goods on Amazon or Aliexpress

ROCK 5 ITX Rockchip RK3588 mini-ITX motherboard
Subscribe
Notify of
guest
The comment form collects your name, email and content to allow us keep track of the comments placed on the website. Please read and accept our website Terms and Privacy Policy to post a comment.
0 Comments
oldest
newest
Boardcon Rockchip RK3588S SBC with 8K, WiFI 6, 4G LTE, NVME SSD, HDMI 2.1...