Introducing Scurid Edge Agent
We are extremely excited about our upcoming closed beta release and the opportunity to work closely with interested early adopters for direct feedback. Scurid is focused on developing and delivering an easy to use digital identity, application of which we have tried to cover in some of our previous blogs and will continue to do so in upcoming ones for Internet of Things (IoT) / Industrial Internet of Things (IIoT) devices and software.
The idea behind the Scurid stack is simple — save time, effort, and the resources for the developers to get started with distributed digital identity, a verifiable credential, ready to go in few seconds at distributed scale. Letting developers & organizations focus on business logic to help speed up their mission towards digitalization. And while doing so still maintain control over the identity and the data related to it.
With this blog, we’d like to introduce one of the key elements in the Scurid stack, the Scurid Edge Agent.
It’s an identity agent written purely in Golang, designed to run as a service on small microprocessor-based devices such as RaspberryPi. It exposes identity-related features via simple APIs, alleviating the need for top-down, that is centralized delivery of identities for the devices.
It’s designed to be either pre-installed by the hardware manufacturers, or the organization installs the agent during onboarding of their IoT/IIoT devices along with their own IoT software to interact with the Scurid edge agent in real-time locally on the device. This means a developer can generate verifiable credentials without any external dependencies. Which is a great boost for a secure practice of regularly rotating a device’s identity, as they often should be as a good security practice, in the field at distributed scale.
Device identities generated by the Scurid Edge Agent has the following features :
- Identities generated adheres to the W3C standard for a distributed identity (DID), example
- Globally unique
- Consists of a public key and a private key
Core features, also covered in the closed beta version release :
- Unlimited identity generation on the device (without any external dependencies)
- Fully managed wallet, holding the private keys locally on the device
- Simple gRPC APIs to help developers interact with the agent in several languages
- Devices can sign each data packet/data payload for a unique “fingerprint” of identity on them
- Supports multiple OSes & hardware platforms
In the closed beta version, we are launching the Scurid Edge Agent in stealth mode, in which the agent only reacts to the requests from the developer’s IoT software. IoT software on the device / or any software requesting the identity has full control and decides the application of the identity as per the need.
While it is useful to have this capability for a device / or a software element generating identities with full control over it, organizations would like to maintain full control, manage, authorize & use these identities to authenticate devices or software elements like microservices. This is why the identities generated by the device via Scurid Edge Agent must be registered with the organization’s IoT Platform or other such related systems. To help with this we’ve built Scurid Platform App, which we’ll introduce in our next blog in the series.
The capability to generate verifiable credentials at distributed scale brings a lot of core and added value for the businesses dealing with IoT devices, its data for data analytics, etc. to list a few
- Freedom from managing usernames/passwords, static API keys
- Elevating device identity security with a limited budget
- Reduction in effort, cost & time in maintaining centralized Public key infrastructure for your distributed devices
- Relationship-based identities — generate identities needed for certain tasks/interaction with a 3rd party system and then revoke them to prevent overuse or identity leak
- With the high degree of data integrity, consumers of IoT data from the devices can now easily track and verify data coming from specific devices
- Aid organizations to move towards safer adoption of autonomous systems
- Providing building blocks for Hardware as a Service, with digital identities that be generated on the fly for interaction with different internal and external systems
- A strong move towards data governance — with data ownership & self-sovereign identity
- Simplify auditing, prevent intentional/unintentional data manipulation
- Trustworthy & verifiable data for data analytics