SlideShare a Scribd company logo

Automated Device Provisioning

John Chang, profile picture
John Chang

The document discusses the challenges of device provisioning in IoT, highlighting the complexities of supply chains and the manual nature of initial configurations. It describes a two-step provisioning process involving enrollment and registration, and outlines features of the Device Provisioning Service (DPS) such as support for multiple authentication methods and device management capabilities. Additionally, it offers a demo for provisioning a device using symmetric key attestation.

Software
Related topics:
Cloud Computing Insights Internet of Things Microsoft Azure
1 of 12
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
Device Provisioning Service John Chang Commercial Software Engineering Microsoft 2019.09
Why provisioning is hard today • Solutions must have per-device revocable access • Provisioning is a manual process • Initial configuration can become irrelevant between manufacturing and deployment • Device supply chains are complex
Automated Device Provisioning
An IoT device’s relationship to DPS
Provisioning process • There are two distinct steps with security flows • The manufacture step in which the enrollment information is harvested and placed in the enrollment list • The registration step in which the device phones home to the DPS
Automated Device Provisioning Device Management System 2. Return the device information. 1. Create the Enrollment list. Device Service Bus Logic App ASP.NET Core (On Device)
IoT Hub IoT Hub IoT Hub IoT Hub Provisioning with DPS IoT Hub Device Device Provisioning Service Business logic “where’s my home?”Identity attestation Device enrollment info Register new device, populate initial configRegistered device info Registered device info Establish connection Initial configuration Device telemetry Insights Device telemetry …etc
Brief feature overview • Cross-region, cross-subscription DPS→IoT Hub connection • Group and individual enrollment • Multiple auth methods supported • Symmetric keys • TPM endorsement key • X.509 certificates • Automatic re-provisioning • Factory reset • Migration • Enrollment-level device assignment logic • Static assignment • Evenly weighted • Lowest-latency (geo-sharding) • Custom assignment logic
Provision with Symmetric key attestation • Represents a "Hello world" experience for developers who are new to device provisioning, or do not have strict security requirements. • Device attestation using a TPM is more secure and should be used for more stringent security requirements. • Legacy devices may not have a certificate, TPM, or any other security feature that can be used to securely identify the device. • Symmetric key attestation can be used to identify a device based off information like the MAC address or a serial number.
Demo – Provision Device with Symmetric key https://github.com/michael-chi/automate-device-provisioning
Code Flow
Questions?

More Related Content

PPTX
Essential MDM configurations
Peter Hewer
 
PPTX
Retail Location Security Complexities
Etienne Liebetrau
 
PDF
Securing the Mobile enterprise
IBM Danmark
 
PPTX
MDM - airwatch
Bharat Sinha
 
PDF
Enterprise Mobility (Admin)
Microsoft
 
PPTX
Wally Mead - Deploying a system center 2012 r2 configuration manager environm...
Nordic Infrastructure Conference
 
PDF
Mobile Devices & BYOD Security – Deployment & Best Practices
Cisco Canada
 
PDF
#MFSummit2016 Secure: Mind the gap strengthening the information security model
Micro Focus
 
Essential MDM configurations
Peter Hewer
 
Retail Location Security Complexities
Etienne Liebetrau
 
Securing the Mobile enterprise
IBM Danmark
 
MDM - airwatch
Bharat Sinha
 
Enterprise Mobility (Admin)
Microsoft
 
Wally Mead - Deploying a system center 2012 r2 configuration manager environm...
Nordic Infrastructure Conference
 
Mobile Devices & BYOD Security – Deployment & Best Practices
Cisco Canada
 
#MFSummit2016 Secure: Mind the gap strengthening the information security model
Micro Focus
 

What's hot (19)

PPTX
Wally Mead - Managing mobile devices with system center 2012 r2 configuration...
Nordic Infrastructure Conference
 
PPTX
Enterprise Mobility Suite- Azure AD Premium
Lai Yoong Seng
 
PDF
#MFSummit2016 Secure: Is your mainframe less secure than your fileserver
Micro Focus
 
PDF
AMB110: IT Asset Management – How to Start When You Don’t Know Where to Start
Ivanti
 
PPTX
VBOT
Vasyaa Group of Services
 
PPTX
Mark Carlile, EMEA Enterprise Lead at Airwatch - Mobile content strategies an...
Global Business Events
 
PDF
Identity and Access Lifecycle Automation
Hitachi ID Systems, Inc.
 
PDF
Blackberry in Government
Commonwealth Telecommunications Organisation
 
PPTX
Business Case Of Bring Your Own Device[ BYOD]
Md Yousup Faruqu
 
PDF
Introduction to Identity Management
Hitachi ID Systems, Inc.
 
PDF
Aptera Cloud Event 2013 - Windows Intune - Eric Rupp
Aptera Inc
 
PDF
Industrial Internet
Alex Lavell
 
PPTX
RPASS - Ricoh Proactive ServiceS for Remote Monitoring & Backup
Ricoh India Limited
 
PPTX
Windows 7 And Windows Server 2008 R2 Combined Value
Amit Gatenyo
 
PDF
Chapter 5 IoT Design methodologies
pavan penugonda
 
PDF
Byod+ +bring+your+own+device
J
 
PPTX
Office 365 Mobile Device Management: What Is It, and Why Should You Care - Pa...
Summit 7 Systems
 
PPT
Iot secure connected devices indicthreads
IndicThreads
 
PPTX
Managing 4,000 devices across 20+ remote sites on a single console
ManageEngine, Zoho Corporation
 
Wally Mead - Managing mobile devices with system center 2012 r2 configuration...
Nordic Infrastructure Conference
 
Enterprise Mobility Suite- Azure AD Premium
Lai Yoong Seng
 
#MFSummit2016 Secure: Is your mainframe less secure than your fileserver
Micro Focus
 
AMB110: IT Asset Management – How to Start When You Don’t Know Where to Start
Ivanti
 
VBOT
Vasyaa Group of Services
 
Mark Carlile, EMEA Enterprise Lead at Airwatch - Mobile content strategies an...
Global Business Events
 
Identity and Access Lifecycle Automation
Hitachi ID Systems, Inc.
 
Blackberry in Government
Commonwealth Telecommunications Organisation
 
Business Case Of Bring Your Own Device[ BYOD]
Md Yousup Faruqu
 
Introduction to Identity Management
Hitachi ID Systems, Inc.
 
Aptera Cloud Event 2013 - Windows Intune - Eric Rupp
Aptera Inc
 
Industrial Internet
Alex Lavell
 
RPASS - Ricoh Proactive ServiceS for Remote Monitoring & Backup
Ricoh India Limited
 
Windows 7 And Windows Server 2008 R2 Combined Value
Amit Gatenyo
 
Chapter 5 IoT Design methodologies
pavan penugonda
 
Byod+ +bring+your+own+device
J
 
Office 365 Mobile Device Management: What Is It, and Why Should You Care - Pa...
Summit 7 Systems
 
Iot secure connected devices indicthreads
IndicThreads
 
Managing 4,000 devices across 20+ remote sites on a single console
ManageEngine, Zoho Corporation
 
Ad

Similar to Automated Device Provisioning (20)

PPTX
CCI2018 - Gestire devices per l'Internet of Things con Azure IoT Hub
walk2talk srl
 
PPTX
Gestire i devices con Azure IoT Hub e IoT Edge
Marco Parenzan
 
PDF
Embracing iot in the enterprise
Gabriella Davis
 
PPTX
PLNOG15: Simplifying network deployment using Autonomic networking and Plug-a...
PROIDEA
 
PDF
Ctc rick ryan prezi 3 2016
Courtney King
 
PPTX
Successful Industrial IoT patterns
John Mathon
 
PPTX
Incident Response for the Work-from-home Workforce
Christopher Gerritz
 
PDF
Cybersecurity
nado-web
 
PPTX
Building an IoT System to Protect My Lunch
John Varghese
 
PPTX
Microsoft Azure IoT Hub (Sam Vanhoutte @TechdaysNL 2017)
Codit
 
DOCX
Overview one pager
Andrew Keenan
 
PPTX
Sviluppare un portale per gestire la tua soluzione IoT Hub
Marco Parenzan
 
PDF
IoT Seminar (Oct. 2016) Juan Perez - Microsoft
Open Mobile Alliance
 
PPTX
Security Testing for IoT Systems
Security Innovation
 
PPTX
IoT-Device-Security.pptx
ZahidHussainqaisar
 
PPTX
IoT-Device-Security-DRAFT-slide-presentation
AuliaArifWardana
 
PDF
Group 5 IoT Architecture Layer
Marcus Maneja
 
PPTX
IoT platforms – comparison Azure IoT vs AWS IoT
(Saravana) Pandiyan Varadaraj (He/Him)
 
PDF
WSO2Con EU 2015: IoT in Finance
WSO2
 
PPTX
IAITAM ACE 2016, New Orleans - Presentation
Jon Stevens-Hall
 
CCI2018 - Gestire devices per l'Internet of Things con Azure IoT Hub
walk2talk srl
 
Gestire i devices con Azure IoT Hub e IoT Edge
Marco Parenzan
 
Embracing iot in the enterprise
Gabriella Davis
 
PLNOG15: Simplifying network deployment using Autonomic networking and Plug-a...
PROIDEA
 
Ctc rick ryan prezi 3 2016
Courtney King
 
Successful Industrial IoT patterns
John Mathon
 
Incident Response for the Work-from-home Workforce
Christopher Gerritz
 
Cybersecurity
nado-web
 
Building an IoT System to Protect My Lunch
John Varghese
 
Microsoft Azure IoT Hub (Sam Vanhoutte @TechdaysNL 2017)
Codit
 
Overview one pager
Andrew Keenan
 
Sviluppare un portale per gestire la tua soluzione IoT Hub
Marco Parenzan
 
IoT Seminar (Oct. 2016) Juan Perez - Microsoft
Open Mobile Alliance
 
Security Testing for IoT Systems
Security Innovation
 
IoT-Device-Security.pptx
ZahidHussainqaisar
 
IoT-Device-Security-DRAFT-slide-presentation
AuliaArifWardana
 
Group 5 IoT Architecture Layer
Marcus Maneja
 
IoT platforms – comparison Azure IoT vs AWS IoT
(Saravana) Pandiyan Varadaraj (He/Him)
 
WSO2Con EU 2015: IoT in Finance
WSO2
 
IAITAM ACE 2016, New Orleans - Presentation
Jon Stevens-Hall
 
Ad

More from John Chang (11)

PDF
跨部門團隊如何在AI專案中高效協作:敏捷方法論與生成式AI生命週期的實踐與應用策略
John Chang
 
PDF
AI in Manufacturing - John.pdf
John Chang
 
PDF
Use .NET Core to create IoT Solutions
John Chang
 
PDF
Modern Data Warehouse Overview
John Chang
 
PDF
AI for Intelligent Cloud and Intelligent Edge: Discover, Deploy, and Manage w...
John Chang
 
PDF
以電腦視覺搭配感測器進行環境偵測
John Chang
 
PDF
利用电脑视觉与人工智能 创造更多物联网价值
John Chang
 
PPTX
透過電腦視覺與人工智慧創造物聯網新價值
John Chang
 
PDF
遊戲服務上雲端 -- 設計的八大守則
John Chang
 
PDF
深入研究雲端應用程式平台-AppFabric
John Chang
 
PPSX
WCF 4.0-企業級雲端服務應用實務
John Chang
 
跨部門團隊如何在AI專案中高效協作:敏捷方法論與生成式AI生命週期的實踐與應用策略
John Chang
 
AI in Manufacturing - John.pdf
John Chang
 
Use .NET Core to create IoT Solutions
John Chang
 
Modern Data Warehouse Overview
John Chang
 
AI for Intelligent Cloud and Intelligent Edge: Discover, Deploy, and Manage w...
John Chang
 
以電腦視覺搭配感測器進行環境偵測
John Chang
 
利用电脑视觉与人工智能 创造更多物联网价值
John Chang
 
透過電腦視覺與人工智慧創造物聯網新價值
John Chang
 
遊戲服務上雲端 -- 設計的八大守則
John Chang
 
深入研究雲端應用程式平台-AppFabric
John Chang
 
WCF 4.0-企業級雲端服務應用實務
John Chang
 

Recently uploaded (20)

PDF
17 Powerful Integrations Your Next-Gen MLM Software Needs
ventaforcemlmsoftwar
 
PPTX
Reimagine Home Health with the Power of Agentic AI​
AutomationEdge Technologies
 
PDF
Salesforce Agentforce AI Implementation.pdf
Robert Mark
 
PDF
iTop VPN 6.5.0 Crack + License Key 2025 (Premium Version)
youngle786g
 
PPTX
AMADEUS TRAVEL AGENT SOFTWARE | AMADEUS TICKETING SYSTEM
philipnathen82
 
PDF
Internet Downloader Manager (IDM) Crack 6.42 Build 41
ghrom2211g
 
DOCX
Greta — No-Code AI for Building Full-Stack Web & Mobile Apps
niloyislam1187
 
PDF
AutoCAD Professional Crack 2025 With License Key
youngle786g
 
PPTX
Operating system designcfffgfgggggggvggggggggg
rmskumara09
 
PPTX
Oracle Fusion HCM Cloud Demo for Beginners
DharanOracleerp
 
PDF
Tally Prime Crack Download New Version 5.1 [2025] (License Key Free
itskinga12
 
PPTX
Oracle E-Business Suite: A Comprehensive Guide for Modern Enterprises
Conacent Consulting
 
PPTX
Log360_SIEM_Solutions Overview PPT_Feb 2020.pptx
nonameist3434
 
PPTX
history of c programming in notes for students .pptx
Vijayakumari829030
 
PDF
Autodesk AutoCAD Crack Free Download 2025
hggfcrd hgggref
 
PDF
Digital Systems & Binary Numbers (comprehensive )
fyfhqfhtv2
 
PDF
How to Choose the Right IT Partner for Your Business in Malaysia
Asian Business Services & Technologies
 
PDF
Download FL Studio Crack Latest version 2025 ?
ghrom2211g
 
PPTX
Agentic AI Use Case- Contract Lifecycle Management (CLM).pptx
mhxyzzp
 
PPTX
Transform Your Business with a Software ERP System
Canada Software Company
 
17 Powerful Integrations Your Next-Gen MLM Software Needs
ventaforcemlmsoftwar
 
Reimagine Home Health with the Power of Agentic AI​
AutomationEdge Technologies
 
Salesforce Agentforce AI Implementation.pdf
Robert Mark
 
iTop VPN 6.5.0 Crack + License Key 2025 (Premium Version)
youngle786g
 
AMADEUS TRAVEL AGENT SOFTWARE | AMADEUS TICKETING SYSTEM
philipnathen82
 
Internet Downloader Manager (IDM) Crack 6.42 Build 41
ghrom2211g
 
Greta — No-Code AI for Building Full-Stack Web & Mobile Apps
niloyislam1187
 
AutoCAD Professional Crack 2025 With License Key
youngle786g
 
Operating system designcfffgfgggggggvggggggggg
rmskumara09
 
Oracle Fusion HCM Cloud Demo for Beginners
DharanOracleerp
 
Tally Prime Crack Download New Version 5.1 [2025] (License Key Free
itskinga12
 
Oracle E-Business Suite: A Comprehensive Guide for Modern Enterprises
Conacent Consulting
 
Log360_SIEM_Solutions Overview PPT_Feb 2020.pptx
nonameist3434
 
history of c programming in notes for students .pptx
Vijayakumari829030
 
Autodesk AutoCAD Crack Free Download 2025
hggfcrd hgggref
 
Digital Systems & Binary Numbers (comprehensive )
fyfhqfhtv2
 
How to Choose the Right IT Partner for Your Business in Malaysia
Asian Business Services & Technologies
 
Download FL Studio Crack Latest version 2025 ?
ghrom2211g
 
Agentic AI Use Case- Contract Lifecycle Management (CLM).pptx
mhxyzzp
 
Transform Your Business with a Software ERP System
Canada Software Company
 

Automated Device Provisioning

  • 1. Device Provisioning Service John Chang Commercial Software Engineering Microsoft 2019.09
  • 2. Why provisioning is hard today • Solutions must have per-device revocable access • Provisioning is a manual process • Initial configuration can become irrelevant between manufacturing and deployment • Device supply chains are complex
  • 4. An IoT device’s relationship to DPS
  • 5. Provisioning process • There are two distinct steps with security flows • The manufacture step in which the enrollment information is harvested and placed in the enrollment list • The registration step in which the device phones home to the DPS
  • 6. Automated Device Provisioning Device Management System 2. Return the device information. 1. Create the Enrollment list. Device Service Bus Logic App ASP.NET Core (On Device)
  • 7. IoT Hub IoT Hub IoT Hub IoT Hub Provisioning with DPS IoT Hub Device Device Provisioning Service Business logic “where’s my home?”Identity attestation Device enrollment info Register new device, populate initial configRegistered device info Registered device info Establish connection Initial configuration Device telemetry Insights Device telemetry …etc
  • 8. Brief feature overview • Cross-region, cross-subscription DPS→IoT Hub connection • Group and individual enrollment • Multiple auth methods supported • Symmetric keys • TPM endorsement key • X.509 certificates • Automatic re-provisioning • Factory reset • Migration • Enrollment-level device assignment logic • Static assignment • Evenly weighted • Lowest-latency (geo-sharding) • Custom assignment logic
  • 9. Provision with Symmetric key attestation • Represents a "Hello world" experience for developers who are new to device provisioning, or do not have strict security requirements. • Device attestation using a TPM is more secure and should be used for more stringent security requirements. • Legacy devices may not have a certificate, TPM, or any other security feature that can be used to securely identify the device. • Symmetric key attestation can be used to identify a device based off information like the MAC address or a serial number.
  • 10. Demo – Provision Device with Symmetric key https://github.com/michael-chi/automate-device-provisioning