Certificate Identity for the ThingWorx Platform

IoT Platform Integration and Marketplace Add-on

The value of unique trusted identity


With the adoption of IoT comes new challenges that proliferate as “connected things” come online. Devices across all industries and critical infrastructure collect and transmit functional data that is leveraged for descriptive, predictive and prescriptive action. This action is predicated on legitimate and accurate data being received and devices being protected against misuse or breach.

Only when a device carries a unique identity—a device certificate—can we ensure secure validation of device, data and code. A shared token or key, or plain-text passwords, cannot provide that security assurance level and will also reach limitations when trying to manage and control individual devices in distinct ways.

An End-to-End Secure Identity Platform for ThingWorx

Keyfactor Control enables organizations running the ThingWorx IoT platform to establish their own dedicated IoT Directory and build a high assurance security model based on trusted identity and certificates. The Keyfactor Control Access Valve for ThingWorx integrates into an organization’s dedicated IoT Directory and Root of Trust (RoT) with their ThingWorx IoT platform, and turns on certificate-based authentication and granular authorization for every device connection. In conjunction with Keyfactor Control, it allows device access to be controlled based on time-fencing, geofencing and any other adaptive criteria set within a device’s extended attributes.

Establish Your Own IoT Directory and Root of Trust

Keyfactor Control is a secure service that lets you establish your own dedicated IoT Directory built upon your own dedicated Root of Trust (RoT). An IoT Directory allows you to execute granular device authentication and authorization, data encryption and assurance of secure code execution.

Keyfactor Control establishes unique identities consisting of device certificate, trust chain and extended attributes, for every IoT device you design, whether in the thousands or millions.

Keyfactor Control provides agents and APIs for RoT management and an access valve for the ThingWorx IoT platform to seamlessly enable certificate authentication and granular authorization.


Putting your devices and data to work

Keyfactor Control includes a high assurance PKI for the issuance of identities across all IoT devices and systems. Each deployment is dedicated, single-tenant, customized to exact project requirements and then fully managed for you.

Cut design and deployment time by leveraging the flexibility and scalability of PKI-as-a-Service (PKIaaS), together with a platform that simplifies identity lifecycle management for each device.

Ensure that the management overhead of critical security infrastructure does not hold back your business as your initiative grows, or as new projects and requirements come online.


Keyfactor Control access control valve integration

The Keyfactor Control IoT Identity Platform offers access control valve solutions, enabling additional validation of inbound requests to the ThingWorx platform based on unique client certificates and their extended attributes. Features include:

  • Dynamic client certificate authentication requirements: The ability to turn requirements on and off without restarting your server or disconnecting any clients
  • Adaptive authorization: Allow or deny device connections individually or as a collection
  • Time and location restrictions: Limit device access to certain IP addresses and/or time of day
  • Monitoring: Log unsuccessful connection attempts or attempts with certificates that have been revoked.


Learn More >>

On-Demand Webinar

Turnkey Certificate-based Security Extension for ThingWorx IoT Platform Users