Frequently asked questions about Avian

Avian itself helps to secure data transmission between the mobile device and the Internet of Things. This is possible because Avian’s design is handled consistently and thoroughly with the issue of security.

In order to ensure the highest security, Avian starts at the points where the attack surface from the outside is the smallest. This means that the data is only visible at the end nodes of the transmission and can not be viewed or manipulated even on the server or in the cloud.

All messages sent using Avian are encrypted and digitally signed, i.e. unauthorized individuals can neither view the data nor manipulate it unnoticed, nor is it possible to falsify the message or its sender.

Internal numbering of the message prevents replay attacks. This means that an attacker can’t send the intercepted data unnoticed a second time.

Our goal is to provide an IoT system that is both secure and easy to use. The end user just has to download the app, scan the code on the product, view the limited valid link in an email, or push a button on the device to verify the connection.

Since no standard passwords are assigned and the user neither has to create his own password nor has to carry out a complicated authentication, no security gaps arise during the connection setup.

For the cloud system, only the incurred transmission and maintenance costs are due, allocated to the data throughput and per terminal. The license fee depends on the number and the sales value of the secured products (Things). Thus continuous development is guaranteed. The one-time amount in the cent range as a license fee guarantees the continuous development of our products. For non-commercial products this license fee is dropped; however, in this case own server infrastructures must be made available.

For the cloud system, only the incurred transmission and maintenance costs are due, allocated to the data throughput and per terminal. The license fee depends on the number and the sales value of the secured products (Things). Thus continuous development is guaranteed. The one-time amount in the cent range as a license fee guarantees the continuous development of our products. For non-commercial products this license fee is dropped; however, in this case own server infrastructures must be made available.

The previously specified solution, the Avian Global Trust Server, requires an internet connection for the certificate renewal. In some cases, this can also be done via manual “errands”.

In the future, however, other solutions are planned to replace or renew certificates without an Internet connection. For example, in a closed system with Avian On Premise, the product can be operated offline consistently. Certificate creation and delivery can be faster and at smaller intervals.

Other options include Avian manufacturer provisioning and the Avian Edge Device. Information for this can be requested or a individual option can be created.

Even if an attacker gets grasp of the software, he has no access to the actual data. Through the encryption, the data is secure as long as the private keys that encrypt the data are secure.

If keys and thus the identity of a sender or recipient are compromised, these keys can be blocked. Thus, the blocked person no longer has permission to send or receive messages over this channel.

In addition, an Avian user may only have access to their own key, but not to keys of other users.

Avian is integrated as an SDK in both the software and the app, as well as on the processor of the device that is to be connected.
 
The Device SDK written in C requires the following minimum requirements:
  • 112kb RAM
  • 352kB Flash/ROM
  • 10MHz processor clocking
  • 32-bit Processor
  • Recommended: Chip for safe storage of generated keys
  • Recommended: Chip for performing symmetric encryption

stay informed!

Subscribe to receive exclusive content and notifications