The Ioetec IoT Security Platform is a security solution designed to protect third-party IoT sensors and the data they transmit. The platform embeds code within sensors and edge nodes to establish a closed-system trust zone, enabling device authentication and encrypted key exchange. How it works: - IoT sensors connect to a gateway using various communications protocols. - Each sensor authenticates to the gateway and receives session and data security keys. - All sensor data is encrypted before transmission to the gateway. - The gateway establishes a secure connection to an MQTT broker and forwards encrypted data to authorized users. - Users access data via any standard MQTT client with authentication. - Sensors and gateways issue BIRTH and DEATH telemetry events to enable status monitoring. Security design principles include: - No default passwords; automatic registration and key exchange. - AES encryption for data and TLS for user authentication. - All sensitive key material stored in transient memory. - Single-port MQTT connection to minimize attack surface. - Software integrity verification via version and hash code checks against a database. - Secure device code updates with end-of-life tracking. - Data encrypted both in transit and at rest. - Automatic elastic scaling and geolocation resilience for the cloud service. - Server log and performance monitoring with alerts via AWS CloudWatch. - Support for backend repositories including gateway, edge, cloud, and on-premises deployments.