05-01-2016 | | By Paul Whytock
The Bluetooth communication protocol is gaining massive popularity because of the diverse variety of apps that it can support. But despite its prolific use concerns over a lack of personal data security still cause serious concern.
Some of those risks range from MiM (man in the middle) and denial of service attacks, default configuration, theft and loss and eavesdropping.
News that two companies have got together to reduce Bluetooth security risks will undoubtedly interest a lot of OEMs.
Chip company STMicroelectronics and IP development and licensing company ClevX have developed what they say is the world’s first wireless user-authentication technology platform for IoT device security. The platform allows smart phones and wearable technology to authenticate with secure IoT devices, home-automation applications and secure data storage using Bluetooth Smart technology.
This DataLock-secured encrypted portable storage media with Bluetooth Smart wireless user authentication means users can interact with secure portable storage (full-disk, XTS-AES 256-bit encryption) from their smart phones or wearable devices where all user data on the drive is encrypted and can be locked/unlocked using single or multi-factor authentication.
Applications that will find this security enhancement particularly useful include; consumer, corporate, and industrial applications such as healthcare, home automation and security, secure-access control systems and portable data storage.
Both companies have reference designs for secure portable storage media, including Flash, hard disk and solid-state disk drives. These designs employ ST’s BlueNRG Bluetooth Smart chips and ultra-low-power STM32L0 MCUs and are available for licensing and partnerships, including both ST/ClevX-based hardware and firmware in addition to the related smart phone and wearable apps.
The ST/ClevX reference designs are OS-host agnostic. USB drives with the DataLock BT technology operate across all computer platforms and embedded systems while providing various easy-to-use security layers. These included a wireless lock/unlock mechanism, phone as an authentication factor. The reference designs support USB Remote Management, which is particularly important for corporate deployments and remote password resets, drive disabling and erasing.