PrimeKey Identity Authority Manager enables you to establish and maintain an unbroken chain of trusted identities throughout the supply chain and the product lifecycle.

Background

The need to provide components in manufacturing environments with a digital identity has increased as approaches such as the Internet of Things (IoT) and Industry 4.0 have emerged.

It is necessary to track the entire lifecycle of a product, from manufacturing, transport and use, to disposal and recycling. To establish and maintain trust for devices and units throughout their entire lifecycles, a trusted identity must be established early in the product lifecycle. By providing each device with a secure initial device identity during the production process, the device identity is the root of protecting the supply chain.

Identity Authority Manager

One of the main use cases for the the Identity Authority Manager is issuing the initial device certificates (birth certificates) at the time of manufacture. The Identity Authority Manager enables you to securely issue these birth certificates for your devices and units during the production process.

The birth certificate is the initial identity of the device or unit, used for issuing new certificates and securing communication and updates throughout the device lifecycle.

The following illustrates a typical installation of the IdAM and its connection to the CA Service in the Trust Center. In principle, the Registration Authority (RA) is transferred directly to the production line, where it ensures the appropriate implementation of the necessary validation rules. 

For an overview of the Identity Authority Manager architecture and its components, see Architecture.