Every gateway is already connected to a LoRaWAN network server
Without a Pre-Provisioned Gateway
- Time consuming and complicated to configure
- Manually connect gateway to a network server
- Manually connect network server to an IoT platform or application
With a Pre-Provisioned Gateway
- LoRaWAN Network included
- Sensors automatically connect to the gateway
- Network server is already connected to the app
Although a default LoRaWAN network server is included, you can also use any of these popular networks
The myDevices IoT platform is secure from the edge to the application layer through the cloud. The security is composed of LoRaWAN Network Security at the edge, TLS to the cloud and SAML at the application layer.
On the edge: LoRaWAN Stack
The LoRaWAN stack is built on top of LoRa modulation (PHY) and adds a full security layer with device identity, authentication, and authorization. The stack uses symmetric AES128 keys as described in IEEE 802.15.4/2006 Annex B. MAC for encryption. These keys are used for layer related frames encryption using a Network Session Key (NWKSKey) while the applications frames are encrypted using an Application Session Key (AppSKey). Similar to routers, the gateways used in a LoRaWAN can forward from and to the cloud using DTLS, TLS, or VPN without decrypting or knowing any of the keys.
In the cloud: LoRaWAN Network Server (LNS)
Within the LNS lies the registry of devices and gateways that transmits data to the cloud. Each device is identified with a couple of unique identifiers called the DevEUI and AppEUI. The AppSKey and NwkSKey are negotiated1 along with the regional regulation settings when the device joins the network. The last stage of the LNS is to forward all traffic to the myDevices Cloud using HTTPS (TLS/SSL).
In the application: myDevices Cloud
The myDevices Cloud is an IoT platform that supports different device connectivity protocols without compromising security. All communications such as database connections and service-to-service communications within the platform are encrypted. In addition, data is encrypted within the database, and we enforce rigorous access control list (ACL) for staff personnel and customer data. Our customer applications and backend system utilizes the standard OpenID Connect (OIDC) and SAML 2.0 protocols to initiate and authenticate any requests to our APIs. These protocols are the modern security standard for user-to-service and service-to-service communications.