Octave provides the following security features out of the box:
Zero-touch security provisioning:
- Factory-loaded secret keys
- SIM or integrated eSIM
- SIM and hardware mutual pairing
Secure boot and Secure firmware upgrade
Zero touch use of LWM2M + DTLS 1.2 Edge-to-Cloud protocol
Automated and Unlimited Key Rotations Over the air for Edge-to-Cloud Authentication
Cellular Network Authentication and Ciphering (3GPP Sim)
Private APN (cellular Access Point Name; Octave Devices do not have internet access)
Cloud-to-cloud Connectors Using Device Keys (Azure)
There are a number of steps required to prepare Octave edge devices for secure deployment. This includes securing the physical interfaces, root account, access to extended AT commands, and other aspects.
Download and follow the guidelines in the AirPrime WP Series manual: Preparing Your Devices For Deployment to secure an Octave edge device.
Access to Octave is tightly controlled by Administrators who create and manage groups of users. These groups define what their members can access through a series of read/write settings which cover both the Octave Dashboard and Octave's Cloud REST APIs (discussed below).
For additional information see Managing User Groups and Permissions.
Octave's Cloud REST APIs allows you to programmatically invoke Octave's functionality. Octave provides API security by requiring each request header to include a master token and user name which are assigned to each user when the account is created.
You can find your master token and user name as described in Copying Your User Name and Master Token.
Updated about a month ago