BT

Microsoft Azure IoT Hub Device Provisioning Service Hits General Availability

| by Martin Abbott Follow 3 Followers on Dec 21, 2017. Estimated reading time: 2 minutes |

Microsoft recently announced that the Azure IoT Hub Device Provisioning Service has become generally available. The service had previously been in public preview for a few months with customers, and the release adds new functionality and additional language support.

The service is part of the IoT architecture in Microsoft Azure, and Microsoft claims it is designed to provide a zero-touch solution for provisioning large numbers of IoT devices in the field without needing human intervention.

In the announcement, Nicole Berdy, a senior program manager for IoT Hub, noted:

The Device Provisioning Process was designed with the challenges of the supply chain in mind, providing the infrastructure needed to provision millions of devices in a secure and scalable manner.

A typical IoT device provisioning process may include adding a connection string to a device at the point of manufacture so that when the device is deployed it can start sending messages immediately. However, this creates a problem with security and scale since each device must have a unique connection string created and applied prior to deployment.

With the Azure IoT Hub Device Provisioning Service (DPS) the process flow happens differently.

Image source: https://azure.microsoft.com/en-au/blog/azure-iot-hub-device-provisioning-service-is-generally-available/

First, a manufacturer adds device enrolment information to an instance of the DPS in the Azure Portal. At this point, when a device is created and prepared at the factory it is setup with the endpoint of the DPS service.

Once the device is activated, the process happens without any intervention:

  1. The device contacts the service passing device identification information to prove its identity.
  2. Once validated using a registration identifier and a key, the service registers the device with an IoT Hub and creates a device’s desired twin state that contains the initial configuration information for the device.
  3. IoT Hub returns the device’s ID to the DPS.
  4. The DPS returns IoT Hub connection information to the device.
  5. The device communicates directly with the IoT Hub and gets the desired state configuration from the IoT Hub.

At this point, the device can communicate normally. The DPS supports the same protocols as supported by Azure IoT Hub, namely HTTP, AMQP, MQTT, AMQP over web sockets and MQTT over web sockets.

Development is supported through SDKs for both devices and service side operations with SDKs available for C, C#, Java, Node, and Python. The SDKs are available to download on GitHub and there are quick start tutorials to help get started with the service.

An important part of an IoT solution is ensuring that devices and communications are secure. To achieve this, the DPS currently supports two device identification mechanisms:

  1. X.509 certificate exchange for a certificate that is created and installed on the device during manufacturing.
  2. Extraction of the public portion of a Trusted Platform Module (TPM) endorsement key from the installed TPM device. A TPM is a dedicated microprocessor that secures hardware and is an international standard.

An Azure IoT Hub Device Provisioning Service can be connected to many instances of Azure IoT Hub allowing the service to assign devices across many IoT Hubs that can exist in different regions, allowing for geo-location of devices or load balancing, and across different Azure subscriptions allowing support for multiple customers or environments.

The service costs $0.10 per 1,000 operations from 1 February 2018, and full documentation is available on the Microsoft Azure documentation site.

Rate this Article

Adoption Stage
Style

Hello stranger!

You need to Register an InfoQ account or or login to post comments. But there's so much more behind being registered.

Get the most out of the InfoQ experience.

Tell us what you think

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread
Community comments

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread

Discuss

Educational Content

Login to InfoQ to interact with what matters most to you.


Recover your password...

Follow

Follow your favorite topics and editors

Quick overview of most important highlights in the industry and on the site.

Like

More signal, less noise

Build your own feed by choosing topics you want to read about and editors you want to hear from.

Notifications

Stay up-to-date

Set up your notifications and don't miss out on content that matters to you

BT