Secure Device Onboarding

AnyConnect accelerates onboarding of IoT devices – from minutes to seconds – with a secure, automated process. This onboarding process begins when a device is first powered on and ends when the device’s owner takes control.

AnyConnect has automated onboarding process and security. AnyConnect Secure Device Onboarding delivers automated IoT security that protects each device during its entire security lifecycle: from protected boot and authentication at first power on, to secure pairing with its first owner, to an instant update of the device’s firmware.

Secure Device Onboarding supports both factory and field provisioning.

Factory & Field Provisioning

Onboarding with factory provisioning

With factory provisioning, the Provisioning Secret does not leave your control.

As illustrated, you first create a Provisioning Key and Secret in AnyConnect’s Console. Using your Provisioning Key and Secret, Console then creates a .csv file containing a number of Endpoint Keys and Secrets.

Finally, you write your Endpoint Keys and Secrets (one to each device) at manufacturing time “in the factory.”

Factory provisioning
Onboarding with field provisioning

With field provisioning, you first create a Provisioning Key and Secret.

You program your Provisioning Key and Secret (one to each device) into each device.

Once each device is “in the field”, AnyConnect’s Access Helper Library will get a unique Endpoint Key and Secret from AnyConnect’s Access REST Service.

Field Provisioning

Access Control

IoT also presents a unique set of access control challenges due to variable power requirements of and bandwidth between IoT devices, distributed and ad-hoc networks, and huge numbers of IoT devices.

AnyConnect accelerates access control of IoT devices with a robust, centralized process. The user accesses AnyConnect’s cloud-based REST services that authorize the request and relay data between the user and the IoT devices.

Access control ensures that only authorized users can access a device, for example, to view a camera, to access sensor data, or to command an actuator to perform an operation. It also enables new IoT business models such as Cameras As a Service or Sensors as a Service, where you might sell camera access or sensor data to customers.

Once a device’s Key and Secret has been registered by Access, the device is provided with an Endpoint ID. However, endpoints cannot arbitrarily send data to other endpoints. AnyConnect’s Access service (as well as Connect and Stream services) will only allow an endpoint to communicate with another endpoint if those endpoints are “paired”.


To pair, one device asks the Access REST service for a “Pairing Key”. This pairing key is passed out of band to the other device which supplies it back to the Access REST service, which adds the devices to each other’s “Access Control List” (ACL). This out of band exchange can be done through any medium. AnyConnect’s “pairing” sample app, for example, does this exchange through the Ubuntu file system. While helpful for instructive purposes, file system exchange is unlikely to be useful in production. AnyConnect’s Access helper library uses BLE to pass this information (as well as WiFi onboarding information) from a device to its application.

How access control works

User Identity and the ACL

Two Endpoint Keys in an ACL may only communicate if at least one of the Endpoints has a User Identity logged into it. This restriction sounds more complicated than it is.

ACL Example Figure

In the example, E cannot communicate through Access to anything else because E is not in the ACL. C and D cannot communicate because they do not have a user logged into them.

Consider the common use case of mobile applications having a viewer application installed that can connect to several Stream based IP cameras. The application can talk to the cameras because the user is logged in to the application. The cameras cannot communicate because the user is not logged in to the camera.

Consider another common use case of a single camera with the same user having multiple mobile devices, and being logged in on each. The camera can communicate with each of the mobile devices — so when the camera detects an event, the camera can send that event to each of the mobile applications. It is also the case that the mobile applications can communicate with each other.

How ACL works

Start building your IoT Video devices with us.