Increasingly sophisticated global trade focuses on three aspects of data: the real-time location of goods, ancillary communications and documentation, and the management of finance flows. The lack of transparent process management and monitoring poses serious risks for global trade.
Unique ID generated by the equipment asset and data privacy-preserving between the devices will help to achieve the credible global supply chain and trade.
The BoAT SDK is embedded into the major cellular IoT module manufactures in the market. The BoAT SDK becomes integrated into a variety of commercially deployed blockchain networks, and also supports IoT devices to implement device trusted ID generation, registration, and one-stop blockchain smart contracts. IoT devices, once widely distributed in the field, become oracles for the blockchain network, achieving on-chain and off-chain data fusion, ensuring data reliability and tamper-resistance.
The BoAT SDK also utilizes various secure container (enclave) technologies such as the TEE (Trusted Execution Environment), SE (Secure Elements), and on the network server side a threshold signatures-based MPC (Multi-Party Computing) scheme to achieve monitoring of key generation, key storage, and data signatures. Different levels of data security protection and monitoring of operations is utilized to help ensure the integrity and credibility of the IoT data at the (edge) source of generation. These different levels actually help to protect data privacy, while complementing, guiding and ensuring that the blockchain becomes the key store of data value.
The BoAT SDK supports remote authentication of IoT devices, based on chip-level RoT (Root of Trust). Based on industry standards for remote device authentication, the service provider can reliably obtain the device ID and characteristics. After obtaining the device’s ID, service providers can make judgments on the integrity and credibility of the device according to the authentication report, and then determine the authenticity of the device to detect intrusions as service risk control. Risk control is needed to enhance the capabilities of service providers to protect the credibility of device data.