Filter results by

Google IoT

Google IoT provides a straightforward registration service for IoT devices. Once connected securely by MQTT, the device can then communicate with Google or other cloud-based services.

As an example of the cloud services Google offers, we also provide a tutorial on using the Google Assistant cloud-based voice recognition service.

Credentials

The Google approach to device credential management is quick to set up and requires no enrollment of device certificates. Key aspects of the Google IoT scheme are as follows.

  • Relies on a master CA-signed certificate that is registered in the cloud; only a single certificate (not a chain) is registered

  • Employs individual device certificates, derived from the registered master, that are not stored in the cloud

  • Checks the device certificate against the registered master certificate during TLS handshake

  • Allows TLS connection regardless of whether the device certificate is valid

  • Limits MQTT Connect to devices with a valid key, by using a JSON Web Token (JWT) signed by the device key as the Connect password; the JWT is based on current time and has an expiration time

  • Only one level (CA to device cert) is permitted; no intermediate certs are allowed.

Additional details are provided in the Google IoT – Verifying Credentials article.

Setting Up Google IoT

You can follow the Google IoT article directly for setting up the tool on an ARTIK Linux gateway module.

Web article: Google IoT

Last updated on: