EdgeX Security?

James Kempf <kempf42@...>


I'm looking into using EdgeX for an application but there does not seem to be any code there for security, just a whitepaper. Even the architecture seems to treat security as a kind of "nice idea but optional" as a kind of sidecar add-on rather than integrated into the basic operation. In contrast to, for example, Azure Hub, which has security build into the basic operation, requiring either X.509 certs or lightweight tokens to register a device and for a device to connect. And not allowing incoming requests unless they are authorized.

Is there any code currently in process to fix this?


Join EdgeX-TSC-Security@lists.edgexfoundry.org to automatically receive all group messages.