Here at Blues Wireless, security is paramount. The Blues Wireless Notecard and its accompanying cloud service, Notehub.io, were built with security at the top of mind.
But at the end of the day, those are just words. Marketing speak that, while true, serves to only try to reassure you about your investment in Blues Wireless.
Instead, in this article I’d like to provide a birds-eye view of what this means from a more pragmatic perspective: how the Notecard and its JSON-based API provide the ability to transfer data from your device (any MCU or SBC!) to your cloud (any cloud!) in an extremely secure manner.
To prove this point, we need to look at how the combination of the Notecard and Notehub.io work together to secure data at each stage of the journey:
From encrypting data on your device,
To securely transferring data off the public Internet,
To decrypting data on your cloud application.
Encrypting Notecard Data
If your solution requires data to be encrypted on-device, and remain encrypted until it reaches your cloud application, you’ll be pleased to learn this is now possible on the Notecard.
The Notecard can encrypt the body (i.e. the data you supply) of every Note generated by your host MCU or SBC. These encrypted Notes are then securely delivered to Notehub.io (see “Securing Data in Transit” below), where they can be routed to your cloud application and decrypted.
Starting with firmware version 1.5.5, the Notecard API adds an optional key parameter in the note.add request. The key stores a reference to a Notehub environment variable which stores your public encryption key.
This workflow for implementing end-to-end encryption with the Notecard API involves:
Generating an RSA key pair.
Adding the contents of your RSA public key to an environment variable in Notehub.
Using the key parameter with each note.add request, providing the name of said environment variable.
Creating a Notehub Route to send the encrypted data to your cloud application.
Using your RSA private key to decrypt the data upon receipt by your cloud app (e.g. using a Node.js or OpenSSL cloud function).
With your data encrypted before it leaves the device, and properly decrypted at its final endpoint on your cloud, we should also take a look at how data is secured in transit.
On the hardware side, the Notecard includes a factory-installed ECC P-384 certificate provisioned at chip manufacture, an integrated STSAFE Secure Element with hardware crypto, and a true hardware random number generator.
On the communications side, transactional data is secured without any provisioning challenges, using encrypted “off the internet” communication.
To be more specific about the phrase “off the internet”, when the Notecard host is set to (the default) of a.notefile.net (e.g. Notehub), the Notecard selects an APN where the connection between the cellular network and Notehub is made over a VPN. Internal DNS servers are used to resolve the path to Notehub and the connection itself is encrypted using TLS.
Try it Yourself
Upgrade your Notecard firmware to 1.5.5 (or greater).
Do you have an ambitious roadmap with plans to scale to 1,000 devices and beyond? Then, the Enterprise plan is for you.
The Enterprise plan includes custom pricing, centralized billing, and direct data center connectivity, giving companies complete control over their projects.
Each Enterprise plan is tailor-made with custom per-device pricing that includes attractive discounts based on device count and event volume.
Who is Enterprise Designed For?
Companies that place a premium on end-to-end data security, from Notecard’s encrypted communications to Notehub’s private data routing to your cloud application.
Those with internal controls that require centralized billing and admin-managed permissions.
Drive cost savings and data accessibility with Notehub’s 90-day event history retention and seamless integration with Amazon’s S3 Archive service.
Analyze and Scale
Actionable Intelligence for Projects at Scale
Go from insight to action with Analyze & Scale’s advanced analytics capabilities.
Projects operating at scale generate troves of valuable data, but to make sense of it, you need powerful tools at your fingertips. That’s where Analyze & Scale comes in.
Who is Analyze & Scale Designed For?
Companies looking to visualize their deployment and device locations with pinpoint accuracy while leveraging event-driven alerts to reduce downtime and promptly address fleet developments.
Drive cost savings and data accessibility with Notehub’s 90-day event history retention and seamless integration with Amazon’s S3 Archive service.
Those looking to perform in-depth project and device analysis to drive innovation and product improvement.
Develop
For Scaling Projects Looking for Enhanced Automation & Control
Notehub’s Development plan is purpose-built to accelerate your project’s journey from pilot to scale.
It’s packed with features that will make it easier to efficiently grow your project from 10s of devices to 100s.
Who is Development Designed For?
Companies looking to visualize their deployment and device locations with pinpoint accuracy while leveraging event-driven alerts to reduce downtime and promptly address fleet developments.
Drive cost savings and data accessibility with Notehub’s 90-day event history retention and seamless integration with Amazon’s
S3 Archive service.
Essentials
Only Pay for What You Use
Through Essentials, our subscription-free tier, you pay only for the data you export from Notehub to your cloud application, making it perfect for developing PoCs, piloting projects or early-stage deployments.
While Essentials provides essential data routing from device to cloud, upgrading to Development unlocks a suite of premium features designed to optimize and accelerate your deployment.
Who is Essentials Designed For?
Projects that are looking to use Notehub exclusively as a device-to-cloud data pump, and do not want to use the advanced features to optimize their deployment.
Companies who are not currently focused on using Development’s features to optimize their deployment or gain deeper insight into their devices.
Projects that are prototyping or experimenting with Blues.
Companies that at the current stage of their business are comfortable with unpredictable monthly Notehub costs.
What are Consumption Credits?
Instead of paying a monthly subscription fee to use Notehub, users of Essentials are charged based on the amount of messages they export from Notehub to their cloud applications.
Users on the Essentials plan pay to export this data by pre-purchasing Consumption Credits. A Consumption Credit is a single event of either routing a data message from Notehub to the user application or reading a data message using Nothub API. As messages are routed/read, Consumption Credits are deducted, offering a flexible pricing model based on actual usage.
What Events Consume Consumption Credits?
Here’s a breakdown of the specific events and requests that consume Consumption Credits:
Service
CC Cost
Routed Event
1 CC
Event API Retrieval Request
1 CC
Other Notehub API Requests
.001 CC
Real-time Device Messaging*
1 CC
Notecard web request*
1 CC
What is the Pricing for Consumption Credits?
Companies on the Essentials plan will receive a monthly allocation of up to 5,000CCs for free. Beyond this 5,000CC top-up, Consumption Credits can be purchased on a sliding scale based on volume: