Cloud DPP ® Solution for Private Clouds

Wi-Fi Easy Connect supports mutual authentication.  However, the steps and complexity of securely transferring a public key to the device are described here.

Private clouds for company networks may require increased security of mutual authentication.  With Cloud DPP, the company network fully controls the configuration and addition of new devices, and not the mobile phone.  New devices for connecting to the company network can authenticate credentials received from a mobile phone.  But, the mobile phone relays authentication data and encrypted WiFi credentials, and thus authentication and security are provided by the private cloud and not the mobile phone.

In other words, with Cloud DPP new devices can only accept configuration data from a trusted source, where the company network can be the trusted source and not the mobile phone communicating with the device.  A company could specify that vendors of devices record the company public key in devices before purchase or device delivery.  Other possibilities exist as well for simply recording a single company public key across many devices before devices receive the company network WiFi credentials.

The Cloud DPP solution for corporate networks below is 100% compatible with devices supporting Wi-Fi Easy Connect and the Device Provisioning Protocol .  Note that the mobile phone receives the WiFi credentials for the device from the network in an encrypted form, and consequently the mobile phone cannot read the WiFi credentials being sent to the device.  

Below is an overview of Cloud DPP for company networks: