U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

Secure websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to our website. Please do not share sensitive information with us.

SP 1800-15

Securing Small-Business and Home Internet of Things (IoT) Devices: Mitigating Network-Based Attacks Using Manufacturer Usage Description (MUD)

Date Published: May 2021

Author(s)

Donna Dodson (NIST), Douglas Montgomery (NIST), W. Polk (NIST), Mudumbai Ranganathan (NIST), Murugiah Souppaya (NIST), Steve Johnson (CableLabs), Ashwini Kadam (CableLabs), Craig Pratt (CableLabs), Darshak Thakore (CableLabs), Mark Walker (CableLabs), Eliot Lear (Cisco), Brian Weis (Cisco), William Barker (Dakota Consulting), Dean Coclin (DigiCert), Avesta Hojjati (DigiCert), Clint Wilson (DigiCert), Tim Jones (ForeScout), Adnan Baykal (Global Cyber Alliance), Drew Cohen (MasterPeace Solutions), Kevin Yeich (MasterPeace Solutions), Yemi Fashina (MITRE), Parisa Grayeli (MITRE), Joshua Harrington (MITRE), Joshua Klosterman (MITRE), Blaine Mulugeta (MITRE), Susan Symington (MITRE), Jaideep Singh (Molex)

Abstract

Keywords

access control; bootstrapping; botnets; firewall rules; flow rules; Internet of Things (IoT); Manufacturer Usage Description (MUD); network segmentation; onboarding; router; server; software update server; threat signaling; Wi-Fi Easy Connect
Control Families

Access Control; System and Communications Protection

Documentation

Publication:
SP 1800-15 (DOI)
Local Download

Supplemental Material:
Project Homepage (other)

Document History:
04/24/19: SP 1800-15 (Draft)
11/21/19: SP 1800-15 (Draft)
09/16/20: SP 1800-15 (Draft)
05/26/21: SP 1800-15 (Final)