U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

SP 1800-36 (Draft)

Trusted Internet of Things (IoT) Device Network-Layer Onboarding and Lifecycle Management: Enhancing Internet Protocol-Based IoT Device and Network Security (Preliminary Draft)

Date Published: December 5, 2022
Comments Due: February 3, 2023 (public comment period is CLOSED)
Email Questions to: iot-onboarding@nist.gov

Author(s)

Michael Fagan (NIST), Jeffrey Marron (NIST), Paul Watrobski (NIST), Murugiah Souppaya (NIST), Blaine Mulugeta (MITRE), Susan Symington (MITRE), Dan Harkins (Aruba, a Hewlett Packard Enterprise company), William Barker (Dakota Consulting), Michael Richardson (Sandelman Software Works)

Announcement

The National Cybersecurity Center of Excellence (NCCoE) has published a preliminary public draft of NIST SP 1800-36A: Executive Summary, Enhancing Internet Protocol-Based IoT Device and Network Security. The comment period is open until February 3, 2023.

About the Project

Provisioning network credentials to IoT devices in an untrusted manner leaves networks vulnerable to having unauthorized IoT devices connect to them. It also leaves IoT devices vulnerable to being taken over by unauthorized networks. Instead, trusted, scalable, and automatic mechanisms are needed to safely manage IoT devices throughout their lifecycles, beginning with secure ways to provision devices with their network credentials—a process known as trusted network-layer onboarding. Trusted network-layer onboarding, in combination with additional device security capabilities such as device attestation, application-layer onboarding, secure lifecycle management, and device intent enforcement could improve the security of networks and IoT devices.

This practice guide aims to demonstrate how organizations can protect both their IoT devices and their networks. The NCCoE is collaborating with product and service providers to produce example implementations of trusted network-layer onboarding and capabilities that improve device and network security throughout the IoT-device lifecycle to achieve this.

Join the IoT Community of Interest

If you have expertise in IoT and/or network security and would like to help shape this project, consider joining the IoT Onboarding Community of Interest. Contact the project team at iot-onboarding@nist.gov declaring your interest.

Abstract

Keywords

asset management; Internet of Things; IoT; network-layer onboarding
Control Families

None selected

Documentation

Publication:
NIST SP 1800-36A iprd

Supplemental Material:
Project homepage (web)

Document History:
12/05/22: SP 1800-36 (Draft)

Topics

Security and Privacy
access authorization; access control; asset management; roots of trust

Technologies
networks

Applications
Internet of Things

Laws and Regulations
E-Government Act