U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

This is an archive
(replace .gov by .rip)

White Paper (Draft)

Trusted Internet of Things (IoT) Device Network-Layer Onboarding and Lifecycle Management

Date Published: September 8, 2020
Comments Due: October 8, 2020 (public comment period is CLOSED)
Email Questions to: mitigating-iot-ddos-nccoe@nist.gov

Author(s)

Susan Symington (MITRE), W. Polk (NIST), Murugiah Souppaya (NIST)

Announcement

This paper provides background information on trusted IoT device network-layer onboarding and lifecycle management. It defines a taxonomy of onboarding characteristics that will enable stakeholders to have a common language to describe and express their onboarding capabilities and fully capture the elements required to characterize potential onboarding solutions in protocol and product-agnostic terms. It also presents a proposed set of security considerations for network-layer onboarding.

We define network-layer onboarding of an IoT device as the provisioning of network credentials to that device at the time of the device’s deployment on a network. The trusted aspect of network-layer onboarding indicates that the device is provided with unique network credentials after the device and the network have had the opportunity to authenticate each other and establish an encrypted channel without user knowledge of the credentials, thereby mitigating unauthorized credential disclosure.

The benefits of a using a trusted network-layer onboarding mechanism are that it helps:

  • prevent unauthorized devices from connecting to the network
  • protect devices from being taken over by unauthorized networks

Abstract

Keywords

application-layer onboarding; authentication; bootstrapping; credentials; device lifecycle management; identity; internet of things (IoT); network-layer onboarding; onboarding
Control Families

None selected

Documentation

Publication:
White Paper (DOI)

Supplemental Material:
Local Download (pdf)

Related NIST Publications:
White Paper (Draft)
White Paper

Document History:
09/08/20: White Paper (Draft)

Topics

Security and Privacy
authentication; security programs & operations

Technologies
hardware; networks

Applications
Internet of Things