Date Published: March 2021
Comments Due:
Email Questions to:
Planning Note (4/19/2021):
The comment period has been extended from April 19 to April 21.
Author(s)
Paul Watrobski (NIST), Murugiah Souppaya (NIST), William Barker (Dakota Consulting), Susan Symington (MITRE), Parisa Grayeli (MITRE), Joshua Klosterman (MITRE), Blaine Mulugeta (MITRE)
Announcement
Network-layer onboarding of an Internet of Things (IoT) device is the provisioning of network credentials to that device. The current lack of trusted IoT device onboarding processes leaves many networks vulnerable to having unauthorized devices connect to them. It also leaves devices vulnerable to being taken over by networks that are not authorized to onboard them.
This National Cybersecurity Center of Excellence (NCCoE) project will focus on approaches to trusted network-layer onboarding of IoT devices and lifecycle management of the devices. The NCCoE will build a trusted network-layer onboarding solution example using commercially available technology that will address a set of cybersecurity challenges aligned to the NIST Cybersecurity Framework. This project will result in a freely available NIST Cybersecurity Practice Guide.
Network-layer onboarding of an Internet of Things (IoT) device is the provisioning of network credentials to that device. The current lack of trusted IoT device onboarding processes leaves many networks vulnerable to having unauthorized devices connect to them. It also leaves devices vulnerable to being taken over by networks that are not authorized to onboard them. This NCCoE project will focus on approaches to trusted network-layer onboarding of IoT devices and lifecycle management of the devices. The NCCoE will build a trusted network-layer onboarding solution example using commercially available technology that will address a set of cybersecurity challenges aligned to the NIST Cybersecurity Framework. This project will result in a freely available NIST Cybersecurity Practice Guide.
Network-layer onboarding of an Internet of Things (IoT) device is the provisioning of network credentials to that device. The current lack of trusted IoT device onboarding processes leaves many networks vulnerable to having unauthorized devices connect to them. It also leaves devices vulnerable to...
See full abstract
Network-layer onboarding of an Internet of Things (IoT) device is the provisioning of network credentials to that device. The current lack of trusted IoT device onboarding processes leaves many networks vulnerable to having unauthorized devices connect to them. It also leaves devices vulnerable to being taken over by networks that are not authorized to onboard them. This NCCoE project will focus on approaches to trusted network-layer onboarding of IoT devices and lifecycle management of the devices. The NCCoE will build a trusted network-layer onboarding solution example using commercially available technology that will address a set of cybersecurity challenges aligned to the NIST Cybersecurity Framework. This project will result in a freely available NIST Cybersecurity Practice Guide.
Hide full abstract
Keywords
application-layer onboarding; attestation; bootstrapping; device lifecycle management; hardware root of trust; internet of things (IoT); network-layer onboarding; network security; network segmentation
Control Families
Access Control; Identification and Authentication
) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)
