[IRTF-Announce] RFC 8576 on Internet of Things (IoT) Security: State of the Art and Challenges

rfc-editor@rfc-editor.org Sat, 27 April 2019 02:12 UTC

Return-Path: <wwwrun@rfc-editor.org>
X-Original-To: irtf-announce@ietfa.amsl.com
Delivered-To: irtf-announce@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C83FF1200E6; Fri, 26 Apr 2019 19:12:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.201
X-Spam-Level:
X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vlBl6WuA-xN3; Fri, 26 Apr 2019 19:12:40 -0700 (PDT)
Received: from rfc-editor.org (rfc-editor.org [4.31.198.49]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 862071200A1; Fri, 26 Apr 2019 19:12:40 -0700 (PDT)
Received: by rfc-editor.org (Postfix, from userid 30) id 581F0B80BDC; Fri, 26 Apr 2019 19:12:31 -0700 (PDT)
To: ietf-announce@ietf.org, rfc-dist@rfc-editor.org, irtf-announce@irtf.org
X-PHP-Originating-Script: 1005:ams_util_lib.php
From: rfc-editor@rfc-editor.org
Cc: rfc-editor@rfc-editor.org, drafts-update-ref@iana.org, t2trg@irtf.org
Content-type: text/plain; charset=UTF-8
Message-Id: <20190427021231.581F0B80BDC@rfc-editor.org>
Date: Fri, 26 Apr 2019 19:12:31 -0700 (PDT)
Archived-At: <https://mailarchive.ietf.org/arch/msg/irtf-announce/5zuLnI4hW1U2jbYwHW-EQ7lKVrA>
Subject: [IRTF-Announce] =?utf-8?q?RFC_8576_on_Internet_of_Things_=28IoT?= =?utf-8?q?=29_Security=3A_State_of_the_Art_and_Challenges?=
X-BeenThere: irtf-announce@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IRTF-Announce <irtf-announce.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/irtf-announce>, <mailto:irtf-announce-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/irtf-announce/>
List-Post: <mailto:irtf-announce@irtf.org>
List-Help: <mailto:irtf-announce-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/irtf-announce>, <mailto:irtf-announce-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sat, 27 Apr 2019 02:12:43 -0000

A new Request for Comments is now available in online RFC libraries.

        
        RFC 8576

        Title:      Internet of Things (IoT) Security: 
                    State of the Art and Challenges 
        Author:     O. Garcia-Morchon, 
                    S. Kumar,
                    M. Sethi
        Status:     Informational
        Stream:     IRTF
        Date:       April 2019
        Mailbox:    oscar.garcia-morchon@philips.com, 
                    sandeep.kumar@signify.com, 
                    mohit@piuha.net
        Pages:      50
        Characters: 128372
        Updates/Obsoletes/SeeAlso:   None

        I-D Tag:    draft-irtf-t2trg-iot-seccons-16.txt

        URL:        https://www.rfc-editor.org/info/rfc8576

        DOI:        10.17487/RFC8576

The Internet of Things (IoT) concept refers to the usage of standard
Internet protocols to allow for human-to-thing and thing-to-thing
communication.  The security needs for IoT systems are well
recognized, and many standardization steps to provide security have
been taken -- for example, the specification of the Constrained
Application Protocol (CoAP) secured with Datagram Transport Layer
Security (DTLS).  However, security challenges still exist, not only
because there are some use cases that lack a suitable solution, but
also because many IoT devices and systems have been designed and
deployed with very limited security capabilities.  In this document,
we first discuss the various stages in the lifecycle of a thing.
Next, we document the security threats to a thing and the challenges
that one might face to protect against these threats.  Lastly, we
discuss the next steps needed to facilitate the deployment of secure
IoT systems.  This document can be used by implementers and authors
of IoT specifications as a reference for details about security
considerations while documenting their specific security challenges,
threat models, and mitigations.

This document is a product of the IRTF Thing-to-Thing Research Group
(T2TRG).

This document is a product of the Thing-to-Thing of the IRTF.


INFORMATIONAL: This memo provides information for the Internet community.
It does not specify an Internet standard of any kind. Distribution of
this memo is unlimited.

This announcement is sent to the IETF-Announce, rfc-dist and IRTF-Announce lists.To subscribe or unsubscribe, see
  https://www.ietf.org/mailman/listinfo/ietf-announce
  https://mailman.rfc-editor.org/mailman/listinfo/rfc-dist
  https://www.irtf.org/mailman/listinfo/irtf-announce

For searching the RFC series, see https://www.rfc-editor.org/search
For downloading RFCs, see https://www.rfc-editor.org/retrieve/bulk

Requests for special distribution should be addressed to either the
author of the RFC in question, or to rfc-editor@rfc-editor.org.  Unless
specifically noted otherwise on the RFC itself, all RFCs are for
unlimited distribution.


The RFC Editor Team
Association Management Solutions, LLC