[rfc-dist] RFC 8576 on Internet of Things (IoT) Security: State of the Art and Challenges
rfc-editor@rfc-editor.org Sat, 27 April 2019 02:12 UTC
Return-Path: <rfc-dist-bounces@rfc-editor.org>
X-Original-To: ietfarch-rfc-dist-archive@ietfa.amsl.com
Delivered-To: ietfarch-rfc-dist-archive@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 081BF1200A1 for <ietfarch-rfc-dist-archive@ietfa.amsl.com>; Fri, 26 Apr 2019 19:12:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.201
X-Spam-Level:
X-Spam-Status: No, score=-5.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8AJenFIpEwRM for <ietfarch-rfc-dist-archive@ietfa.amsl.com>; Fri, 26 Apr 2019 19:12:42 -0700 (PDT)
Received: from rfc-editor.org (rfc-editor.org [4.31.198.49]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6E581120086 for <rfc-dist-archive-yuw6Xa6hiena@ietf.org>; Fri, 26 Apr 2019 19:12:42 -0700 (PDT)
Received: from rfcpa.amsl.com (localhost [IPv6:::1]) by rfc-editor.org (Postfix) with ESMTP id 20BA6B80BEA; Fri, 26 Apr 2019 19:12:32 -0700 (PDT)
X-Original-To: rfc-dist@rfc-editor.org
Delivered-To: rfc-dist@rfc-editor.org
Received: by rfc-editor.org (Postfix, from userid 30) id 581F0B80BDC; Fri, 26 Apr 2019 19:12:31 -0700 (PDT)
To: ietf-announce@ietf.org, rfc-dist@rfc-editor.org, irtf-announce@irtf.org
X-PHP-Originating-Script: 1005:ams_util_lib.php
From: rfc-editor@rfc-editor.org
Message-Id: <20190427021231.581F0B80BDC@rfc-editor.org>
Date: Fri, 26 Apr 2019 19:12:31 -0700
Subject: [rfc-dist] RFC 8576 on Internet of Things (IoT) Security: State of the Art and Challenges
X-BeenThere: rfc-dist@rfc-editor.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: RFC Announcements <rfc-dist.rfc-editor.org>
List-Unsubscribe: <https://www.rfc-editor.org/mailman/options/rfc-dist>, <mailto:rfc-dist-request@rfc-editor.org?subject=unsubscribe>
List-Archive: <http://www.rfc-editor.org/pipermail/rfc-dist/>
List-Post: <mailto:rfc-dist@rfc-editor.org>
List-Help: <mailto:rfc-dist-request@rfc-editor.org?subject=help>
List-Subscribe: <https://www.rfc-editor.org/mailman/listinfo/rfc-dist>, <mailto:rfc-dist-request@rfc-editor.org?subject=subscribe>
Cc: drafts-update-ref@iana.org, t2trg@irtf.org, rfc-editor@rfc-editor.org
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: rfc-dist-bounces@rfc-editor.org
Sender: rfc-dist <rfc-dist-bounces@rfc-editor.org>
A new Request for Comments is now available in online RFC libraries. RFC 8576 Title: Internet of Things (IoT) Security: State of the Art and Challenges Author: O. Garcia-Morchon, S. Kumar, M. Sethi Status: Informational Stream: IRTF Date: April 2019 Mailbox: oscar.garcia-morchon@philips.com, sandeep.kumar@signify.com, mohit@piuha.net Pages: 50 Characters: 128372 Updates/Obsoletes/SeeAlso: None I-D Tag: draft-irtf-t2trg-iot-seccons-16.txt URL: https://www.rfc-editor.org/info/rfc8576 DOI: 10.17487/RFC8576 The Internet of Things (IoT) concept refers to the usage of standard Internet protocols to allow for human-to-thing and thing-to-thing communication. The security needs for IoT systems are well recognized, and many standardization steps to provide security have been taken -- for example, the specification of the Constrained Application Protocol (CoAP) secured with Datagram Transport Layer Security (DTLS). However, security challenges still exist, not only because there are some use cases that lack a suitable solution, but also because many IoT devices and systems have been designed and deployed with very limited security capabilities. In this document, we first discuss the various stages in the lifecycle of a thing. Next, we document the security threats to a thing and the challenges that one might face to protect against these threats. Lastly, we discuss the next steps needed to facilitate the deployment of secure IoT systems. This document can be used by implementers and authors of IoT specifications as a reference for details about security considerations while documenting their specific security challenges, threat models, and mitigations. This document is a product of the IRTF Thing-to-Thing Research Group (T2TRG). This document is a product of the Thing-to-Thing of the IRTF. INFORMATIONAL: This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited. This announcement is sent to the IETF-Announce, rfc-dist and IRTF-Announce lists.To subscribe or unsubscribe, see https://www.ietf.org/mailman/listinfo/ietf-announce https://mailman.rfc-editor.org/mailman/listinfo/rfc-dist https://www.irtf.org/mailman/listinfo/irtf-announce For searching the RFC series, see https://www.rfc-editor.org/search For downloading RFCs, see https://www.rfc-editor.org/retrieve/bulk Requests for special distribution should be addressed to either the author of the RFC in question, or to rfc-editor@rfc-editor.org. Unless specifically noted otherwise on the RFC itself, all RFCs are for unlimited distribution. The RFC Editor Team Association Management Solutions, LLC _______________________________________________ rfc-dist mailing list rfc-dist@rfc-editor.org https://www.rfc-editor.org/mailman/listinfo/rfc-dist http://www.rfc-editor.org