National Institute of Standards and Technology releases Trusted Internet of Things (IoT) Device Network-Layer Onboarding and Lifecycle Management: Enhancing Internet Protocol-Based IoT Device and Network Security
December 13, 2022 |
The National Institute of Standards and Technology (“NIST”) released a preliminary public draft of NIST SP 1800-36A: Executive Summary, Enhancing Internet Protocol-Based IoT Device and Network Security. For a change, pleasant for those overwhelmed by documentation to read, it is quite brief.
The NIST provides excellent guidance on technical issues associated with privacy and data security. While the publications are not officially required compliance they are hugely influential and far superior to the broad guidance released by privacy regulators in Australia and New Zealand and probably even more effective than those of the United Kingdom’s Information Commissioner who provides comprehensive and detailed guidance documents.
Given the privacy regulation has already been strengthened this year and will be overhauled next year it is important that organisations pay heed to relevant publication produced by the NIST. Complying with these guidelines would assist an organistion if there is a breach and the Information Commissioner starts investigating, which she now has greater powers to do as well as now having the power to impose fines. The overseas experience is that commonly poor compliance on general aspects of data handling cause an organisation as many difficulties with regulators as the data breach which attracted the regulators attention.
The abstract provides:
Providing devices with the credentials and policy needed to join a network is a process known as network-layer onboarding. Establishing trust between a network and an IoT device prior to such onboarding is crucial for mitigating the risk of potential attacks. There are two sides of this attack: one is where a device is convinced to join an unauthorized network, which would take control of the device. The other side is where a network is infiltrated by a malicious device. Trust is achieved by attesting and verifying the identity and posture of the device and the network as part of the network-layer onboarding process. Additional safeguards, such as verifying the security posture of the device before other operations occur, can be performed throughout the device lifecycle. In this practice guide, the National Cybersecurity Center of Excellence (NCCoE) applies standards, recommended practices, and commercially available technology to demonstrate various mechanisms for trusted network-layer onboarding of IoT devices. We show how to provide network credentials to IoT devices in a trusted manner and maintain a secure posture throughout the device lifecycle.
Some of the interesting issues raised by the guidance are:
- while it is possible for devices to be securely provided with their local network credentials at the time of manufacture, this requires the manufacturer to customize network-layer onboarding on a build-to-order basis, which prevents the manufacturer from taking full advantage of the economies of scale that could result from 19 building identical devices for its customers.
- The industry lacks:
- scalable, automatic mechanisms to safely manage IoT devices throughout their lifecycles,
- a trusted mechanism for providing IoT devices with their network credentials and policy at the time of deployment on the network.
- many IoT devices:
- onboard to networks without verifying the network’s identity and ensuring that it is their intended target network.
- lack user interfaces, making it cumbersome to manually input network credentials.
- Wi-Fi is sometimes used to provide credentials over an unencrypted network which risks credential disclosure.
- most home networks use a single password shared among all devices, so access is controlled only by the device’s possession of the password and does not consider a unique device identity or whether the device belongs on the network. This increases the risk of exposing credentials to unauthorized parties.
- once a device is connected to the network, if it becomes compromised, it can pose a security risk to both the network and other connected devices. Not keeping such a device current with the most recent software and firmware updates may make it more susceptible to compromise.
- a device can also be attacked through the receipt of malicious payloads.
- the trusted network-layer onboarding approach provides automated, trusted ways to provide IoT devices with unique network credentials and manage devices throughout their lifecycles to ensure that they remain secure.
- implementations should be undertaken iteratively and incrementally starting with network-layer onboarding and gradually integrating additional capabilities that improve the device and network security
- there are five initial builds that demonstrate network-layer onboarding and one factory use case build intended to simulate activities performed by an IoT device manufacturer to provide devices with their credentials.