ManySecured’s leaders’ “new build” in NIST’s IoT onboarding guidance!
July 10 @ 3:00 pm - 4:30 pm
NIST’s New ‘draft’ Trusted IoT Onboarding Guide with ManySecured’s leaders!
“Establishing trust between a network and an Internet of Things (IoT) device prior to providing the device with the credentials it needs to join the network is crucial for mitigating the risk of potential attacks. There are two possibilities for attack. One happens when a device is convinced to join an unauthorized network, which would take control of the device. The other occurs when a network is infiltrated by a malicious device. Trust is achieved by attesting and verifying the identity and posture of the device and the network before providing the device with its network credentials—a process known as network-layer onboarding” (NIST NCCOE p 1).
The NCCoE, in collaboration with 11 product and service providers, has produced five builds demonstrating network-layer onboarding and two builds demonstrating the factory provisioning process. The configurations offer secure ways to provision devices to a network using their network credentials.
TechWorks and the IoTSF ManySecured WG is proud to have supported Dr Nick Allott, Steve Clark, and Michael Richardson who have played key roles in developing important aspects of the builds. ManySecured WG Leader, Nick Allott, explains,
“So, what we’ve done is we’ve defined a set of data structures and protocols that allow an IoT device to be assessed for its security posture pre onboarding. And not only that, it allows that security posture to be continuously assessed and if it falls below a threshold it gets kicked off.”
Join the NIST NCCoE for a webinar to discuss guidance and considerations for trusted IoT onboarding to help organizations safeguard both their IoT devices and their networks.
Recently, NIST released the final draft publication of NIST Special Publication 1800-36, Trusted IoT Device Network-Layer Onboarding and Lifecycle Management, which includes updates to several of the builds. The public comment period for the publication is open until July 30, 2024.
Join the ManySecured Working Group and get a chance to contribute and learn how to securely onboard your devices!
Our next meeting is on July 9th at 2pm BST, 9am EDT.
Contact: James Willison, IoTSF Project and Engagement Manager: [email protected]