[iot-wg] Fwd: [IRTF-Announce] RFC 8576 on Internet of Things (IoT)
Security: State of the Art and Challenges
2019-04-27 08:36:01 CET
Apologies to those who have already seen this but it ought still to be of interest to everyone in the WG.
> Begin forwarded message:> > From: rfc-editor _at_ rfc-editor _dot_ org> Subject: [IRTF-Announce] RFC 8576 on Internet of Things (IoT) Security: State of the Art and Challenges> Date: 27 April 2019 at 04:12:31 CEST> To: ietf-announce _at_ ietf _dot_ org, rfc-dist _at_ rfc-editor _dot_ org, irtf-announce _at_ irtf _dot_ org> Cc: drafts-update-ref _at_ iana _dot_ org, t2trg _at_ irtf _dot_ org, rfc-editor _at_ rfc-editor _dot_ org> > A new Request for Comments is now available in online RFC libraries.> > > RFC 8576> > Title: Internet of Things (IoT) Security: > State of the Art and Challenges > Author: O. Garcia-Morchon, > S. Kumar,> M. Sethi> Status: Informational> Stream: IRTF> Date: April 2019> Mailbox: oscar.garcia-morchon _at_ philips _dot_ com, > sandeep.kumar _at_ signify _dot_ com, > mohit _at_ piuha _dot_ net> Pages: 50> Characters: 128372> Updates/Obsoletes/SeeAlso: None> > I-D Tag: draft-irtf-t2trg-iot-seccons-16.txt> > URL: https://www.rfc-editor.org/info/rfc8576> > DOI: 10.17487/RFC8576> > The Internet of Things (IoT) concept refers to the usage of standard> Internet protocols to allow for human-to-thing and thing-to-thing> communication. The security needs for IoT systems are well> recognized, and many standardization steps to provide security have> been taken -- for example, the specification of the Constrained> Application Protocol (CoAP) secured with Datagram Transport Layer> Security (DTLS). However, security challenges still exist, not only> because there are some use cases that lack a suitable solution, but> also because many IoT devices and systems have been designed and> deployed with very limited security capabilities. In this document,> we first discuss the various stages in the lifecycle of a thing.> Next, we document the security threats to a thing and the challenges> that one might face to protect against these threats. Lastly, we> discuss the next steps needed to facilitate the deployment of secure> IoT systems. This document can be used by implementers and authors> of IoT specifications as a reference for details about security> considerations while documenting their specific security challenges,> threat models, and mitigations.> > This document is a product of the IRTF Thing-to-Thing Research Group> (T2TRG).> > This document is a product of the Thing-to-Thing of the IRTF.> > > INFORMATIONAL: This memo provides information for the Internet community.> It does not specify an Internet standard of any kind. Distribution of> this memo is unlimited.> > This announcement is sent to the IETF-Announce, rfc-dist and IRTF-Announce lists.To subscribe or unsubscribe, see> https://www.ietf.org/mailman/listinfo/ietf-announce> https://mailman.rfc-editor.org/mailman/listinfo/rfc-dist> https://www.irtf.org/mailman/listinfo/irtf-announce> > For searching the RFC series, see https://www.rfc-editor.org/search> For downloading RFCs, see https://www.rfc-editor.org/retrieve/bulk> > Requests for special distribution should be addressed to either the> author of the RFC in question, or to rfc-editor _at_ rfc-editor _dot_ org. Unless> specifically noted otherwise on the RFC itself, all RFCs are for> unlimited distribution.> > > The RFC Editor Team> Association Management Solutions, LLC> >