High level onboarding policies

Summary list of possible conditions for onboarding a device

• Manufacturer approved by network owner

• Device is from manufacturer (no record of instance)

• Device is from manufacturer (with record of instance)

• DeviceID is approved by network owner

• Device presents attestation voucher approved by manufacturer

• Device instance is certified

• Device type is certified

• Device behaviour is in network perimeter

• Active vulnerabilities are below threshold

Consider when

• device owner is different to network owner
• device owner changes through the lifecycle ?
  • Accommodate the different flows of change of owners
  • Accommodate the
• device ID does it change through ownership ?