nist-summary

#Trusted IoT Device Network-Layer Onboarding and Lifecycle Management

Document purpose

NIST work on Trusted IoT Device Network-Layer Onboarding and Lifecycle Management is ongoing

https://www.nccoe.nist.gov/projects/trusted-iot-device-network-layer-onboarding-and-lifecycle-management

Latest public drafts on home page

The public comment period for volumes B through E of this practice guide is now open through June 20, 2023.

We advise interested parties to review the document and details and feedback.

Based on contributions from ManySecured in general policy-based continuous assurance and authorization Is now part of the official scope.

To deliver on this ambition we need to work though the specifics, of the device lifecycle and network management interactions

Architecture

https://www.nccoe.nist.gov/sites/default/files/2023-05/iot-onboarding-sp1800-36b-preliminary-draft.pdf (Page 37)

Continuous authorization service is part of the reference architecture (across all builds)

Build 5 - is based on trusted network-layer onboarding using the BRSKI protocol over 802.11 (MCR Sandelman - mostly done) . It will integrate with wisekey CA and trusted element (not complete yet).

The continuous assurance evidence will build on the D3 descriptors (types and lifecycle events)