Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Summary
NIST is working with industry to design, standardize, test and foster adoption of network-centric approaches to protect IoT devices from the Internet and to protect the Internet from IoT devices.
Description
Our work focuses on network-centric approaches to improve the security and robustness of large scale deployments of IoT devices.
- The research and development of software-defined networking technologies in support of IoT security.
- The design and IETF standardization of Manufacturer Usage Description (MUD) technologies to enable a scalable and automated means to enforce device specific access control within network switches and routers.
- The design and standardization of technologies to securely "on board" IoT devices on to networks and to provision credentials to local devices.
- The application of automated model checking techniques to verify the security properties of emerging IoT security protocols.
- Research on the application of zero trust architecture to IoT environments.
- Research on the use of DNS-based Authentication of Named Entities (DANE) as a trust infrastructure for constrained IoT environments.
We collaborate with industry in these efforts through our participation in standards development (IETF, WiFi Alliance) and joint technology test and development activities.
Major Accomplishments
- Developed and released NIST Soft MUD - open source reference implementation of a complete MUD manager for SDN switches.
- Developed and released prototype secure onboarding extension to WiFi Alliance Device Provisioning Protocol (DPP) that adds support for iDevIDs IEEE 802.1AR certificates.
- Developed and published formal methods security analysis of IETF Bootstrapping Remote Secure Key Infrastructure (BRSKI) protocol.