Secure IoT Bootstrapping: A Survey
draft-sarikaya-t2trg-sbootstrapping-07
|
| Document |
Type |
|
Active Internet-Draft (individual)
|
|
Last updated |
|
2019-07-26
|
|
Stream |
|
(None)
|
|
Intended RFC status |
|
(None)
|
|
Formats |
|
plain text
xml
pdf
html
bibtex
|
| Stream |
Stream state |
|
(No stream defined) |
|
Consensus Boilerplate |
|
Unknown
|
|
RFC Editor Note |
|
(None)
|
| IESG |
IESG state |
|
I-D Exists
|
|
Telechat date |
|
|
|
Responsible AD |
|
(None)
|
|
Send notices to |
|
(None)
|
Network Working Group B. Sarikaya
Internet-Draft Denpel Informatique
Intended status: Informational M. Sethi
Expires: January 27, 2020 Ericsson
D. Garcia-Carrillo
Odin Solutions, S.L
July 26, 2019
Secure IoT Bootstrapping: A Survey
draft-sarikaya-t2trg-sbootstrapping-07
Abstract
This document presents a survey of secure bootstrapping mechanisms
available for smart objects that are part of an Internet of Things
(IoT) network. It aims to provide a structured classification of the
available mechanisms. The document does not prescribe any one secure
bootstrapping mechanism and rather presents IoT developers with
different options to choose from, depending on their use-case,
security requirements and the user interface available on their smart
objects.
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on January 27, 2020.
Copyright Notice
Copyright (c) 2019 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of
Sarikaya, et al. Expires January 27, 2020 [Page 1]
Internet-Draft IoT Bootstrapping Analysis July 2019
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 5
3. Classification of available mechanisms . . . . . . . . . . . 5
4. IoT Device Bootstrapping Methods . . . . . . . . . . . . . . 7
4.1. Managed Methods . . . . . . . . . . . . . . . . . . . . . 7
4.2. Hybrid Methods . . . . . . . . . . . . . . . . . . . . . 10
4.3. Bootstrapping in LPWAN . . . . . . . . . . . . . . . . . 10
4.4. Peer to Peer or Adhoc Methods . . . . . . . . . . . . . . 12
4.5. Leap-of-faith/Opportunistic Methods . . . . . . . . . . . 14
5. Security Considerations . . . . . . . . . . . . . . . . . . . 15
6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 16
7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 16
8. Informative References . . . . . . . . . . . . . . . . . . . 16
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 22
1. Introduction
An Internet of Things (IoT) network consists of connected things that
cooperate together to accomplish tasks such as smart buildings, smart
environment monitoring system, and intelligent transport systems.
The size of an IoT network varies from a couple of devices to tens of
thousands depending on the application. A smart object, or a thing,
or a device in an IoT network is typically produced by a variety of
vendors and are typically heterogeneous in terms of the constraints
on their power supply, communication capability, computation capacity
and memory available. Due to this heterogeneity, a wide variety of
bootstrapping mechanisms are proposed and used for these smart
objects.
Before classifying and describing the various methods of
bootstrapping, it is important to discuss what is meant by the term
bootstrapping. In order to understand the term bootstrapping, we
need to discuss some important preliminaries first. We start by
discussing the meaning of identity and identifiers. The dictionary
defines identity as "something that distinguishes an entity from
other entities". Dick Hardt (an advocate of identity 2.0 concept) in
his keynote talk on identity describes human identity as "who you
Show full document text