ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Call for Review of draft-iab-smart-object-architecture-04.txt, "Architectural Considerations in Smart Object Networking"

2014-08-29 06:33:36
from [Steve Crocker] [Permanent Link] 
Another “security” dimension that’s increasingly relevant is whether the 
design, configuration or operation might lead to unintended storms.  For a 
recent example of such a problem, see:

http://www.washingtonpost.com/blogs/capital-weather-gang/wp/2014/08/26/national-weather-service-website-taken-down-by-overzealous-android-app/

In February this year, the US National Science Foundation sponsored a workshop 
on Interdisciplinary Pathways towards a More Secure Internet.  The report 
included several recommendation, two of which seem relevant here.

Create a Framework for Managing Software Updates

The Internet of Things will challenge our current channels for distributing 
security updates. An environment must be developed for distributing security 
patches that scales to a world where almost everything is connected to the 
Internet and many “things” are largely unattended.


Enhance the Security of the Internet of Things by Identifying Enclaves

The security challenges posed by the emerging Internet of Things should be 
addressed now, to prepare before it is fully upon us. By identifying specific 
use segments, or “enclaves,” Internet of Things infrastructure stakeholders can 
address the security requirements and devise event remediations for that 
enclave.
Steve



On Aug 29, 2014, at 7:12 AM, Ralph Droms 
<rdroms(_dot_)ietf(_at_)gmail(_dot_)com> wrote:


The security section is especially handwavey ... especially considering 
security is probably more important for smart objects while there are fewer 
resources available for implementing security in smart objects than elsewhere.

Here's a useful take on the security issue that might provide some guidance 
for additional tet in the security section: 
http://trac.tools.ietf.org/wg/ace/trac/wiki/Questions

If the IAB is not prepared to undertake recommendations on security at this 
time, in my opinion security should be tagged as a topic for future work in 
addition to the pointers to earlier work.

- Ralph

On Aug 27, 2014, at 2:18 PM 8/27/14, IAB Chair <iab-chair(_at_)iab(_dot_)org> 
wrote:


This is a call for review of "Architectural Considerations in Smart Object 
Networking" prior to potential approval as an IAB stream RFC.

The document is available for inspection here: 
https://datatracker.ietf.org/doc/draft-iab-smart-object-architecture/

The Call for Review will last until 24 September 2014.  Please send comments 
to iab(_at_)iab(_dot_)org.

On behalf of the IAB,
 Russ Housley
 IAB Chair
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Call for Review of draft-iab-smart-object-architecture-04.txt, "Architectural Considerations in Smart Object Networking", Ralph Droms
Next by Date:  Re: gmail users read on..., Andrew G. Malis
Previous by Thread:  Re: Call for Review of draft-iab-smart-object-architecture-04.txt, "Architectural Considerations in Smart Object Networking", Ralph Droms
Next by Thread:  Re: Call for Review of draft-iab-smart-object-architecture-04.txt, "Architectural Considerations in Smart Object Networking", Michael Richardson
Indexes:  [Date] [Thread] [Top] [All Lists]