Re: Call for Review of draft-iab-smart-object-architecture-04.txt, "Architectural Considerations in Smart Object Networking"

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Another “security” dimension that’s increasingly relevant is whether the design, configuration or operation might lead to unintended storms.  For a recent example of such a problem, see:

http://www.washingtonpost.com/blogs/capital-weather-gang/wp/2014/08/26/national-weather-service-website-taken-down-by-overzealous-android-app/

In February this year, the US National Science Foundation sponsored a workshop on Interdisciplinary Pathways towards a More Secure Internet.  The report included several recommendation, two of which seem relevant here.

  • Create a Framework for Managing Software Updates

    The Internet of Things will challenge our current channels for distributing security updates. An environment must be developed for distributing security patches that scales to a world where almost everything is connected to the Internet and many “things” are largely unattended.


  • Enhance the Security of the Internet of Things by Identifying Enclaves

    The security challenges posed by the emerging Internet of Things should be addressed now, to prepare before it is fully upon us. By identifying specific use segments, or “enclaves,” Internet of Things infrastructure stakeholders can address the security requirements and devise event remediations for that enclave.
Steve



On Aug 29, 2014, at 7:12 AM, Ralph Droms <rdroms.ietf@xxxxxxxxx> wrote:

The security section is especially handwavey ... especially considering security is probably more important for smart objects while there are fewer resources available for implementing security in smart objects than elsewhere.

Here's a useful take on the security issue that might provide some guidance for additional tet in the security section: http://trac.tools.ietf.org/wg/ace/trac/wiki/Questions

If the IAB is not prepared to undertake recommendations on security at this time, in my opinion security should be tagged as a topic for future work in addition to the pointers to earlier work.

- Ralph

On Aug 27, 2014, at 2:18 PM 8/27/14, IAB Chair <iab-chair@xxxxxxx> wrote:

This is a call for review of "Architectural Considerations in Smart Object Networking" prior to potential approval as an IAB stream RFC.

The document is available for inspection here: https://datatracker.ietf.org/doc/draft-iab-smart-object-architecture/

The Call for Review will last until 24 September 2014.  Please send comments to iab@xxxxxxx.

On behalf of the IAB,
 Russ Housley
 IAB Chair




[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]