OCF is pleased to work with CTA and CSDE on establishing an IoT Device Security Base Line. Through Collaboration with these organizations, OCF is able to provide our expert insights and work with some of the biggest players in the IoT industry to bring about a consensus of baseline capabilities that will drive the global market for IoT toward increased security. OCF not only contributed our technical materials, but our advice, support, and recommendations, including an annex to the C2 document that maps the OCF specification to the C2 Consensus security capabilities. This annex includes details on which release of the OCF Specification currently applies to each of these capabilities and what each capability does to secure different aspects of the IoT. By providing this annex of capabilities that the OCF currently maps to and enables within the specification, the OCF is not only sharing our thoughts on what the IoT industry should be doing, but OCF is actually implementing and providing these capabilities today through our publicly available specification and open source implementation – IoTivity.
The C2 Consensus on IoT Device Security Baseline Capabilities
Securing the IoT from the network layer to the application layer
Security in the Internet of Things (IoT) has become a critical requirement, with recent legislation mandating ‘reasonable security features.’ It is very clear that the cost of implementing security within the IoT is necessary, and far outweighs the cost of not doing so.
Security is built up in layers; the first layer needing to be secured is the hardware layer, the second is the network layer. In this article, the network layer referenced is the Thread network layer: a low-cost, low-energy, meshed IoT network.
However, the network is a mix of wireless and wired IP technologies, so there is also a need for application level security. This comes from the OCF application layer; a secure domain where all devices and clients can securely talk to each other, say, Wouter van der Beek, senior IoT architect, Cisco Systems and Technical Working Group chair, Open Connectivity Foundation and Bruno Johnson, CEO of Cascoda, a member of the Open Connectivity Foundation.
Read the full article by Bruno Johnson via IoT Now.
IoT device security: A path to standardization
Read the full article by Oleksandr Andrieiev and Philip Hawkes via Embedded.
