The FIDO Alliance’s IoT specification, FIDO Device Onboard (FDO) is an automatic onboarding protocol for IoT devices.
Device onboarding is the process of installing secrets and configuration data into a device so that the device is able to connect and interact securely with an IoT platform. The IoT platform is used by the device owner to manage the device by: patching security vulnerabilities; installing or updating software; retrieving sensor data; interacting with actuators; etc. FIDO Device Onboard is an automatic onboarding mechanism, meaning that it is invoked autonomously and performs only limited, specific, interactions with its environment to complete. FIDO Device Onboard permits late binding of device credentials, so that one manufactured device may onboarded, without modification, to many different IoT platforms.
The below figure illustrates how FDO works:
The specification is a Proposed Standard and available to download on the “Download IoT Specifications” webpage.
Resources
White Papers
FIDO Device Onboard: A Specification for Automated, Secure IoT Provisioning Technology
The FIDO Alliance IoT TWG began its work by creating a list of target use cases to address. They then examined current industry solutions to see if any could be readily adapted to meet these use cases. Intel offered its Secure Device Onboarding (SDO) technology to the working group and this was accepted as the foundation for the new specification. The technical editors of the working group (which included representatives from Arm, Amazon Web Services, Microsoft, Google, Intel, Infineon and Qualcomm) identified where gaps existed and how these could best be closed. The fruits of this work are represented in the FDO specification. Read this white paper for a full introduction to FDO.
FIDO Device Onboard: The Device Key
This white paper builds on the FDO specification to describe various techniques for securely storing the device key, which is used in FDO for attesting the security posture of the device. Read this resource to learn about common mechanisms used to store and access device keys, and how they apply to FDO. Read this white paper to learn more.
IoT Application Provisioning for Security Using FDO and TPM
Device onboarding is a major concern for the efficient deployment of IoT devices. Read this white paper to learn how automatic onboarding through FDO can accelerate deployments and enable a more efficient manufacturing supply chain. Read this white paper to learn more about automatic onboarding and the role of the TPM in adding security and convenience to FDO deployments.
Videos
Watch the following videos and get expert perspectives and education from leading industry organizations, solution providers and industry experts on how to leverage FIDO and related technologies to bring passwordless authentication to IoT.