-
About The AllianceAlliance MembershipSpecifications
-
FIDO User Authentication
-
FIDO Device Onboard
-
FIDO CertificationsFind Certified ProductsFIDO Accredited LaboratoriesAdministrative
-
Discover FIDO
-
Latest Updates
- This event has passed.
Workshop on Foundational Cybersecurity Activities for IoT Device Manufacturers
March 5 @ 9:00 am – 4:30 pm America/Maryland
Location
NCCoE
9700 Great Seneca Highway, Rockville, MD 20850
Featured Keynote
Brad Goodman
FIDO DO Working Group Chair
Distinguished Member of Technical Staff, Edge Computing Architect, Dell
Overview
Leveraging FIDO Alliance cybersecurity standards in support of IR8259
As highlighted in IR8259, “If a device is expected to be more trusted by customers, particularly to remain in a secure state and stay outside the control or access of unauthorized entities, then it is likely that technical means implemented on or with that device will have to be more robust.”.
For IR8259 to be implemented effectively, devices must cooperate reliably and securely. This requires that there be a strongly authenticated and protected communication channel between M2M and IoT devices. Existing protocols and authentication techniques can help to create and maintain such a channel. However, an absolute requirement for this is a rigorous enrollment process, providing positive assurance of each machine’s identity, in order to establish the necessary foundation for secure interactions. A weak enrollment procedure of even one part leaves the system vulnerable to impersonation and compromise.
From a cybersecurity viewpoint this requires that IoT products must: (a) be able to establish secure communication channels, (b) provide uses with a secure and private method of accessing their IoT data (c) be able to be provisioned with robust software, (d) be securely connected to their management platform (whether in the cloud or on-site), (e) be software upgradable (to respond to cyber threats and also to deliver new features) and (f) can be returned to a ‘Known Good State’ in a worse case situation. Additionally, users of a device must be able to log-in securely via their cloud portal to access their data.
In this presentation, Brad will review key points raised by IR8259 and show how:
- Secure communication channels can be established for M2M and IoT applications
- FIDO passkeys for phishing resistant, passwordless public key based secure user data access via cloud portals.
- How FDO and other FIDO solutions now in development can make the task of creating flexible yet robust IoT devices that can be protected throughout their lifetime.
