|
Work item:
|
Y.4814 (ex Y.IoT-acs-fra)
|
|
Subject/title:
|
Functional requirements and architecture of access control service of Internet of things (IoT) platform enabled by zero trust in decentralized environments
|
|
Status:
|
Determined on 2025-01-24 [Issued from previous study period]
|
|
Approval process:
|
TAP
|
|
Type of work item:
|
Recommendation
|
|
Version:
|
New
|
|
Equivalent number:
|
-
|
|
Timing:
|
2025-Q4 (Medium priority)
|
|
Liaison:
|
ITU-T SG16, SG17
|
|
Supporting members:
|
China Unicom; ZTE Corporation; MIIT; CICT; BUPT
|
|
Summary:
|
There are many substantial challenges for Internet of things (IoT) platforms in decentralized environments to making trust among IoT entities (such as IoT devices, IoT services, IoT gateways) when they interact with each other. The traditional access control solutions of IoT platforms (such as perimeter control, password authentication, virtual private network) cannot fully cope with those challenges, especially when IoT entities are deployed in decentralized environments.
Zero trust (ZT) is a type of cybersecurity principle that provides a collection of concepts and ideas designed to minimize uncertainty in enforcing accurate, least privilege per-request access decisions in information systems and services in the face of a network viewed as compromised [b-NIST SP 800-207]. In ZT-based access control solutions, it is no longer required to determine access rights by location and security domain for IoT entities to discover and access other IoT entities in the same or different IoT platforms. It is required to be determined for any requests to discover and access any IoT entities in IoT platforms. Therefore, ZT-based access control solutions are suitable for IoT platforms in decentralized environments.
This Recommendation introduces an access control service of an IoT platform in decentralized environments as enabled by ZT, and specifies its technical characteristics, functional requirements and architecture.
|
|
Comment:
|
-
|
|
Reference(s):
|
|
|
Historic references:
|
|
Contact(s):
|
|
| ITU-T A.5 justification(s): |
|
|
|
|
First registration in the WP:
2023-02-15 14:46:56
|
|
Last update:
2025-04-16 10:12:32
|
