|
Work item:
|
X.1352 (ex X.iotsec-4)
|
|
Subject/title:
|
Security Requirements for Internet of things (IoT) devices and gateway
|
|
Status:
|
Approved on 2022-09-02 [Issued from previous study period]
|
|
Approval process:
|
TAP
|
|
Type of work item:
|
Recommendation
|
|
Version:
|
New
|
|
Equivalent number:
|
-
|
|
Timing:
|
-
|
|
Liaison:
|
-
|
|
Supporting members:
|
-
|
|
Summary:
|
This Recommendation establishes detailed requirements for five security dimensions applicable to Internet of things (IoT) device and gateway: authentication, cryptography, data security, device platform security, and physical security, based on the IoT reference model specified in [ITU-T Y.4100] and the IoT security framework in [ITU-T X.1361].
The authentication dimension includes user authentication, secure use of authentication credentials and device authentication. The cryptography dimension includes the use of secure cryptography, secure key management and secure random number generation. The data security dimension includes secure transmission and storage, information flow control, secure session management and personally identifiable information (PII) management. The device platform security dimension includes five elements: software security; secure update; security management; logging; and timestamp. Likewise, the physical security dimension includes a secure physical interface and tamper-proofing.
|
|
Comment:
|
-
|
|
Reference(s):
|
|
|
Historic references:
|
|
Contact(s):
|
|
| ITU-T A.5 justification(s): |
|
|
|
|
First registration in the WP:
2018-09-13 10:34:43
|
|
Last update:
2022-09-15 11:18:29
|
