As with any other device, an IoT device needs appropriate credentials in order to connect to a network securely. The process of provisioning these credentials to the device is called network-layer onboarding. The current lack of trusted IoT device onboarding processes leaves many networks vulnerable to having unauthorized devices connect to them. It also leaves devices vulnerable to being taken over by networks that are not authorized to onboard them. The National Cybersecurity Center of Excellence, in collaboration with industry, is committed to providing actionable cybersecurity solutions to help strengthen the security of IoT device and their networks through trusted network-layer onboarding over IP networks and lifecycle management.
This document provides background information on trusted IoT device network-layer onboarding and lifecycle management and defines a taxonomy of onboarding characteristics that can be used to discuss potential onboarding solutions in product-agnostic terms. This document in conjunction with the Virtual Workshop on Trusted IoT Device Network-Layer Onboarding and Lifecycle Management informed the development of the project description.