NIST SPECIAL PUBLICATION 1800 -15
Securing Small -Business and Home
Internet of Things (IoT) Devices
Mitigating Network -Based Attacks Using Manufacturer
Usage Description (MUD)
Includes Executive Summary (A); Approach, Architecture, and Security Characteristics (B);
and How -To Guide s (C)
Donna Dodson
Tim Polk
Murugiah Souppaya
NIST
Yemi Fashina
Parisa Grayeli
Joshua Klosterman
Blaine Mulugeta
Mary Raguso
Susan Symington
The MITRE Corporation
Jaideep Singh
Molex
William C. Barker
Dakota Consulting
Dean Coclin
Clint Wilson
DigiCert Darshak Thakore
Mark Walker
CableLabs
Eliot Lear
Brian Weis
Cisco Tim Jones
ForeScout Drew Cohen
MasterPeace
PRELIMINARY DRAFT
This publication is available free of charge from:
https://www.nccoe.nist.gov/projects/building -blocks/mitigating -iot-based -ddos
NIST SPECIAL PUBLICATION 1800 -15
Securing Small -Business and Home Internet of Things
(IoT) Devices: Mitigating Network -Based Attacks
Using Manufacturer Usage Description (MUD)
Includes Executive Summary (A); Approach, Architecture, an d Security Characteristics (B) ;
and How -To Guides (C)
Donna Do dson
Tim Polk
Murugiah S ouppaya
NIST
William C. Barker
Dakota Consulting
Eliot Lear
Brian Weis
Cisco
Yemi Fashina
Parisa Grayeli
Joshua Klosterman
Blaine Mulugeta
Mary Raguso
Susan Symington
The MITRE Corporation
Dean Coclin
Clint Wilson
DigiCert
Tim Jones
ForeScout
Jaideep Singh
Molex
Darshak Thakore
Mark Walker
CableLabs
Drew Cohen
MasterPeace
PRELIMINARY DRAFT
April 201 9
U.S. Department of Commerce
Wilbur Ross , Secretary
National Institute of Standards and Technology
Walter G. Copan, Undersecretary of Commerce for Standards and Technology and Director
NIST SPECIAL PUBLICATION 1800 -15A
Securing Small -Business and Home
Internet of Things (IoT) Devices
Mitigating Network -Based Attacks Using Manufacturer
Usage Description (MUD)
Volume A:
Executive Summary
Donna Dodson
Tim Polk
Murugiah Souppaya
NIST
William C. Barker
Dakota Consulting
Parisa Grayeli
Mary Raguso
Susan Symington
The MITRE Corporation
April 2019
PRELIMINARY DRAFT
This publication is available free of charge from
https://www.nccoe.nist.gov/projects/building -blocks/mitig ating -iot-based -ddos
PRELIMINARY DRAFT
NIST SP 1800 -15A: Securing Small -Business and Home IoT Devices 1 Executive Summary 1
The goal of the Internet Engineering Task Force’s manufacturer usage description (MUD) architecture is 2
for Internet of Things (IoT) devices to behave as intended by the manufacturer s of the devices. This is 3
done by providing a standard way for manufacturers to identify each device’s type and to indicate the 4
network communications that it requires to perform its intended function. When MUD is used, the 5
network will automatically permit the IoT device to per form as intended, and the network will prohibit 6
all other device behaviors. 7
▪ The National Cybersecurity Center of Excellence (NCCoE) has demonstrated for IoT product 8
developers and implementers the ability to ensure that when an IoT device connects to a home 9
or small -business network, MUD can be used to automatically permit the dev ice to send and 10
receive only the traffic it requires to perform its intended function. 11
▪ A distributed denial of service (DDoS) attack can cause a significant negative impact to an 12
organization that is dependent on the internet to conduct business. A DDoS at tack involves 13
multiple computing devices in disparate locations sending repeated requests to a server with 14
the intent to overload it and ultimately render it inaccessible. 15
▪ Recently, IoT devices have been exploited to launch DDoS attacks. IoT devices may have 16
unpatched or easily discoverable so
NIST.SP.1800-15 preliminary-draft Securing Small-Business and Home Internet of Things (IoT) Devices
安全标准 >
NIST >
文档预览
中文文档
281 页
50 下载
1000 浏览
0 评论
0 收藏
3.0分
温馨提示:本文档共281页,可预览 3 页,如浏览全部内容或当前文档出现乱码,可开通会员下载原始文档
本文档由 思安 于 2022-12-05 09:12:44上传分享