The National Cybersecurity Center of Excellence (NCCoE)
has published a preliminary draft practice guide, SP 1800-15, “Securing
Small-Business and Home Internet of Things (IoT) Devices: Mitigating
Network-Based Attacks Using Manufacturer Usage Description (MUD),” and is
seeking public comments. The popularity of IoT devices is growing rapidly, as
are concerns over their security. IoT devices are often vulnerable to malicious
actors who can exploit them directly and use them to conduct network-based
attacks. SP 1800-15 describes for IoT product developers and implementers an
approach that uses MUD to automatically limit IoT devices to sending and
receiving only the traffic that they require to perform their intended
functions.
has published a preliminary draft practice guide, SP 1800-15, “Securing
Small-Business and Home Internet of Things (IoT) Devices: Mitigating
Network-Based Attacks Using Manufacturer Usage Description (MUD),” and is
seeking public comments. The popularity of IoT devices is growing rapidly, as
are concerns over their security. IoT devices are often vulnerable to malicious
actors who can exploit them directly and use them to conduct network-based
attacks. SP 1800-15 describes for IoT product developers and implementers an
approach that uses MUD to automatically limit IoT devices to sending and
receiving only the traffic that they require to perform their intended
functions.
We will use this feedback to help shape the next version
of this document.
of this document.
Please
submit your comments by June 24, 2019. See the publication details link below
for a copy of the document and instructions for submitting comments.
submit your comments by June 24, 2019. See the publication details link below
for a copy of the document and instructions for submitting comments.
Publication
details:
https://csrc.nist.gov/publications/detail/sp/1800-15/draft
details:
https://csrc.nist.gov/publications/detail/sp/1800-15/draft