AutoAdd - Automatic Bootstrapping of IoT Devices
draft-autoadd-auto-bootstrapping-iot-devices-00

Document Type Active Internet-Draft (individual)
Last updated 2019-02-01
Stream (None)
Intended RFC status (None)
Formats plain text xml pdf html bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state I-D Exists
Telechat date
Responsible AD (None)
Send notices to (None)
IETF                                                  Anoop Kumar Pandey
Internet-Draft                                           C-DAC Bangalore
Intended status: Informational                          January 31, 2019
Expires: August 4, 2019

            AutoAdd - Automatic Bootstrapping of IoT Devices
            draft-autoadd-auto-bootstrapping-iot-devices-00

Abstract

   IoT devices are fast getting embedded into our lives, and when put
   together they have the potential to generate a precise and detailed
   history of our lives and store them forever.  Their networking and
   communicational power can be unleashed for malicious and sabotage
   purposes, by a motivated attacker sitting in the far corner of the
   world.  Attacks on Industrial IoT systems can cause greater
   disasters.  It is therefore essential to inculcate the security
   aspect, right from design to development to operations.  The first
   operation of an IoT device is to bootstrap itself, and due importance
   should be placed to ensure that this operation is carried out
   securely and with due diligence.  However, it's easier said than
   done, and this paper outlines several approaches for secure automated
   bootstrapping and also proposes a new method, which is compared
   against the existing mechanisms for several qualitative factors.

Status of This Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at https://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on August 4, 2019.

Copyright Notice

   Copyright (c) 2019 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

Anoop Kumar Pandey       Expires August 4, 2019                 [Page 1]
Internet-Draft                   AutoAdd                    January 2019

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (https://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Table of Contents

   1.  Prologue  . . . . . . . . . . . . . . . . . . . . . . . . . .   2
   2.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   3
     2.1.  Requirements Language . . . . . . . . . . . . . . . . . .   3
   3.  Prior and Ongoing Contributions . . . . . . . . . . . . . . .   3
     3.1.  TOFU (Trust on First Use) . . . . . . . . . . . . . . . .   3
     3.2.  Resurrecting Duckling . . . . . . . . . . . . . . . . . .   4
     3.3.  Enrollment over Secure Transport  . . . . . . . . . . . .   4
     3.4.  BRSKI . . . . . . . . . . . . . . . . . . . . . . . . . .   4
     3.5.  EAP-NooB  . . . . . . . . . . . . . . . . . . . . . . . .   5
     3.6.  AutoAdd (Work in Progress)  . . . . . . . . . . . . . . .   5
   4.  Comparison Chart  . . . . . . . . . . . . . . . . . . . . . .   6
   5.  Conclusion  . . . . . . . . . . . . . . . . . . . . . . . . .   7
   6.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .   7
   7.  Security Considerations . . . . . . . . . . . . . . . . . . .   7
   8.  References  . . . . . . . . . . . . . . . . . . . . . . . . .   8
     8.1.  Normative References  . . . . . . . . . . . . . . . . . .   8
     8.2.  Informative References  . . . . . . . . . . . . . . . . .   8
   Author's Address  . . . . . . . . . . . . . . . . . . . . . . . .   8

1.  Prologue

   Amazon launched "Amazon Alexa" in November 2014.  Alexa is a virtual
   assistant which comes with Echo line of smart speakers.  It is
   capable of voice interaction, control of smart home devices, music
   playback, setting alarms, making calls, checking weather and news and
   much more.
   Google Home series smart speakers were launched in November 2016.
   Google Assistant can be used to control thousands of smart-home
   products from several brands like LG, GE, Whirlpool, Nest etc...
   Google Home can be asked to change the temperature, dim the lights,
   turn on a microwave or kettle, and also start Roomba (robotic vacuum
   cleaners).  It can also turn the TV on/off using Chromecast.
   The concept of smart home and devices is taking off very fast.  It
Show full document text