MUD Lifecyle: A Manufacturer's Perspective
draft-srich-opsawg-mud-manu-lifecycle-01

Document Type Active Internet-Draft (individual)
Last updated 2017-03-27
Stream (None)
Intended RFC status (None)
Formats plain text pdf html bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state I-D Exists
Telechat date
Responsible AD (None)
Send notices to (None)
Operations and Management Area Work Group                        S. Rich
Internet-Draft                                             Cisco Systems
Intended status: Informational
Expires: September 27, 2017                                      T. Dahm
                                                                  Google
                                                           27 March 2017

               MUD Lifecyle: A Manufacturer's Perspective
              draft-srich-opsawg-mud-manu-lifecycle-01.txt

Abstract

   Manufacturer Usage Descriptions, or MUDs, allow a manufacturer to
   cheaply and simply describe to the network the accesses required
   by an IoT device without adding any extra cost or software to the
   devices themselves.  By doing so, the network infrastructure
   devices can apply access policies automatically which increase the
   overall security of the entire network, not just for the IoT
   devices themselves.  This document describes the lifecycle of
   Manufacturer Usage Descriptions (MUDs) by describing detailed MUD
   scenarios from the perspective of device manufacturers.

Status of This Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current
   Internet-Drafts is at http://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six
   months and may be updated, replaced, or obsoleted by other
   documents at any time.  It is inappropriate to use Internet-Drafts
   as reference material or to cite them other than as "work in
   progress."

   This Internet-Draft will expire on September 27, 2017.

Rich & Dahm                                                     [Page 1]
Draft          MUD Lifecyle: A Manufacturer's Perspective  27 March 2017

Copyright Notice

   Copyright (c) 2017 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with
   respect to this document.  Code Components extracted from this
   document must include Simplified BSD License text as described in
   Section 4.e of the Trust Legal Provisions and are provided without
   warranty as described in the Simplified BSD License.

1.  Introduction

   The addition of IoT devices to a network expands the attack
   surface of that network.  Even if a device does not have
   exploitable vulnerabilities (in the sense of an attacker injecting
   and running malware on it), it may be susceptible to denial-of-
   service (DoS) attacks and thus could have its functionality
   impaired by attackers.  Recent events have shown just how real,
   and not just theoretical, such attacks can be.

   A detailed summary of the current state of understanding of the
   Mirai botnet's use of IoT devices can be found in [MIRAI].  It is
   estimated that around 100,000 IoT devices generated more than a
   terabit per second of DDoS traffic.

   Also consider the Sony Cameras IP Security article [SONYCAMS]
   which describes a vulnerability in many camera models which could
   be exploited to launch attacks like those seen in the massive DDoS
   attack on DynDNS in [DynDNS].  As both of these incidents show,
   more network-accessible devices which can connect to arbitrary
   external addresses can, if those devices permit too much access or
   if they have vulnerabilities which allow arbitrary code execution,
   be used by attackers to amplify attacks and to do so by using
   origin addresses spanning broad ranges of networks.

   Concerns about the negative possibilities of attacks related to
   IoT devices is also discussed in [MITTECH] that also discusses
   some of the regulatory and government angles in play.  In a recent
   move described in [USGSUIT], the U.S. Federal Government has taken
   the step of suing D-Link, accusing it of ``poor security
   practices'' for some of its IoT devices.

Rich & Dahm                                                     [Page 2]
Draft          MUD Lifecyle: A Manufacturer's Perspective  27 March 2017

   MUD provides a light-weight model of achieving very effective
   baseline security for IoT devices by simply allowing a network to
   automatically configure the required network access for IoT
   devices so that they can perform their intended functions without
Show full document text