Touted as a revolution that will eliminate many of the mundane tasks humans perform, the vast internet of things (IoT) network has exciting new potential to improve human life, but many cybersecurity experts remain skeptical of the security of individual objects and devices as well as their unsecured interconnectedness.
IoT describes the “systems that connect humans, non-human physical objects, and cyber objects, enabling monitoring, automation, and decision-making — technology that is now utilized in almost every aspect of personal life, government, and industry,” according to a description from the National Institute of Standards and Technology.
Another definition describes IoT devices, or any of the many objects in the internet of things, as nonstandard computing devices that connect wirelessly to a network and have the ability to transmit data. IoT involves extending internet connectivity beyond standard devices, such as desktops, laptops, smartphones and tablets, to any range of traditionally dumb or non-internet-enabled physical devices and everyday objects, for example, children’s toys.
On the plus side, these objects offer consumers speed and convenience – from virtual assistants, to smart appliances and home security systems – to healthcare devices. Smart objects can also provide diverse industries with the vital data they need to manage inventory and machines, increase efficiency, save costs and even save lives.
Due to their immense popularity with consumers and in business, the ubiquitous presence of IoT understandably leads to questions of trustworthiness and the potential of this new technology to be used for malicious purposes, NIST said in a release. “These concerns are not necessarily matters of direct risk assessment, but rather a high-level consideration of whether an IoT product or service can provide desired operations at an acceptable level of quality.”
NIST is releasing a draft white paper for public comment, Internet of Things (IoT) Trust Concerns. It identifies 17 technical trust-related issues that may negatively affect the acceptance of IoT products and services. This set was derived from the six trustworthiness elements in NIST Special Publication (SP) 800-183, Networks of Things. The draft white paper offers recommendations for addressing these concerns, suggests additional areas of research regarding the subject of “IoT trust,” and provides readers with a broad understanding of the topic.
A public comment period for this draft document is open until Nov.16, 2018.
NIST notes that the content in this white paper was originally released on Sept. 17, 2018 as Draft NISTIR 8222, which was temporarily withdrawn to synchronize with other pending documents on this topic.
Internet of Things (IoT) Trust Concerns: NIST Releases Draft NIS