W3C home > Mailing lists > Public > public-wot-ig@w3.org > August 2017

Re: References for "best practices" in IoT security needed

From: David Rogers <david.rogers@copperhorse.co.uk>
Date: Thu, 17 Aug 2017 08:39:54 +0200
To: "Mccool, Michael" <michael.mccool@intel.com>, "public-wot-ig@w3.org" <public-wot-ig@w3.org>
Cc: david.rogers@copperhorse.co.uk
Message-ID: <E1diETe-0004NS-Le@titan.w3.org>
A list here (which I need to update): http://blog.mobilephonesecurity.org/2016/11/iot-security-resources.html
IoT Security Foundation Best Practices - 1.1 being launched shortly: https://iotsecurityfoundation.org/best-practice-guidelines/
Also checkout the GSMA IoT security guidelines: https://www.gsma.com/iot/future-iot-networks/iot-security-guidelines/


Sent from my mobile
-------- Original message --------From: "Mccool, Michael" <michael.mccool@intel.com> Date: 17/08/2017  04:03  (GMT+01:00) To: public-wot-ig@w3.org Subject: References for "best practices" in IoT security needed 
I've been looking for references on "best practices" in IoT security.  Ideally these would be standards we could cite or practices adopted or required by major organizations (eg large companies or governments).

While the following is not a standard (unfortunately), and I haven't yet read through the whole thing, the following book is proving to be pretty useful.  In particular, it highlights the interaction of safety and security in IoT, something which is not necessarily a factor in other cybersecurity contexts:

Practical Internet of Things Security https://g.co/kgs/MSw7Yz

At the same time, we DO still need better "anchor" citations from standards bodies or similar organizations we can use for best practice security recommendations *in IoT*.  If anyone on this list has suggestions, please give them.

We do have an existing set of references under the main github site.

Michael McCool
Received on Thursday, 17 August 2017 06:40:30 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:27:14 UTC