New SICS results for security in IoT published at IETF

1 February, 2016 - 12:41

Ludwig Seitz's description of the needs of Authentication and Authorization in the smallest devices in Internet of Things have been published as RFC 7744 by the Internet Engineering Task Force (IETF).

The Internet Engineering Task Force (IETF) has published almost every standard that makes the Internet work (HTTP, TCP, IP, TLS/SSL, FTP, DNS). Now SICS has published a contribution in their renowned series, the Requests For Comments (RFCs). RFC 7744 describes use cases for authentication and authorization in constrained environments, in other words: What are the security needs of the smallest devices that are part of the Internet of Things?


Constrained devices are nodes with limited processing power, storage space, and transmission capacities. In many cases, these devices do not provide user interfaces, and they are often intended to interact without human intervention. This document includes a collection of representative use cases for authentication and authorization in
constrained environments. These use cases aim at identifying authorization problems that arise during the life cycle of a constrained device and are intended to provide a guideline for developing a comprehensive authentication and authorization solution for this class of scenarios.

See the report at IETFs homepage.