Topic-specific policies
ISO/IEC 27071


Search this site
 

ISMS templates

< Previous standard      ^ Up a level ^      Next standard >

 

ISO/IEC 27071 — Information technology — Security techniques — Security recommendations for establishing trusted connections between devices and services [DRAFT]

 

Abstract

“This International Standard provides a framework and recommendations for establishing trusted connection between device and service based on hardware security modules, including recommendations for components such as: hardware security module, roots of trust, identity, authentication and key establishment, environment attestation, data integrity and authenticity.”
[Source: SC27 Standing Document 11 (2021)]
 

Introduction

This standard concerns mutual authentication between distributed network devices (such as sensors and other IoT things) and [cloud-based] information services, using Public Key Infrastructure and Hardware Security Modules.

 

Scope of the standard

The standard will lay out a conceptual framework for establishing trusted connections between devices and services based on HSMs with recommendations roots of trust, identity, authentication and key establishment, remote attestation, data integrity and authenticity.

 

Content of the standard

31 pages, with 2 main sections:

    5. Framework and components for establishing a trusted connection - a conceptual design.
     

    6. Security recommendations for establishing a trusted connection - such as an HSM or virtual root of trust (implying PKI).

    ... and three annexes covering threats; ‘solutions’ (non-aqueous); and examples.

 

Status of the standard

The standard is at Committee Draft stage. It is due to be published in 2023.

 

Personal comments

Here’s a fictitious scenario illustrating the need for mutual authentication.  Imagine your electric car maintains detailed technical data about the places its has been driven to, the manner of driving, battery performance etc. You agree to share the data routinely with the vehicle manufacturer through a 4G or 5G connection to a car monitoring app, in return for a warranty extension, driving tips or advanced warning of issues requiring a service visit. How does the manufacturer know the data uploaded by your car is, in fact, your car, not a cloned or modified vehicle? How does your car know that the car monitoring app is, in fact, the car monitoring app run by the manufacturer, not some naughty hacker intent on discovering your movements and habits for blackmail or kidnap, or an agent for the insurance companies illicitly checking on your driving competence and hence risk profile?

 

< Previous standard      ^ Up a level ^      Next standard >

Copyright © 2021 IsecT Ltd.