The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
FIDOAlliance
338 views
20 slides
May 20, 2024
Slide 1 of 20
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
About This Presentation
FIDO Taipei Workshop: Securing the Edge with FDO
Slide Content
© FIDO Alliance 2024 Confidential1 © FIDO Alliance 2024 Confidential1
The Value of Certifying
Products for FDO
Paul Heim, Certification Director, FIDO Alliance
The Value of Certifying
Products for FDO
Paul Heim, Certification Director, FIDO Alliance
© FIDO Alliance 2024 Confidential2
Agenda
What to Certify
How to Certify
Why to Certify
Current Certification Status
Agenda
What to Certify
How to Certify
Why to Certify
Current Certification Status
© FIDO Alliance 2024 Confidential3
What to Certify?
What to Certify?
© FIDO Alliance 2024 Confidential4
How FDO works (with spec terms)
Device Manufacturer
Ownership
Voucher (OV)
FDO
Manufacturing
tool
FDO Client &
Credentials
Device Initialization (DI)
•Places FDO device credentials in Device
•Creates FDO Ownership Voucher
Target Cloud
FDO owner
Rendezvous
server (RV)
FDO Client &
credentials
T00/T01 protocols
•The interaction between Device and
Rendezvous Server
•Device identifies itself to the
Rendezvous Server. Obtains mapping to
connect to the Owner’s IP address.
T02 protocol
•The interaction between
Device and Owner.
•Device contacts Owner.
Establishes trust and then
performs onboarding
Application Data / Control
→
Onboarding Data
→
Final State
Cloud Managed,
Device data flows
How FDO works (with spec terms)
Device Manufacturer
Ownership
Voucher (OV)
FDO
Manufacturing
tool
FDO Client &
Credentials
Device Initialization (DI)
•Places FDO device credentials in Device
•Creates FDO Ownership Voucher
Target Cloud
FDO owner
Rendezvous
server (RV)
FDO Client &
credentials
T00/T01 protocols
•The interaction between Device and
Rendezvous Server
•Device identifies itself to the
Rendezvous Server. Obtains mapping to
connect to the Owner’s IP address.
T02 protocol
•The interaction between
Device and Owner.
•Device contacts Owner.
Establishes trust and then
performs onboarding
Application Data / Control
→
Onboarding Data
→
Final State
Cloud Managed,
Device data flows
© FIDO Alliance 2024 Confidential5
Certifiable FDO Components
Target Cloud
FDO owner
Rendezvous
server (RV)
FDO Client &
credentials
T00/T01 protocols
•The interaction between Device and
Rendezvous Server
•Device identifies itself to the
Rendezvous Server. Obtains mapping to
connect to the Owner’s IP address.
T02 protocol
•The interaction between
Device and Owner.
•Device contacts Owner.
Establishes trust and then
performs onboarding
Application Data / Control
→
Onboarding Data
→
Devices
Manufactured devices enabled
with FDO that are ready for
provisioning. E.g., ‘End
Products,’ like PCs, gateways,
security cameras, etc.; all Edge
and Connected Devices
Device Onboarding (DO)
Component of the device
management service and
connected device platform
Rendezvous Server
Server configured to connect
and register a Device
implementing FDO with an
Owner
Certifiable FDO Components
Target Cloud
FDO owner
Rendezvous
server (RV)
FDO Client &
credentials
T00/T01 protocols
•The interaction between Device and
Rendezvous Server
•Device identifies itself to the
Rendezvous Server. Obtains mapping to
connect to the Owner’s IP address.
T02 protocol
•The interaction between
Device and Owner.
•Device contacts Owner.
Establishes trust and then
performs onboarding
Application Data / Control
→
Onboarding Data
→
Devices
Manufactured devices enabled
with FDO that are ready for
provisioning. E.g., ‘End
Products,’ like PCs, gateways,
security cameras, etc.; all Edge
and Connected Devices
Device Onboarding (DO)
Component of the device
management service and
connected device platform
Rendezvous Server
Server configured to connect
and register a Device
implementing FDO with an
Owner
© FIDO Alliance 2024 Confidential6
How to Certify?
How to Certify?
© FIDO Alliance 2024 Confidential7
FDO Certification Methodology
Functional Certification
•Conformance Testing
•Interoperability Testing
Security Certification
•Self-Attested Vendor Questionnaire (VQ) at Level 1
(L1)
Certification Maintenance
•Evaluated Impact Analysis Reports for updates to
certified products.
FDO Certification Methodology
Functional Certification
•Conformance Testing
•Interoperability Testing
Security Certification
•Self-Attested Vendor Questionnaire (VQ) at Level 1
(L1)
Certification Maintenance
•Evaluated Impact Analysis Reports for updates to
certified products.
© FIDO Alliance 2024 Confidential8
Device Certification Workflow
Functional
Evaluation +
Security
Evaluation=
FDO
Certification
Certification
Maintenance
Device Certification Workflow
Functional
Evaluation +
Security
Evaluation=
FDO
Certification
Certification
Maintenance
© FIDO Alliance 2024 Confidential9
DO and RV Certification Workflow
Functional
Evaluation =
FDO Certification
Certification
Maintenance
DO and RV Certification Workflow
Functional
Evaluation =
FDO Certification
Certification
Maintenance
© FIDO Alliance 2024 Confidential10
Why to Certify?
Why to Certify?
© FIDO Alliance 2024 Confidential11
Standardization for
industry
Regulatory
requirement
Market
differentiation
Consumer &
Enterprise protection
Benefits to Product Certification
Standardization for
industry
Regulatory
requirement
Market
differentiation
Consumer &
Enterprise protection
Benefits to Product Certification
© FIDO Alliance 2024 Confidential12
Standardization for Industry
Conformant
Interoperable
Compliant
Standardization for Industry
Conformant
Interoperable
Compliant
© FIDO Alliance 2024 Confidential13
Regulatory Requirements
Industry
Requirements
Meets Compliance
Aspects
Validated in Market
Regulatory Requirements
Industry
Requirements
Meets Compliance
Aspects
Validated in Market
© FIDO Alliance 2024 Confidential14
Regulatory Requirements Cont.
1.RED Directive (EU): This directive focuses on the radio equipment
aspect of IoT devices and now encompasses broader security
requirements to ensure the security and privacy of user data.
2.Cyber Resilience Act (EU): Newly proposed, this act aims to fortify
the resilience of IoT devices against cyberattacks, demanding
higher transparency and stricter compliance measures from
manufacturers.
3.PSTI (UK): The Product Security and Telecommunications
Infrastructure bill enhances security provisions for IoT devices,
setting robust standards for device security to protect end users.
4.Cyber Executive Order / US Cyber Trust Mark (US): Initiated by the
Executive Order on Improving the Nation’s Cybersecurity, the US
Cyber Trust Mark will serve as a label to certify devices that meet
specified cybersecurity criteria.
Regulatory Requirements Cont.
1.RED Directive (EU): This directive focuses on the radio equipment
aspect of IoT devices and now encompasses broader security
requirements to ensure the security and privacy of user data.
2.Cyber Resilience Act (EU): Newly proposed, this act aims to fortify
the resilience of IoT devices against cyberattacks, demanding
higher transparency and stricter compliance measures from
manufacturers.
3.PSTI (UK): The Product Security and Telecommunications
Infrastructure bill enhances security provisions for IoT devices,
setting robust standards for device security to protect end users.
4.Cyber Executive Order / US Cyber Trust Mark (US): Initiated by the
Executive Order on Improving the Nation’s Cybersecurity, the US
Cyber Trust Mark will serve as a label to certify devices that meet
specified cybersecurity criteria.
© FIDO Alliance 2024 Confidential15
Market Differentiator
•Stand out against competition
•Increased product rigor
•Competitive edge
Market Differentiator
•Stand out against competition
•Increased product rigor
•Competitive edge
© FIDO Alliance 2024 Confidential16
Consumer & Enterprise Protection
Confidence in
product quality
Security and
trust
Informed
purchases
Product rigor
Consumer & Enterprise Protection
Confidence in
product quality
Security and
trust
Informed
purchases
Product rigor
© FIDO Alliance 2024 Confidential17
Current Certification Status
Current Certification Status
© FIDO Alliance 2024 Confidential18
Certification Program Availability
Certifying FDO components against FDO v1.1
12+ components are in process, successfully completing
functional evaluation
9+ devices are in the process of completing security
evaluation at Level 1
Registration for interoperability testing is open
Higher levels of security evaluation are in the process of
being defined
Certification Program Availability
Certifying FDO components against FDO v1.1
12+ components are in process, successfully completing
functional evaluation
9+ devices are in the process of completing security
evaluation at Level 1
Registration for interoperability testing is open
Higher levels of security evaluation are in the process of
being defined
© FIDO Alliance 2024 Confidential19
Get FDO Certified!
Contact
[email protected]
for FDO Certification
Get FDO Certified!
Contact
[email protected]
for FDO Certification
© FIDO Alliance 2024 Confidential20 © FIDO Alliance 2024 Confidential20
Thank you
Thank you
Tags
Categories
GeneralDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 338
- Slides 20
- Age 573 days
Related Slideshows
22
Pray For The Peace Of Jerusalem and You Will Prosper
RodolfoMoralesMarcuc
39 views
26
Don_t_Waste_Your_Life_God.....powerpoint
chalobrido8
42 views
31
VILLASUR_FACTORS_TO_CONSIDER_IN_PLATING_SALAD_10-13.pdf
JaiJai148317
38 views
14
Fertility awareness methods for women in the society
Isaiah47
36 views
35
Chapter 5 Arithmetic Functions Computer Organisation and Architecture
RitikSharma297999
34 views
5
syakira bhasa inggris (1) (1).pptx.......
ourcommunity56
37 views