The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
•
0 likes•73 views
FIDO Taipei Workshop: Securing the Edge with FDO
Recommended
More Related Content
Similar to The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
Similar to The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf (20)
More from FIDO Alliance
More from FIDO Alliance (20)
Recently uploaded
Recently uploaded (20)
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
- 1. © FIDO Alliance 2024 Confidential 1 © FIDO Alliance 2024 Confidential 1 The Value of Certifying Products for FDO Paul Heim, Certification Director, FIDO Alliance
- 2. © FIDO Alliance 2024 Confidential 2 Agenda What to Certify How to Certify Why to Certify Current Certification Status
- 3. © FIDO Alliance 2024 Confidential 3 What to Certify?
- 4. © FIDO Alliance 2024 Confidential 4 How FDO works (with spec terms) Device Manufacturer Ownership Voucher (OV) FDO Manufacturing tool FDO Client & Credentials Device Initialization (DI) • Places FDO device credentials in Device • Creates FDO Ownership Voucher Target Cloud FDO owner Rendezvous server (RV) FDO Client & credentials T00/T01 protocols • The interaction between Device and Rendezvous Server • Device identifies itself to the Rendezvous Server. Obtains mapping to connect to the Owner’s IP address. T02 protocol • The interaction between Device and Owner. • Device contacts Owner. Establishes trust and then performs onboarding Application Data / Control → Onboarding Data → Final State Cloud Managed, Device data flows
- 5. © FIDO Alliance 2024 Confidential 5 Certifiable FDO Components Target Cloud FDO owner Rendezvous server (RV) FDO Client & credentials T00/T01 protocols • The interaction between Device and Rendezvous Server • Device identifies itself to the Rendezvous Server. Obtains mapping to connect to the Owner’s IP address. T02 protocol • The interaction between Device and Owner. • Device contacts Owner. Establishes trust and then performs onboarding Application Data / Control → Onboarding Data → Devices Manufactured devices enabled with FDO that are ready for provisioning. E.g., ‘End Products,’ like PCs, gateways, security cameras, etc.; all Edge and Connected Devices Device Onboarding (DO) Component of the device management service and connected device platform Rendezvous Server Server configured to connect and register a Device implementing FDO with an Owner
- 6. © FIDO Alliance 2024 Confidential 6 How to Certify?
- 7. © FIDO Alliance 2024 Confidential 7 FDO Certification Methodology Functional Certification • Conformance Testing • Interoperability Testing Security Certification • Self-Attested Vendor Questionnaire (VQ) at Level 1 (L1) Certification Maintenance • Evaluated Impact Analysis Reports for updates to certified products.
- 8. © FIDO Alliance 2024 Confidential 8 Device Certification Workflow Functional Evaluation + Security Evaluation = FDO Certification Certification Maintenance
- 9. © FIDO Alliance 2024 Confidential 9 DO and RV Certification Workflow Functional Evaluation = FDO Certification Certification Maintenance
- 10. © FIDO Alliance 2024 Confidential 10 Why to Certify?
- 11. © FIDO Alliance 2024 Confidential 11 Standardization for industry Regulatory requirement Market differentiation Consumer & Enterprise protection Benefits to Product Certification
- 12. © FIDO Alliance 2024 Confidential 12 Standardization for Industry Conformant Interoperable Compliant
- 13. © FIDO Alliance 2024 Confidential 13 Regulatory Requirements Industry Requirements Meets Compliance Aspects Validated in Market
- 14. © FIDO Alliance 2024 Confidential 14 Regulatory Requirements Cont. 1. RED Directive (EU): This directive focuses on the radio equipment aspect of IoT devices and now encompasses broader security requirements to ensure the security and privacy of user data. 2. Cyber Resilience Act (EU): Newly proposed, this act aims to fortify the resilience of IoT devices against cyberattacks, demanding higher transparency and stricter compliance measures from manufacturers. 3. PSTI (UK): The Product Security and Telecommunications Infrastructure bill enhances security provisions for IoT devices, setting robust standards for device security to protect end users. 4. Cyber Executive Order / US Cyber Trust Mark (US): Initiated by the Executive Order on Improving the Nation’s Cybersecurity, the US Cyber Trust Mark will serve as a label to certify devices that meet specified cybersecurity criteria.
- 15. © FIDO Alliance 2024 Confidential 15 Market Differentiator • Stand out against competition • Increased product rigor • Competitive edge
- 16. © FIDO Alliance 2024 Confidential 16 Consumer & Enterprise Protection Confidence in product quality Security and trust Informed purchases Product rigor
- 17. © FIDO Alliance 2024 Confidential 17 Current Certification Status
- 18. © FIDO Alliance 2024 Confidential 18 Certification Program Availability Certifying FDO components against FDO v1.1 12+ components are in process, successfully completing functional evaluation 9+ devices are in the process of completing security evaluation at Level 1 Registration for interoperability testing is open Higher levels of security evaluation are in the process of being defined
- 19. © FIDO Alliance 2024 Confidential 19 Get FDO Certified! Contact certification@fidoalliance.org for FDO Certification
- 20. © FIDO Alliance 2024 Confidential 20 © FIDO Alliance 2024 Confidential 20 Thank you