We explore the impact of device location on the communication endpoints of IoT devices within the context of Manufacturer Usage Description (MUD), an IETF security framework for IoT devices. Two types of device location are considered: IP-based location, which corresponds to the physical location of the device based on its IP address; and user-defined location, which is chosen during device registration. Our findings show that IP-based location barely affects the domain set with which IoT devices interact. Conversely, user-defined location drastically changes this set, mainly through region-specific domains that embody location identifiers selected by the user at registration. We examine these findings’ effects on creating MUD file tools and IoT device identification. As MUD files rely on domain allowlists, we show that security appliances supporting MUD need to manage a significantly larger number of MUD rules than initially anticipated. To address this challenge, we leverage EDNS Client Subnet (ECS) extension to differentiate user-defined locations without needing regional domains, consequently reducing the number of Access Control Entries (ACEs) required by security appliances.
|Original language||American English|
|Title of host publication||ANRW 2023 - Proceedings of the 2023 Applied Networking Research Workshop|
|Publisher||Association for Computing Machinery, Inc|
|Number of pages||6|
|State||Published - 24 Jul 2023|
|Event||2023 Applied Networking Research Workshop, ANRW 2023 - San Francisco, United States|
Duration: 24 Jul 2023 → …
|Name||ANRW 2023 - Proceedings of the 2023 Applied Networking Research Workshop|
|Conference||2023 Applied Networking Research Workshop, ANRW 2023|
|Period||24/07/23 → …|
Bibliographical noteFunding Information:
This work is partly supported by the Israeli Innovation Authority. The authors would like to thank also Eliot Lear and Michael Richardson for the useful discussions, specifically on the implications for the MUD framework.
© 2023 Association for Computing Machinery.