Abstract
We explore the impact of device location on the communication endpoints of IoT devices within the context of Manufacturer Usage Description (MUD), an IETF security framework for IoT devices. Two types of device location are considered: IP-based location, which corresponds to the physical location of the device based on its IP address; and user-defined location, which is chosen during device registration. Our findings show that IP-based location barely affects the domain set with which IoT devices interact. Conversely, user-defined location drastically changes this set, mainly through region-specific domains that embody location identifiers selected by the user at registration. We examine these findings’ effects on creating MUD file tools and IoT device identification. As MUD files rely on domain allowlists, we show that security appliances supporting MUD need to manage a significantly larger number of MUD rules than initially anticipated. To address this challenge, we leverage EDNS Client Subnet (ECS) extension to differentiate user-defined locations without needing regional domains, consequently reducing the number of Access Control Entries (ACEs) required by security appliances.
Original language | English |
---|---|
Title of host publication | ANRW 2023 - Proceedings of the 2023 Applied Networking Research Workshop |
Publisher | Association for Computing Machinery, Inc |
Pages | 18-23 |
Number of pages | 6 |
ISBN (Electronic) | 9798400702747 |
DOIs | |
State | Published - 24 Jul 2023 |
Event | 2023 Applied Networking Research Workshop, ANRW 2023 - San Francisco, United States Duration: 24 Jul 2023 → … |
Publication series
Name | ANRW 2023 - Proceedings of the 2023 Applied Networking Research Workshop |
---|
Conference
Conference | 2023 Applied Networking Research Workshop, ANRW 2023 |
---|---|
Country/Territory | United States |
City | San Francisco |
Period | 24/07/23 → … |
Bibliographical note
Publisher Copyright:© 2023 Association for Computing Machinery.