This document was published by the Web of Things Working Group asĪ Working Group Note. Please contribute to this draft using the ![]() Security aspects of the WoT specification are defined in theĬorresponding normative WoT documents for each WoT building ![]() On the best available practices in the industry, this documentĬontains informative statements only. Particular, while we provide examples and recommendations based Security mechanisms that can be used to secure a WoT System. It is not the intention of this document to limit the set of Order to facilitate understanding of why they are needed. All recommendations are linked to theĬorresponding WoT threats in the generic WoT threat model in More general suggestions for the design and deployment of a Home, enterprise, and industrial use cases. We provide several examples using common scenarios based on ![]() Security objectives for a concrete WoT System implementation. Using this generic WoT threat modelįor guidance, it should be possible to select a specific set of The WoT threat modelĭefines the main security stakeholders, security-relevantĪssets, possible attackers, attack surfaces, and finally Things (WoT) System using a threat model. We define the general security requirements for a Web of Has its own unique assets, such as a Scripting API and Thingĭescriptions, that need to be protected and also have security Support the security models and mechanisms of the systems itĭescribes, not introduce new ones. The Web of Things isĭescriptive, not prescriptive, and so is generally designed to This document provides non-normative guidance on Web of The GitHub repository Repository: We are on ![]() November 2019 This version: Latest published version: Latest editor's draft: Previous version: Editors: Elena Reshetova ( Intel Corp.) Security and Privacy Guidelines W3C Working
0 Comments
Leave a Reply. |