Automated XIoT device management GoldenPath
Michael Maymann
m at maymann.com
Thu Jun 15 21:08:46 UTC 2023
Hi list,
first Q, so please be nice ;)
If I am in the wrong list, please just let me know where to ask :)
I am in the process of figuring out the architecture of how to
automate XIoT device management best possible, and thought the
following functionality in Radius would be a good approach.
Are these something that is already supported in FreeRadius?
Suggestions for better alternatives or guides/links on how to best
achieve this are much appreciated :)
"ZeroConf" XIoT info:
- [MUD](https://datatracker.ietf.org/doc/rfc8520) retrieval (-> asset
management system -> XIoTType ACL creation/approval -> provisioning)
- [SBOM](https://cyclonedx.org/specification/overview) retrieval (->
asset management system -> continuous lightweight vulnerability
scanning -> proactive compromisation actions)
ZeroTrust XIoT PNAC 802.1x EAP-TLS authentication:
- [FDO](https://github.com/fido-device-onboard)
- [KeyLime](https://github.com/keylime)
- [Akri](https://github.com/project-akri/akri)
ZeroTouch XIoT provisioning:
- [AWS IoT Greengrass](https://github.com/aws-greengrass)
- [Tinkerbell](https://github.com/tinkerbell/proposals/issues/66)
Thanks in advance :)
Br.
Michael
More information about the Freeradius-Users
mailing list