Smart Card Guy

Smart Card, Java Card, PCI DSS, IoT Device Security

各国・標準化団体のIoTデバイスのセキュリティ関連仕様・法整備 - 総務省 / ETSI (2019/04時点)

概要

  • 各国・標準化団体のIoTデバイスのセキュリティ関連仕様・法整備

日本 - 総務省

GSMA

Europe - ETSI

ETSI TS 103 645の基本要件

Chap 4 Cyber security provisions for consumer IoTで下記の項目を言及

  • 4.1 No universal default passwords
  • 4.2 Implement a means to manage reports of vulnerabilities
  • 4.3 Keep software updated
  • 4.4 Securely store credentials and security-sensitive data
  • 4.5 Communicate securely
  • 4.6 Minimize exposed attack surfaces
  • 4.7 Ensure software integrity
  • 4.8 Ensure that personal data is protected
  • 4.9 Make systems resilient to outages
  • 4.10 Examine system telemetry data
  • 4.11 Make it easy for consumers to delete personal data
  • 4.12 Make installation and maintenance of devices easy
  • 4.13 Validate input data

その他リンク