| IoT devices exchange data with remote services hosted on the Internet and locate these services via the DNS protocol. They operate across two ecosystems: the DNS (and its resolver operators, authoritative name server operators, and domain registration providers) and the IoT (and its device manufacturers, device operators, and remote service providers). IoT deployments introduce new security, availability, and transparency requirements because they interact with physical space, providing an opportunity for the DNS because it is a globally pervasive infrastructure.<ref>[https://www.caida.org/catalog/papers/2020_dns_in_iot/dns_in_iot.pdf The DNS in IoT, Caida, December 2020]</ref> But, IoT devices also present major risks. IoT device engineers may use the DNS naively to operate their applications or misconfigure resolvers to accept DNS queries from anyone, overwhelming the DNS. Or [[threat Actor|threat actors]] can intentionally use IoT devices as a platform for large-scale [[DDoS Attack]]s.<ref>[https://www.dnsfilter.com/blog/dns-security-internet-of-things#:~:text=IoT%20and%20DDoS,for%20network%20availability%2C%20for%20example. DNS Security and the IoT, DNS Filter Blog]</ref> | | IoT devices exchange data with remote services hosted on the Internet and locate these services via the DNS protocol. They operate across two ecosystems: the DNS (and its resolver operators, authoritative name server operators, and domain registration providers) and the IoT (and its device manufacturers, device operators, and remote service providers). IoT deployments introduce new security, availability, and transparency requirements because they interact with physical space, providing an opportunity for the DNS because it is a globally pervasive infrastructure.<ref>[https://www.caida.org/catalog/papers/2020_dns_in_iot/dns_in_iot.pdf The DNS in IoT, Caida, December 2020]</ref> But, IoT devices also present major risks. IoT device engineers may use the DNS naively to operate their applications or misconfigure resolvers to accept DNS queries from anyone, overwhelming the DNS. Or [[threat Actor|threat actors]] can intentionally use IoT devices as a platform for large-scale [[DDoS Attack]]s.<ref>[https://www.dnsfilter.com/blog/dns-security-internet-of-things#:~:text=IoT%20and%20DDoS,for%20network%20availability%2C%20for%20example. DNS Security and the IoT, DNS Filter Blog]</ref> |
− | The IoT operates outside [[ICANN]]'s remit. In SAC105, the SSAC explained that the IoT differs greatly from traditional Internet applications such as email and [[web]] browsing, but ultimately a significant number of IoT deployments will use the [[DNS]] to locate remote services to enable telemetry data transmission and collection for monitoring and analysis of sensor data.<ref>[https://www.icann.org/en/system/files/files/sac-105-en.pdf SAC105, SSAC, ICANN]</ref> The publication recommends: | + | The IoT operates outside [[ICANN]]'s remit. In SAC105, the SSAC explained that the IoT differs greatly from traditional Internet applications such as email and [[Web Evolution|web browsing]], but ultimately a significant number of IoT deployments will use the [[DNS]] to locate remote services to enable telemetry data transmission and collection for monitoring and analysis of sensor data.<ref>[https://www.icann.org/en/system/files/files/sac-105-en.pdf SAC105, SSAC, ICANN]</ref> The publication recommends: |