This document should act as a checklist in the supplier agreements between IoT Service Providers and their Network Operator partner(s).
The scope of the document is limited to:
This document is not intended to create new IoT specifications or standards, but will refer to currently available solutions, standards and best practice.
This document is not intended to accelerate the obsolescence of existing IoT Services.
Backwards compatibility with the Network Operator’s existing IoT Services should be maintained when they are considered to be adequately secured.
This document does not address the security issues associated with the interfaces and APIs implemented on the IoT Service Platform (or IoT Connectivity Management Platform) in order for the IoT Service Platform to share its data with end users (for example to share data with an end user via a smartphone or PC application) or other entities within the ecosystem.
Such interfaces and APIs shall be secured using ‘best practice’ internet security technologies and protocols. It is noted that adherence to national laws and regulations for a particular territory may, where necessary, overrule the guidelines stated in this document.