Recommendation ITU-T X.1364 analyses potential deployment schemes and typical application scenarios for narrowband Internet of things (NB-IoT). It specifies security threats and requirements specific to the NB-IoT deployments and establishes a security framework for the operator to safeguard new NB-IoT technology applications. Current developments in telecommunication technology in the mobile communication domain, are leading to changes in communication patterns from person-to-person to person-to-thing and thing-to-thing, making inevitable the evolution to the Internet of things. Compared to short distance communication technologies such as Bluetooth, ZigBee and others, cellular mobile networks characterized by wide coverage, mobility and extensive connections that bring richer application scenarios will become the main interconnection technology of IoT. NB-IoT is based on cellular mobile network technology, using a bandwidth of approximately only 180 KHz. It may be deployed on global system for mobile communication (GSM) networks, universal mobile telecommunications system (UMTS) networks or long-term evolution (LTE) networks directly to reduce costs and achieve a smooth upgrade. Based on its low power dissipation, wide coverage, low cost and high capacity, NB-IoT is expected to be massively adopted by operators with wide application in multiple vertical industries. As a new technology, NB-IoT has its own characteristics that may bring new security issues. In order to ensure security of NB-IoT deployments and applications, security threats and relevant security requirements specific to NB-IoT need to be analysed and an overall security framework for NB-IoT needs to be established.