Presentation is loading. Please wait.

Presentation is loading. Please wait.

Authorization Architecture Discussion Group Name: SEC WG Source: Seongyoon Kim, LG Electronics, Meeting Date: 28 MAY, 2014 Agenda.

Published byMaurice Mitchell Modified over 8 years ago

Similar presentations

Presentation on theme: "Authorization Architecture Discussion Group Name: SEC WG Source: Seongyoon Kim, LG Electronics, Meeting Date: 28 MAY, 2014 Agenda."— Presentation transcript:

1 Authorization Architecture Discussion Group Name: SEC WG Source: Seongyoon Kim, LG Electronics, seongyoon.kim@lge.com Meeting Date: 28 MAY, 2014 Agenda Item: TBD

2 Introduction Discussion on PIP, PAP and PDP Whether it is possible them to be the same entity © 2013 oneM2M Partners 2

3 Current SEC Specification © 2013 oneM2M Partners 3 We decided not to separate PIP, PAP and PDP. “NOTE: Release 1 does not support separation of PAP and PIP on different CSE from PDP.” However, Through my observation in ARC TS and SEC contribution, it is not feasible.

4 PIP Case © 2013 oneM2M Partners 4 In description of accessControlPolicyIDs attribute “If a resource type does have an accessControlPolicyIDs attribute definition, but the (optional) accessControlPolicyIDs attribute is not set, or it is set to a value that does not correspond to a valid, existing resource, or it refers to an resource that is not reachable (e.g. because it is located on a remote CSE that is offline or not reachable), then the system default access permissions shall apply.”  ARC TS considers the separation of PDP and PIP.

5 PAP Case © 2013 oneM2M Partners 5 Due to Location contexts, PDP need to retrieve location information of originator.  separation of PDP and PAP happens Location Hosting CSE (PAP) PDP AE (Originator) PEP Request Access Control Decision Request Location Request Access Control Decision Response Response

6 Summary © 2013 oneM2M Partners 6 PDP, PIP, and PAP need to be separated. We need to remove the limit “NOTE: Release 1 does not support separation of PAP and PIP on different CSE from PDP.”

7 PEP = PDP Discussion © 2013 oneM2M Partners 7 The fact that PEP and PDP are in the same point is very obvious. Hosting CSE works as PEP and PDP Hosting CSE gets all the needed information (e.g., access control policy, m2m service subscription, attributes of originator, etc.) Hosting CSE make access control decision

8 PEP != PDP Discussion © 2013 oneM2M Partners 8 PEP and PDP are separated As I mentioned in previous pages, PDP may not be PIP and PAP. Then who is PDP when PEP and PDP are separated? Always IN-CSE?

9 Conclusion © 2013 oneM2M Partners 9 PDP may not work as PIP and PAP Who is PDP, when PDP and PEP are separated, needs further discussion

Download ppt "Authorization Architecture Discussion Group Name: SEC WG Source: Seongyoon Kim, LG Electronics, Meeting Date: 28 MAY, 2014 Agenda."

Similar presentations

Access Control Mechanism Discussion

Access Control Mechanism Discussion
CMDH Refinement Contribution: oneM2M-ARC-0397

CMDH Refinement Contribution: oneM2M-ARC-0397
SEC Clarification Group Name: WG4 (SEC-2014-xxxx) Decision  Meeting Date: 2014-05-07 Discussion  Source: OBERTHUR Technologies Information  Contact:

SEC Clarification Group Name: WG4 (SEC-2014-xxxx) Decision  Meeting Date: Discussion  Source: OBERTHUR Technologies Information  Contact:
Summary on the M2M CMDH Policies Management Object (MCMDHMO)

Summary on the M2M CMDH Policies Management Object (MCMDHMO)
Is a Node or not Node? ARC-2014-1194-Node_resolution Group Name: ARC Source: Barbara Pareglio, NEC, Meeting Date: ARC#9.1 Agenda.

Is a Node or not Node? ARC Node_resolution Group Name: ARC Source: Barbara Pareglio, NEC, Meeting Date: ARC#9.1 Agenda.
Access Control Mechanism for User Group Name: SEC WG Source: Seongyoon Kim, LG Electronics, Meeting Date: 2013-12-9 Agenda Item:

Access Control Mechanism for User Group Name: SEC WG Source: Seongyoon Kim, LG Electronics, Meeting Date: Agenda Item:
Problem of Current Notification Group Name: ARC WG Source: Heedong Choi, LG Electronics, Meeting Date: ARC 9.0 Agenda Item: TBD.

Problem of Current Notification Group Name: ARC WG Source: Heedong Choi, LG Electronics, Meeting Date: ARC 9.0 Agenda Item: TBD.
Problem of non-Blocking Synchronous mode Group Name: ARC WG Source: Yuan Tao, Mitch Tseng, Huawei Technologies Meeting Date: ARC 15.0 Agenda Item: TBD.

Problem of non-Blocking Synchronous mode Group Name: ARC WG Source: Yuan Tao, Mitch Tseng, Huawei Technologies Meeting Date: ARC 15.0 Agenda Item: TBD.
Method of Converting Resource definitions into XSD Group Name: WG3 (PRO) Source: Shingo Fujimoto, FUJITSU, Meeting Date:

Method of Converting Resource definitions into XSD Group Name: WG3 (PRO) Source: Shingo Fujimoto, FUJITSU, Meeting Date:
Resource Announcement Procedures Group Name: WG2 Source: Rajesh Bhalla, Hao Wu - ZTE Meeting Date: 2014-03-20 Agenda Item: TBD.

Resource Announcement Procedures Group Name: WG2 Source: Rajesh Bhalla, Hao Wu - ZTE Meeting Date: Agenda Item: TBD.
2-levels Access control for HTTP binding Group Name: WG4 (& WG2/WG3 for information) Source: Shingo Fujimoto, FUJITSU, Meeting.

2-levels Access control for HTTP binding Group Name: WG4 (& WG2/WG3 for information) Source: Shingo Fujimoto, FUJITSU, Meeting.
Thoughts on oneM2M resource tree Group Name: WG2 Architecture at TP#7 (Sophia, October 2013) Source: Nicolas Damour, Sierra Wireless

Thoughts on oneM2M resource tree Group Name: WG2 Architecture at TP#7 (Sophia, October 2013) Source: Nicolas Damour, Sierra Wireless
In-Band Access Control Framework Group Name: WG4 SEC Source: Qualcomm Meeting Date: 2013-11-19 Agenda Item:

In-Band Access Control Framework Group Name: WG4 SEC Source: Qualcomm Meeting Date: Agenda Item:
Announcement Resources ARC-2014-1255-Announcement_Issues Group Name: WG2 Source: Barbara Pareglio, NEC Meeting Date: 2014-04-07 Agenda Item: Input Contribution.

Announcement Resources ARC Announcement_Issues Group Name: WG2 Source: Barbara Pareglio, NEC Meeting Date: Agenda Item: Input Contribution.
Introduction of PRO WG activities Group Name: TP Source: Shingo Fujimoto, FUJITSU, Meeting Date: 2015-03-25 Agenda Item:

Introduction of PRO WG activities Group Name: TP Source: Shingo Fujimoto, FUJITSU, Meeting Date: Agenda Item:
End-to-End security definition Group Name: SEC WG4 Source: Phil Hawkes, Qualcomm, Meeting Date: 2015-05-18.

End-to-End security definition Group Name: SEC WG4 Source: Phil Hawkes, Qualcomm, Meeting Date:
PRO-2014-0516R01-URI_mapping_discussion Discussion on URI mapping in protocol context Group Name: PRO and ARC Source: Shingo Fujimoto, FUJITSU,

PRO R01-URI_mapping_discussion Discussion on URI mapping in protocol context Group Name: PRO and ARC Source: Shingo Fujimoto, FUJITSU,
3GPP Rel-13 Interworking discussions

3GPP Rel-13 Interworking discussions
In-Band Access Control Framework Group Name: WG4 SEC Source: Qualcomm Meeting Date: 2013-11-26 Agenda Item:

In-Band Access Control Framework Group Name: WG4 SEC Source: Qualcomm Meeting Date: Agenda Item:
Answer the Questions Regarding Pending Issues on Access Control Group Name: WG4 SEC Source: LG Electronics Meeting Date: 2014-07-15 Agenda Item: SEC#11.4.

Answer the Questions Regarding Pending Issues on Access Control Group Name: WG4 SEC Source: LG Electronics Meeting Date: Agenda Item: SEC#11.4.

Similar presentations

Ads by Google