Discussion about Use Case and Architecture in Developer Guide

Slides:



Advertisements
Similar presentations
SEC Clarification Group Name: WG4 (SEC-2014-xxxx) Decision  Meeting Date: Discussion  Source: OBERTHUR Technologies Information  Contact:
Advertisements

Access Control Mechanism for User Group Name: SEC WG Source: Seongyoon Kim, LG Electronics, Meeting Date: Agenda Item:
A Java Architecture for the Internet of Things Noel Poore, Architect Pete St. Pierre, Product Manager Java Platform Group, Internet of Things September.
Service Layer Session Management Group Name: WG2-ARC Source: IDCC, LGE, ZTE Meeting Date: TP16 Agenda Item:
Device Management using mgmtCmd resource Group Name: WG2/WG5 Source: InterDigital Communications Meeting Date: Agenda Item: TBD.
OneM2M-ARC Service_examples_and_evolution Service examples and evolution Group Name: WG2 Source: Philip Jacobs, Cisco Systems,
oneM2M-OIC Interworking Technical Comparison
Step by step approach Group Name: WG2
Draft-qi-i2nsf-access-network- usecase-00 Author: Minpeng Qi, Xiaojun Zhuang.
In-Band Access Control Framework Group Name: WG4 SEC Source: Qualcomm Meeting Date: Agenda Item:
End-to-End security definition Group Name: SEC WG4 Source: Phil Hawkes, Qualcomm, Meeting Date:
Application Policy on Network Functions (APONF) G. Karagiannis and T.Tsou 1.
Authorization for IoT Group Name: oneM2M SEC WG Source: Francois Ennesser, Gemalto NV Meeting Date: Agenda Item:
In-Band Access Control Framework Group Name: WG4 SEC Source: Qualcomm Meeting Date: Agenda Item:
TS0001 Identifiers way forward Group Name: WG2 Source: Elloumi, Foti, Scarrone, Lu (tbc), Jeong (tbc) Meeting Date: Agenda Item: ARC11/PRO11.
WG1 status report to TP#17 Group Name: oneM2M TP17 Source: Shelby Kiewel (iconectiv) Meeting Date: to Agenda Item: TP#17, Item 10.3,
Work Group / Work Item Proposal Slide 1 © 2012 oneM2M Partners oneM2M-TP oneM2M_Work_Group_Work_Item_Proposal Group name: Technical Plenary Source:
Supporting long polling Group Name: ARC WG Source: SeungMyeong, LG Electronics, Meeting Date: x-xx Agenda Item: TBD.
Proposal for WG3 & WG5 work area split
Access Control Status Report Group Name: ARC/SEC Source: Dragan Vujcic, Oberthur Technologies, Meeting Date: 09/12/2013 Agenda Item:
Step by step approach Group Name: WG2 Source: Michael hs. Yang, LG uplus, Jaeseung Song, NEC Europe, Meeting.
Status Report on Access TP8 Group Name: WG2 Decision  Meeting Date: Discussion  Source: OBERTHUR Technologies Information  Contact:
Node-Specific Resource Group Name: ARC&MAS Source: LGE, Meeting Date: Agenda Item: Contribution.
Introducing WI Proposal about Authorization Architecture and Policy Group Name: WG4 Source: Wei Zhou, Datang, Meeting Date: Agenda Item:
Introducing WI Proposal about Authorization Architecture and Policy Group Name: WG4 Source: Wei Zhou, Datang, Meeting Date: Agenda Item:
Interworking with an External Dynamic Authorization System Group Name: SEC WG Source: Qualcomm Inc., Wolfgang Granzow & Phil Hawkes Meeting Date: SEC#20.2,
Access Control Status Report Group Name: ARC/SEC Source: Dragan Vujcic, Oberthur Technologies, Meeting Date: 09/12/2013 Agenda Item:
OIC INTERWORKING OPERATIONAL PROCEDURE (ADDRESSING AND DISCOVERY) Group Name: Architecture WG Source: Kiran Vedula, Samsung Electronics,
LWM2M Interworking Group Name: Architecture
M2M Service Session Management (SSM) CSF
M2M Service Subscription Profile Discussion Group Name: oneM2M TP #19.2 Source: LG Electronics Meeting Date: Agenda Item:
Introducing Event handler Group Name: SEC & ARC Source: FUJITSU Meeting Date: Agenda Item: Device Configuration.
Discussion about RESTful Admin API Group Name: SEC & ARC Source: FUJITSU Meeting Date: Agenda Item: Device Configuration.
Security API discussion Group Name: SEC Source: Shingo Fujimoto, FUJITSU Meeting Date: Agenda Item: Security API.
M2M Service Layer – DM Server Security Group Name: OMA-BBF-oneM2M Adhoc Source: Timothy Carey, Meeting Date:
SEC #11 WG4 Status & Release 1 Outlook Group Name: Source:,, Meeting Date: Agenda Item:
Status of Active Work Items Level of Completeness Group Name: WPM Source: Roland Hechwartner, WPM Convenor Updated:
Attribute-level access control Group Name: ARC WG Source: Yuan Tao, Mitch Tseng, Huawei Technologies Meeting Date: ARC 16 Agenda Item: TBD.
Clarification of Access Control Mechanism on Rel-1 & Rel-2 Group Name: SEC ( ARC & PRO for information) Source: FUJITSU Meeting Date: Agenda.
Authorization Architecture Discussion Group Name: SEC WG Source: Seongyoon Kim, LG Electronics, Meeting Date: 28 MAY, 2014 Agenda.
Consideration Security Issues on Registration Group Name: WG4 (SEC) Source: Shingo Fujimoto, FUJITSU, Meeting Date:
DM Collaboration – OMA & BBF: Deployment Scenarios Group Name: WG5 - MAS Source: Tim Carey, ALU, Meeting Date:
Directions for Release 3 Group Name: SEC Source: NEC Europe Ltd. Meeting Date: SEC22, Agenda Item: Discuss directions.
Specifying the Address of Management Client of Managed Entity Group Name: ARC Source: Hongbeom Ahn, SK Telecom, Meeting Date: TP#21 Agenda.
Interworking with an External Dynamic Authorization System Group Name: SEC WG Source: Qualcomm Inc., Wolfgang Granzow & Phil Hawkes Meeting Date: SEC#20.1,
What is oneM2M? 2 Covers: Requirements Architecture API specifications Security Interoperability Facilitate, implement and promote IoT.
FUCTIONAL ARCHITECTURE FOR OIC INTERWORKING Group Name: Architecture WG Source: Jinhyeock Choi, Samsung Electronics,
Background Data Transfer
Resource subscription using DDS in oneM2M
[authenticationProfile] <mgmtObj> specialization
CSE Retargeting to AE, IPE, and NoDN Hosted Resources
CSE Retargeting to AE, IPE, and NoDN Hosted Resources
End-to-End Security for Primitives
SAML New Features and Standardization Status
Possible options of using DDS in oneM2M
SaaS Application Deep Dive
MAF&MEF Interface Specification discussion of the next steps
WPM ad-hoc group report TP#25
Considering issues regarding handling token
Overview of E2E Security CRs
Advanced Security Architecture System Engineer Cisco: practice-questions.html.
Service Layer Dynamic Authorization [SLDA]
Release2 Workshop in Tokyo
Discussion on the Scope of TR- Trust Management in oneM2M
KMIP Entity Object and Client Registration
Securing the Internet of Things: Key Insights and Best Practices Across the Industry Theresa Bui Revon IoT Cloud Strategy.
3GPP V2X Interworking Potential Impact
IEEE MEDIA INDEPENDENT HANDOVER
Summary of the MAF and MEF Interface Specification TS-0032
Platform Architecture
Presentation transcript:

Discussion about Use Case and Architecture in Developer Guide Group Name: WG4 SEC Source: Norihiro Okui, KDDI, no-okui@kddi.com Meeting Date: 2017-01-11 Agenda Item: <agenda item topic name>

Security Functions Authentication Secure Communication Authorization TLS Handshake MAF Secure Communication SAEF ES Prim & ES Data TLS Authorization Access Control Policy Dynamic Authorization

Use Case (Overview) Extended version of Application Developer Guide (TR-0025) Home Device Management Privacy Policy Manager 3rd party service provider Cloud Service Platform Home Gateway Light #1 Light #2

Use Case(from TR-0025) The lights are deployed in a home and are attached to a home gateway. The home gateway communicates with a cloud service platform allowing the lights to be controlled remotely by the smartphone. The cloud service platform supports a set of services to enable the smartphone to more easily control the lights in the home. Some examples of services include registration, discovery, data management, group management, subscription/notification etc The smartphone hosts an application used to remotely control the lights in the home and supports the following capabilities: Discovery of lights deployed in the home. Sending commands to change light states i.e. ON and OFF. Retrieval of light states.

Additional Use Case 3rd Party requests status of lights to improve their service. From status of lights, service provider can distinguish that a user is in home or not. Delivery service provider can deliver efficiently Privacy risk Status of lights is one of personal data Privacy Policy Manager (PPM) manages access controls for personal data. PPM is defined Dynamic Authorization Server in oneM2M Release2

Architecture Privacy Policy Manager 3rd party service provider IN-AE-2 Privacy Policy Manager 3rd party service provider IN-AE-3 IN-CSE Cloud Service Platform MN-AE MN-CSE Home Gateway IN-AE-1 AND-AE-1 AND-AE-2 Light #1 Light #2

Authentication Each entity should be authenticate each other. Privacy Policy Manager 3rd party service provider Cloud Service Platform Home Gateway Light #1 Light #2

Authorization Case Case 1 Case 2 Home Gateway stores status of lights Cloud Service Platform stores status of lights

Authorization (Case1) Privacy Policy Manager 3rd party service provider Evaluate ACPs in Home Gateway and make access decision Cloud Service Platform Home Gateway Update status of light Home Gateway stores status of each lights Light #1 Light #2

Dynamic Authorization(Case1) Privacy Policy Manager Issue a Token or DynamicACPinfo 3rd party service provider Request access control decision Cloud Service Platform Home Gateway Retrieve status of light Light #1 Light #2

Authorization (Case2) Evaluate ACPs in Home Gateway and make access decision Privacy Policy Manager 3rd party service provider Cloud Service Platform stores status of each lights Cloud Service Platform Home Gateway Update status of light Light #1 Light #2

Dynamic Authorization(Case2) Retrieve status of light Privacy Policy Manager Issue a Token or DynamicACPinfo 3rd party service provider Cloud Service Platform Request access control decision Home Gateway Light #1 Light #2

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.