M2M Service Session Management (SSM) CSF

Slides:



Advertisements
Similar presentations
A global Service layer platform for M2M communications
Advertisements

CMDH Refinement Contribution: oneM2M-ARC-0397
SEC Clarification Group Name: WG4 (SEC-2014-xxxx) Decision  Meeting Date: Discussion  Source: OBERTHUR Technologies Information  Contact:
Summary on the M2M CMDH Policies Management Object (MCMDHMO)
Is a Node or not Node? ARC Node_resolution Group Name: ARC Source: Barbara Pareglio, NEC, Meeting Date: ARC#9.1 Agenda.
Problem of Current Notification Group Name: ARC WG Source: Heedong Choi, LG Electronics, Meeting Date: ARC 9.0 Agenda Item: TBD.
Service Layer Session Management Group Name: WG2-ARC Source: IDCC, LGE, ZTE Meeting Date: TP16 Agenda Item:
Device Management using mgmtCmd resource
Device Management using mgmtCmd resource Group Name: WG2/WG5 Source: InterDigital Communications Meeting Date: Agenda Item: TBD.
OneM2M-ARC Service_examples_and_evolution Service examples and evolution Group Name: WG2 Source: Philip Jacobs, Cisco Systems,
Multi-Link Devices Group Name: WG1 Source: Kaonmedia, KETI Contact: Hwang Kwang Tae Yong-Suk Park
RoA and SoA Integration for Message Brokers Group Name: WG2-ARC Source: ALU Meeting Date: Agenda Item:
Mechanism to support establishment of charging policies Group Name: WG2-ARC Source: InterDigital Meeting Date: TP8 Agenda Item:
2-levels Access control for HTTP binding Group Name: WG4 (& WG2/WG3 for information) Source: Shingo Fujimoto, FUJITSU, Meeting.
CMDH Policies Contribution: ARC R03-CMDH_Policies.ppt Source: Josef Blanz, Qualcomm UK, Hongbeom Ahn, LG Electronics,
App-ID Use Cases, Syntax and Attributes SEC App-ID_Use_Cases,_Syntax_and_Attributes Group Name: Architecture Source: Darold Hemphill, iconectiv,
oneM2M-OIC Interworking Technical Comparison
Common Service Entities
Step by step approach Group Name: WG2
Session Initiation Protocol (SIP). What is SIP? An application-layer protocol A control (signaling) protocol.
An Operators Input for oneM2M Baseline  Group name: TP#2/WG1  Source: DTAG, Vodafone Group  Meeting Date:  Agenda Item: WG1 agenda item.
In-Band Access Control Framework Group Name: WG4 SEC Source: Qualcomm Meeting Date: Agenda Item:
End-to-End security definition Group Name: SEC WG4 Source: Phil Hawkes, Qualcomm, Meeting Date:
PRO R01-URI_mapping_discussion Discussion on URI mapping in protocol context Group Name: PRO and ARC Source: Shingo Fujimoto, FUJITSU,
3GPP Rel-13 Interworking discussions
In-Band Access Control Framework Group Name: WG4 SEC Source: Qualcomm Meeting Date: Agenda Item:
Management of CMDH Policies Group Name: WG5-MAS Source: Wolfgang Granzow, Qualcomm, Meeting Date: Agenda Item: Management.
SOA-39: Securing Your SOA Francois Martel Principal Solution Engineer Mitigating Security Risks of a De-coupled Infrastructure.
Usage Scenarios for CSE Group Name: WG2(ARC-WG) Source: Shingo Meeting Date: Agenda Item: Message.
Architectural Principles for Services Group Name: WG2- ARC Source: Tim Carey, ALU, Meeting Date: Agenda Item:
Step by step approach Group Name: WG2 Source: Michael hs. Yang, LG uplus, Jaeseung Song, NEC Europe, Meeting.
Status Report on Access TP8 Group Name: WG2 Decision  Meeting Date: Discussion  Source: OBERTHUR Technologies Information  Contact:
Node-Specific Resource Group Name: ARC&MAS Source: LGE, Meeting Date: Agenda Item: Contribution.
Primitive End-to-End Security Requirements Group Name: SEC WG4 Source: Phil Hawkes, Qualcomm, Meeting.
Matching Resources with CSFs Group Name: WG2 (ARC) Source: Hongbeom Ahn, LG Electronics, Meeting Date:
Device Management using mgmtCmd resource Group Name: WG2/WG5 Source: InterDigital Communications Meeting Date: Agenda Item: TBD.
© Drexel University Software Engineering Research Group (SERG) 1 The OASIS SOA Reference Model Brian Mitchell.
Process for Documenting Resources related services and Alignment with Service Components Group Name: WG2-ARC-( ) Source: Ericsson Meeting Date:
E2EKey Resource Group Name: SEC WG Source: Qualcomm Inc., Wolfgang Granzow & Phil Hawkes Meeting Date: SEC#20.3, Agenda Item: End-to-End Security.
Routing Problem of the Current Architecture Group Name: ARC Source: Hongbeom Ahn, LG Electronics, Meeting Date: Agenda.
App and Management End- to-End Security Requirements Group Name: SEC WG4 Source: Phil Hawkes, Qualcomm,
Slide 1 2/22/2016 Policy-Based Management With SNMP SNMPCONF Working Group - Interim Meeting May 2000 Jon Saperia.
Security API discussion Group Name: SEC Source: Shingo Fujimoto, FUJITSU Meeting Date: Agenda Item: Security API.
M2M Service Layer – DM Server Security Group Name: OMA-BBF-oneM2M Adhoc Source: Timothy Carey, Meeting Date:
Streaming Session Support in oneM2M Framework Group Name: WG2 Source: George Foti, Ericsson Meeting Date: Work Item :WI GPP_Rel13_IWK.
3GPP SCEF Interworking Discussions
M2M Service Session Management (SSM) CSF Group Name: WG2-ARC Source: IDCC, LGE, ZTE Meeting Date: TP8 Agenda Item:
Adding Non-blocking Requests Contribution: oneM2M-ARC-0441R01R01 Source: Josef Blanz, Qualcomm UK, Meeting Date: ARC 7.0,
Draft way Forward on Access Control Model and associated Terminology Group Name: SEC Source: Dragan Vujcic, Oberthur Technologies,
CMDH and Policies Contribution: oneM2M-ARC-0603
Subscription and Notification Issue Group Name: WG2 Source: Qi Yu, Mitch Tseng- Huawei Technologies, Co. LTD. Meeting Date: ~23 Agenda Item:
1 Overview of the Hub Concept & Prototype for Secure Method of Information Exchange (SMIE) April 2013 Prepared by NZ & USA.
Consideration Security Issues on Registration Group Name: WG4 (SEC) Source: Shingo Fujimoto, FUJITSU, Meeting Date:
Reasons for CSF Clean-up (Issues & Next Steps) Group Name: WG2 Source: Syed Husain – NTT DOCOMO Meeting Date: (ARC_9.3) Agenda Item: 6 DOC#:
DM Collaboration – OMA & BBF: Deployment Scenarios Group Name: WG5 - MAS Source: Tim Carey, ALU, Meeting Date:
Omniran CF00 1 Key Concepts of Association and Disassociation Date: Authors: NameAffiliationPhone Max RiegelNokia
Introduction to Service Session Management Group Name: WG2-ARC Source: IDCC, LGE, ZTE Meeting Date: TP8 Agenda Item:
Possible options of using DDS in oneM2M Group Name: ARC Source: KETI, Huawei, Hitachi, China Unicom Meeting Date: Agenda Item: DDS binding.
Specifying the Address of Management Client of Managed Entity Group Name: ARC Source: Hongbeom Ahn, SK Telecom, Meeting Date: TP#21 Agenda.
CSE Retargeting to AE, IPE, and NoDN Hosted Resources
CSE Retargeting to AE, IPE, and NoDN Hosted Resources
Possible options of using DDS in oneM2M
MAF&MEF Interface Specification discussion of the next steps
Federated IdM Across Heterogeneous Clouding Environment
Proximal IoT Interworking solution discussion
Considering issues regarding handling token
CMDH Refinement Contribution: oneM2M-ARC-0397R01
CMDH Policies Contribution: ARC-2014-xxxx
Service Layer Dynamic Authorization [SLDA]
3GPP V2X Interworking Potential Impact
Presentation transcript:

M2M Service Session Management (SSM) CSF Group Name: WG2-ARC Source: IDCC, LGE, ZTE Meeting Date: Agenda Item: CSF Definitions

Outline M2M Service Session Requirements Definition of M2M Service Session M2M Service Session Use Case Examples Role of M2M Service Session Management (SSM) CSF Describe SSM CSF capabilities Describe relationship with other CSFs Show some Stage-2 message flows Show SSM resources

Requirements OSR-003 The M2M System shall support the ability to maintain M2M Session in coordination with application session for those M2M Applications that require it. OSR-004 M2M System shall support the ability to support session-less application communications for those M2M Applications that require it. CRPR-005 The M2M System shall be able to maintain context associated with M2M sessions (e.g. security context or network connectivity context during the interruption of the session). Source: oneM2M-TS-0002-Requirements-V0_6_2

Definition “M2M Session: A service layer communication relationship between endpoints managed via M2M Common Services consisting of session authentication, connection establishment/termination, transmission of information, and establishment termination of Underlying Network services” Source: oneM2M-TR-0004-Definitions_and_Acronyms-V0.2.0 + oneM2M-TP-2013-0352

Use Case #1 – Real-Time Audio/Video M2M service session endpoints AE1 and AE2 exchange real-time audio/video commands & data CSEs manage end-to-end real-time service session between AEs (e.g. establishment/termination), communication,…) Service session overlaid on top of multiple underlying network connections (i.e. for each hop) Service session is persistent w.r.t. underlying network connections CSEs use AE defined session policies to coordinate end-to-end QoS required by AE1 and AE2 CSEs collect service session context (e.g. history of prior requests) CSE can use context and also make it available to AEs Mcc Infrastructure Node Middle Node Application Service Node CSE2 CSE3 CSE1 Mca AE1 Without M2M service session, AEs lack sufficient capability to configure end-to-end communication policies and CSEs lack capability to effectively manage end-to-end communication. AE2 Mca

Use Case #2 – Real-Time & Secure Health Monitoring M2M service session endpoints AE1 and AE2 exchange real-time and secure patient vital signs CSEs manage end-to-end real-time and secure service session between AEs CSE-based registration enables securing individual single hops between CSEs and AEs Service session enables securing end-to-end multi-hop exchange of patient vital signs Traditionally, the burden of securing end-to-end communication has fallen on the AEs E.g. Over-the-top AE-based end-to-end authentication and encryption Service sessions can help offload burden from AEs while not compromising security and also enable additional value-add CSE services that are not possible with over-the-top AE-based security (data centric services such as analytics, semantics, etc) Without M2M service session, oneM2M service platform lacks services to support end-to-end security. This puts the end-to-end security burden on AEs and also limits the type of services CSEs can offer. Mcc Infrastructure Node Middle Node Application Dedicated Node CSE1 CSE2 Mca AE1 AE2 Mca

SSM CSF SSM CSF manages M2M service session establishment, communication, and termination. SSM CSF enforces service session communication policies, collects and maintains service session context, and generates service session events. Note – For use cases that do NOT require a service session, SSM CSF will not be used.

SSM CSF Capabilities Service session authentication, establishment and termination Collect and maintain service session context/history E.g. Keep history of transactions between session endpoints Manage service session policies E.g. SSM can use policies to configure CMDH on a per-session basis Manage sessions spanning multiple hops of CSEs Coordinate and distribute service session policies end-to-end to each SSM on each CSE along a multi-hop path Likewise, collect/exchange service session context end-to-end Coordinate with other CSFs to support service sessions E.g. CMDH, SEC, NSE, SCA, etc E.g. Collaborate with NSE and CMDH to manage underlying network connections and services required for end-to-end service session

Service Session Establishment AE1 CSE1 CSE2 CSE3 AE2 AE1 Registers CSE1 AE2 Registers CSE3 Request to Establish M2M Service Session (Session policies, Target endpoint(s) – ‘AE2’, Other attributes,…) FWD the Request to CSE(s) where the Target Endpoint(s) is registered Notify the Request Request to Join the M2M Service Session FWD the Join Request Determine M2M-Session-ID and Session Credentials Response (M2M-Session-ID, Session Credentials, …) Response (M2M-Session-ID, Session Credentials, …) M2M Service Session is successfully established

SSM CSF Example Middle Node Mcc Infrastructure Node CSE2 CSE1 Mca CMDH AE1 establishes service session via CSE1 and configures session communication policies, etc. AE2 joins service session via CSE2/CSE1 During this process, SSM on CSE2 is configured with session info from SSM on CSE1 AE2 sends session-based request to AE1 resources via CSE2 and CSE1 CSE1 can host AE1 resources and service requests on behalf of AE1, or CSE1 can re-target requests to resources hosted on AE1 that AE1 can service itself SSMs on CSE1 and CSE2 service requests and responses in a session-based manner E.g. SSMs collaborate with CMDHs to configure delivery parameters based on session policies Service session-based communication between AEs Middle Node Mcc Infrastructure Node Application Dedicated Node CSE2 CSE1 Mca CMDH AE1 Application Dedicated Node DMR DMR Mca AE2 SSM SSM NSE NSE

Session-Based Request M2M-Session-ID = X M2M-Request-ID = Y … Service Session-based requests can optionally be encrypted using service session-based credentials Note – Need to consult with SEC WG to further explore this. Note – Association between M2M-Session-ID and M2M-Request-ID is FFS

Relationship between SSM & CMDH CMDH CSF Supports policy-based delivery of individual M2M requests between CSEs Each request has its own independent M2M-Request-ID and delivery parameters CMDH provides communication connection controls Like ISO network model layer 4 functions SSM CSF supports policy-based delivery of a stream of session-based requests over top of CMDH policy-based delivery of individual M2M requests (CMDH provides bearer-like mechanism for SSM) Like ISO network model layer 7 functions, e.g. SIP - SSM handles the session related capabilities which is based on underlying CMDH based connections Requests from the same service session share the same M2M-Session-ID and delivery parameters. This allows SSM CSF to manage these requests in a session-based manner. SSM CSF is a customer of CMDH CSF. SSM CSF uses session-based policies to configure CMDH delivery parameters so requests are delivered in a manner that meets the session requirements. SSM also collects/maintains service session context and generates service session events based on the service session requests it services which CMDH is not able to do since it is not aware of sessions. Note - Some non-service-session based CSFs do not need SSM and can invoke CMDH directly.

Relationship between SSM & CMDH AE AE AE Mca CSE Other CSFs non-service-session based communication request service-session based communication request DMR SSM(service sessions mgmt.) Mcc CMDH (Communication Management and Delivery Handling) Mcn NSE(Underlying Network Services Entity )

Relationship With Other CSFs REG CSF REG CSF supports an AE or CSE registering to a local CSE to use its M2M services REG CSF-based registration is single-hop in nature SSM CSF supports establishing communication relationships between AEs and/or CSEs layered over top of REG CSF M2M registration(s) Service session can be multi-hop and end-to-end in nature DMR CSF SSM CSF collaborates with DMR CSF to service session based requests targeting CSE hosted resources SEC CSF SSM CSF may collaborate with SEC CSF for management of service session related security credentials and authentication of session participants NSE CSF SSM CSF may collaborate with the NGE CSF for establishment termination of Underlying Network services to support service session This may be indirectly via CMDH SCA CSF SSM CSF may share service session context and events with SCA CSF

Next Steps and Open Items Reach clear consensus on SSM concept and capabilities Based on approved use cases and requirements Reach rough consensus on SSM relationship with other CSFs Define SSM resources and procedures Open Items Detail relationship between SSM and other CSFs SSM interaction with SEC Service session credentials, authentication, encryption, threats, etc

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.