Presentation is loading. Please wait.

Presentation is loading. Please wait.

MAF&MEF Interface Specification discussion of the next steps

Published byKelley Nicholson Modified over 6 years ago

Similar presentations

Presentation on theme: "MAF&MEF Interface Specification discussion of the next steps"— Presentation transcript:

1 MAF&MEF Interface Specification discussion of the next steps
SEC MAF&MEF Interface Specification discussion of the next steps Group Name: SEC WG Source: Qualcomm Inc., Phil Hawkes, Wolfgang Granzow Meeting Date: SEC#26, Agenda Item: WI-0057-TEF_interface

2 Objective At TP#24 the WI-0057 “TEF Interface” was agreed
From this WI, the stage-3 details of the interface between AEs and CSEs with M2M Authentication Function (MAF) and M2M Enrolment Function (MEF) shall result Trust Enabling Function (TEF) is a generic term used for MAF and MEF Discussion paper SEC R01 was presented at TP#25 3 reference architecture options were proposed: separate reference points for MAF and MEF single new reference point for TEF define TEF as a new CSF, then MAF and MEF become CSEs and new reference point is not required, i.e. Mca/Mcc applies No agreement on the way forward was achieved at TP#25

3 Proposal Let‘s begin developing MAF and MEF interfaces separately, i.e. Mmef and Mmaf, and independent of Mca and Mcc Even if MAF and MEF would be regarded as special types of CSEs, it would still make sense to use a distinct name for the reference points We also use different names Mca and Mcc although the protocols used on these reference points are essentially identical Alternatively we could use notation Ma and Me There was discussion on using a one- or two-character index

4 Title of the new specification
When avoiding the term “TEF”, what should be the title of the new specification to be developed under WI-0057 “TEF Interface”? New working title could be one of the following: MAF and MEF Interface Specification (suggested here) Credential Management Specification Trust Enabling Architecture

5 Technical assumptions for MAF
The procedures already specified in TS-0003 assume that a MAF communicates with a MAF Client which is associated with a oneM2M entity (AE or CSE) The MAF itself represents the server in this client-server model (we however do not use the term “MAF server“) MAF Mmaf Mmaf M2M Entity A M2M Entity B MAF Client MAF Client

6 Use of MAF Interface as defined in TS-0003

7 Extension of present concept
MAF Clients could be associated with oneM2M (field) nodes (i.e. ASN, ADN, MN) rather than with AE or CSE entities In this case a single MAF Client can act on behalf of all entities implemented on the node We propose supporting both approaches MAF Mmaf Mmaf M2M Node MAF Client AE CSE Mcc IN-CSE MAF Client

8 Resulting Reference Architecture

9 Definitions (to be included into the new spec)
MAF Client: functionality for performing MAF procedures on behalf of an associated CSE or AE, or on behalf of CSE or AE(s) present on an associated Node. Note: the existing definition in TS-0003 needs to be updated accordingly MEF Client: functionality for performing MEF procedures on behalf of an associated CSE or AE, or on behalf of CSE or AE(s) present on an associated Node. MAF interface: Communication interface between a MAF and a MAF Client identified by reference point Mmaf MEF interface: Communication interface between a MEF and a MEF Client identified by reference point Mmef

10 Proposed communication scheme on Mmaf
Reusing oneM2M RESTful protocol as applied on Mca and Mcc reference points Reusing existing request and response primitives many optional Mcc/Mca primitive parameters/features not required on Mmaf andMmef (not eliminating future extensions) Blocking-mode access to server only (non-blocking may be defined in future release)

11 Request Primitive parameters
Data Type Multiplicity Presence on Mmaf Notes Operation m2m:operation 1 M To xs:anyURI From m2m:ID 0..1 O AE-ID, CSE-ID, M2M-Node-ID or Device-ID, if available Request Identifier m2m:requestID Resource Type m2m:resourceType resource types applicable to Mmaf or Mmef, tbd. Content m2m:primitiveContent Role IDs List of m2m:roleID NA Originating Timestamp m2m:timestamp Request Expiration Timestamp m2m:absRelTimestamp Result Expiration Timestamp Operation Execution Time Response Type m2m:responseTypeInfo Default: Use 'blockingRequest' Result Persistence Result Content m2m:resultContent New enumeration values tbd Event Category m2m:eventCat Delivery Aggregation xs:boolean Group Request Identifier xs:string Filter Criteria m2m:filterCriteria New filter criteria tbd. Discovery Result Type m2m:discResType Tokens List of m2m:dynAuthJWT Token IDs List of m2m:tokenID LocalTokenIDs List of xs:NCName Token Request Indicator

12 Response Primitive parameters
Data Type Multiplicity Presence on Maf Notes Response Status Code m2m:responseStatusCode 1 M Possibly additional response status codes required tbd Request Identifier m2m:requestID Content m2m:primitiveContent 0..1 O To m2m:ID NA From Originating Timestamp m2m:timestamp Result Expiration Timestamp m2m:absRelTimestamp Event Category m2m:eventCat Assigned Token Identifiers m2m:dynAuthLocalTokenIdAssignments Token Request Information m2m:dynAuthTokenReqInfo

13 MAF Interface Stage 3 Details in the new spec
Use similar specification approach as currently applied for specification of Mcc/Mca stage 3 details: Define request and response primitives with parameters applicable on Mmaf Define new resource types hosted by the MAF, structure and data types as defined in TS-0004 Describe generic procedures at the MAF and MAF Client Describe procedures specific to new resource types Reuse bindings to application layer transport protocols TS-0008/9/20 (HTTP/1.1, CoAP, WebSocket; MQTT not suitable) Specify “delta” relative to TS-0008/9/20 (if there is any)

14 MAF and MEF Procedures defined in TS-0003
Remote Security Provisioning Frameworks (RSPF) Clause 8.3 in TS-0003 Certificate Enrolment currently part of this functionality but only partly specified right now MAF-based security frameworks Clause 8.8 in TS-0003 Clause for MAF-based SAEF Clause for MAF-based ESPrim Currently no text for MAF-based ESData Remote security frameworks for E2E security Clause 8.6 in TS-0003 Referenced on Clause for ESData

15 Summary of proposed way forward
Start development of the new specification under the working title “MAF and MEF Interface Specification” at TP#26: Proposed skeleton: SEC R01 Proposed scope: SEC R01 Proposed main body: SEC R01 (addressing MAF interface only) Add parts which were dropped from SEC (short names) into the new specification (can be postponed to SEC#26.x telcos) More details on procedures need to be added in TS-0003 Mapping between MAF/MEF procedures to CRUD procedures defined in the new MAF and MEF Interface Specification (i.e. follow-up on SEC ) Add definition of new reference points to TS-0001 when the new specification has become stable

Download ppt "MAF&MEF Interface Specification discussion of the next steps"

Similar presentations

CMDH Refinement Contribution: oneM2M-ARC-0397

CMDH Refinement Contribution: oneM2M-ARC-0397
SEC Clarification Group Name: WG4 (SEC-2014-xxxx) Decision  Meeting Date: 2014-05-07 Discussion  Source: OBERTHUR Technologies Information  Contact:

SEC Clarification Group Name: WG4 (SEC-2014-xxxx) Decision  Meeting Date: Discussion  Source: OBERTHUR Technologies Information  Contact:
Summary on the M2M CMDH Policies Management Object (MCMDHMO)

Summary on the M2M CMDH Policies Management Object (MCMDHMO)
Is a Node or not Node? ARC-2014-1194-Node_resolution Group Name: ARC Source: Barbara Pareglio, NEC, Meeting Date: ARC#9.1 Agenda.

Is a Node or not Node? ARC Node_resolution Group Name: ARC Source: Barbara Pareglio, NEC, Meeting Date: ARC#9.1 Agenda.
Credential Identifiers Group Name: SEC#14.2 Source: Phil Hawkes, Qualcomm Inc, Meeting Date: 2014-12-18.

Credential Identifiers Group Name: SEC#14.2 Source: Phil Hawkes, Qualcomm Inc, Meeting Date:
On Persistent AE Identifiers Group Name: SEC#12.2 Source: Phil Hawkes, Qualcomm Inc (TIA), Francois Ennesser,

On Persistent AE Identifiers Group Name: SEC#12.2 Source: Phil Hawkes, Qualcomm Inc (TIA), Francois Ennesser,
App-ID Use Cases, Syntax and Attributes SEC-2015-0508-App-ID_Use_Cases,_Syntax_and_Attributes Group Name: Architecture Source: Darold Hemphill, iconectiv,

App-ID Use Cases, Syntax and Attributes SEC App-ID_Use_Cases,_Syntax_and_Attributes Group Name: Architecture Source: Darold Hemphill, iconectiv,
In-Band Access Control Framework Group Name: WG4 SEC Source: Qualcomm Meeting Date: 2013-11-19 Agenda Item:

In-Band Access Control Framework Group Name: WG4 SEC Source: Qualcomm Meeting Date: Agenda Item:
Certificate Enrolment STEs Group Name: SEC#17.2 Source: Phil Hawkes, Qualcomm Inc, Meeting Date: 2015-07-08.

Certificate Enrolment STEs Group Name: SEC#17.2 Source: Phil Hawkes, Qualcomm Inc, Meeting Date:
Announcement Resources ARC-2014-1255-Announcement_Issues Group Name: WG2 Source: Barbara Pareglio, NEC Meeting Date: 2014-04-07 Agenda Item: Input Contribution.

Announcement Resources ARC Announcement_Issues Group Name: WG2 Source: Barbara Pareglio, NEC Meeting Date: Agenda Item: Input Contribution.
Introduction of PRO WG activities Group Name: TP Source: Shingo Fujimoto, FUJITSU, Meeting Date: 2015-03-25 Agenda Item:

Introduction of PRO WG activities Group Name: TP Source: Shingo Fujimoto, FUJITSU, Meeting Date: Agenda Item:
End-to-End security definition Group Name: SEC WG4 Source: Phil Hawkes, Qualcomm, Meeting Date: 2015-05-18.

End-to-End security definition Group Name: SEC WG4 Source: Phil Hawkes, Qualcomm, Meeting Date:
In-Band Access Control Framework Group Name: WG4 SEC Source: Qualcomm Meeting Date: 2013-11-26 Agenda Item:

In-Band Access Control Framework Group Name: WG4 SEC Source: Qualcomm Meeting Date: Agenda Item:
Management of CMDH Policies Group Name: WG5-MAS Source: Wolfgang Granzow, Qualcomm, Meeting Date: 2014-04-07 Agenda Item: Management.

Management of CMDH Policies Group Name: WG5-MAS Source: Wolfgang Granzow, Qualcomm, Meeting Date: Agenda Item: Management.
Response Status Codes Concepts for oneM2M Group Name: WG3 Source: Philip Jacobs, Cisco, Meeting Date: 2014-05-22 Agenda Item: TS-0004.

Response Status Codes Concepts for oneM2M Group Name: WG3 Source: Philip Jacobs, Cisco, Meeting Date: Agenda Item: TS-0004.
Fuctional Procedure for oiC interworking

Fuctional Procedure for oiC interworking
Certificate Enrolment STEs Group Name: SEC#17.3 Source: Phil Hawkes, Qualcomm Inc, Meeting Date: 2015-07-15.

Certificate Enrolment STEs Group Name: SEC#17.3 Source: Phil Hawkes, Qualcomm Inc, Meeting Date:
Customized Resource Types MAS-2015-0626 Group Name: MAS + ARC + PRO WGs Source: Wolfgang Granzow, Qualcomm Inc., Meeting Date:

Customized Resource Types MAS Group Name: MAS + ARC + PRO WGs Source: Wolfgang Granzow, Qualcomm Inc., Meeting Date:
Status Report on Access TP8 Group Name: WG2 Decision  Meeting Date: 2014-01-09 Discussion  Source: OBERTHUR Technologies Information  Contact:

Status Report on Access TP8 Group Name: WG2 Decision  Meeting Date: Discussion  Source: OBERTHUR Technologies Information  Contact:
Primitive End-to-End Security Requirements Group Name: SEC WG4 Source: Phil Hawkes, Qualcomm, Meeting.

Primitive End-to-End Security Requirements Group Name: SEC WG4 Source: Phil Hawkes, Qualcomm, Meeting.

Similar presentations

Ads by Google