Presentation is loading. Please wait.

Presentation is loading. Please wait.

SEC Clarification Group Name: WG4 (SEC-2014-xxxx) Decision  Meeting Date: 2014-05-07 Discussion  Source: OBERTHUR Technologies Information  Contact:

Published byErika Gooder Modified over 9 years ago

Similar presentations

Presentation on theme: "SEC Clarification Group Name: WG4 (SEC-2014-xxxx) Decision  Meeting Date: 2014-05-07 Discussion  Source: OBERTHUR Technologies Information  Contact:"— Presentation transcript:

1 SEC Clarification Group Name: WG4 (SEC-2014-xxxx) Decision  Meeting Date: 2014-05-07 Discussion  Source: OBERTHUR Technologies Information  Contact: v.dragan@oberthur.com Other  Agenda Item:

2 Authentication & Protocol Stack Layers Field Node HTTP/CoAP/MQTT TLS/DTLS Infrastr.ucture Node IP Data Link Layer PHY Layer Application oneM2M Layer TCP/UDP HTTP/CoAP/MQTT TLS/DTLS IP Application oneM2M Layer TCP/UDP – All data used in oneM2M security protocol should be protected using a secure protocol (such as TLS) – Authentication can be handled within the application layer, while using transport layer security for confidentiality and integrity. – When app. layer delegate the authentication to the transport layer security then security channel binding mechanism is to be used, based on RFC 5056 (On the Use of Channel Bindings to Secure Channels), RFC 5929(Channel Bindings for TLS) and/or RFC 5705(Keying Material Exporters for TLS).

3 Authentication in Application Layer AE CSE Mca ASN/MN/IN Authentication protocol at Application Layer performed when AE and CSE reside in the same Node.

4 Delegation of Authentication to lower layer Delegation of Authentication to transport security layer (use of channel binding) when AE and CSE reside in different Nodes RFC 5056: « The concept of channel binding allows applications to establish that the two end- points of a secure channel at one network layer are the same as at a higher layer by binding authentication at the higher layer to the channel at the lower layer” INADN ? AE CSE Mca AE Mca Mcc CSE ASN MN Mcc

5 Other clarification (to be cont. …) What’s to be authenticated by the oneM2M security Protocol: – AE-ID – CSE-ID – Node (i.e; device or gateway) - Out of scope Which entity shall get oneM2M Service Subscription prior consuming M2M Service/Resource? – AE Should ACP be applied to the AE and CSE or only the AE? – It applies to both. – The case when host CSE request registration to the remote CSE, the remote CSE may forbid the access to some specific CSE. Can we assume multiple Roles for an AE in Rel1, knowing that sessions feature is not part of Rel1 ? TBD

Download ppt "SEC Clarification Group Name: WG4 (SEC-2014-xxxx) Decision  Meeting Date: 2014-05-07 Discussion  Source: OBERTHUR Technologies Information  Contact:"

Similar presentations

Is a Node or not Node? ARC-2014-1194-Node_resolution Group Name: ARC Source: Barbara Pareglio, NEC, Meeting Date: ARC#9.1 Agenda.

Is a Node or not Node? ARC Node_resolution Group Name: ARC Source: Barbara Pareglio, NEC, Meeting Date: ARC#9.1 Agenda.
IoT in ODL Lionel Florit, Principal Engineer, ODL ID lflorit

IoT in ODL Lionel Florit, Principal Engineer, ODL ID lflorit
Service Layer Session Management Group Name: WG2-ARC Source: IDCC, LGE, ZTE Meeting Date: TP16 Agenda Item:

Service Layer Session Management Group Name: WG2-ARC Source: IDCC, LGE, ZTE Meeting Date: TP16 Agenda Item:
Facing the Challenges of M2M Security and Privacy

Facing the Challenges of M2M Security and Privacy
Credential Identifiers Group Name: SEC#14.2 Source: Phil Hawkes, Qualcomm Inc, Meeting Date: 2014-12-18.

Credential Identifiers Group Name: SEC#14.2 Source: Phil Hawkes, Qualcomm Inc, Meeting Date:
Report of ETSI NGN IPTV activities Rainer Münch, TISPAN Chairman Presenter: Ian Spiers DOCUMENT #:GSC13-PLEN-56 FOR:Presentation SOURCE:Rainer Münch, Ian.

Report of ETSI NGN IPTV activities Rainer Münch, TISPAN Chairman Presenter: Ian Spiers DOCUMENT #:GSC13-PLEN-56 FOR:Presentation SOURCE:Rainer Münch, Ian.
Device Management using mgmtCmd resource Group Name: WG2/WG5 Source: InterDigital Communications Meeting Date: 2013-10-16 Agenda Item: TBD.

Device Management using mgmtCmd resource Group Name: WG2/WG5 Source: InterDigital Communications Meeting Date: Agenda Item: TBD.
On Persistent AE Identifiers Group Name: SEC#12.2 Source: Phil Hawkes, Qualcomm Inc (TIA), Francois Ennesser,

On Persistent AE Identifiers Group Name: SEC#12.2 Source: Phil Hawkes, Qualcomm Inc (TIA), Francois Ennesser,
RoA and SoA Integration for Message Brokers Group Name: WG2-ARC Source: ALU Meeting Date: 2013-10-21 Agenda Item:

RoA and SoA Integration for Message Brokers Group Name: WG2-ARC Source: ALU Meeting Date: Agenda Item:
Mechanism to support establishment of charging policies Group Name: WG2-ARC Source: InterDigital Meeting Date: TP8 Agenda Item:

Mechanism to support establishment of charging policies Group Name: WG2-ARC Source: InterDigital Meeting Date: TP8 Agenda Item:
2-levels Access control for HTTP binding Group Name: WG4 (& WG2/WG3 for information) Source: Shingo Fujimoto, FUJITSU, Meeting.

2-levels Access control for HTTP binding Group Name: WG4 (& WG2/WG3 for information) Source: Shingo Fujimoto, FUJITSU, Meeting.
I-D: draft-rahman-mipshop-mih-transport-01.txt Transport of Media Independent Handover Messages Over IP 67 th IETF Annual Meeting MIPSHOP Working Group.

I-D: draft-rahman-mipshop-mih-transport-01.txt Transport of Media Independent Handover Messages Over IP 67 th IETF Annual Meeting MIPSHOP Working Group.
oneM2M-OIC Interworking Technical Comparison

oneM2M-OIC Interworking Technical Comparison
Certificate Enrolment STEs Group Name: SEC#17.2 Source: Phil Hawkes, Qualcomm Inc, Meeting Date: 2015-07-08.

Certificate Enrolment STEs Group Name: SEC#17.2 Source: Phil Hawkes, Qualcomm Inc, Meeting Date:
Introduction of PRO WG activities Group Name: TP Source: Shingo Fujimoto, FUJITSU, Meeting Date: 2015-03-25 Agenda Item:

Introduction of PRO WG activities Group Name: TP Source: Shingo Fujimoto, FUJITSU, Meeting Date: Agenda Item:
End-to-End security definition Group Name: SEC WG4 Source: Phil Hawkes, Qualcomm, Meeting Date: 2015-05-18.

End-to-End security definition Group Name: SEC WG4 Source: Phil Hawkes, Qualcomm, Meeting Date:
Authorization for IoT Group Name: oneM2M SEC WG Source: Francois Ennesser, Gemalto NV Meeting Date: 2014-09-03 Agenda Item:

Authorization for IoT Group Name: oneM2M SEC WG Source: Francois Ennesser, Gemalto NV Meeting Date: Agenda Item:
Application Layer Security Mike Pajevski (NASA/JPL) April 2009.

Application Layer Security Mike Pajevski (NASA/JPL) April 2009.
TS0001 Identifiers way forward Group Name: WG2 Source: Elloumi, Foti, Scarrone, Lu (tbc), Jeong (tbc) Meeting Date: 2014-06-07 Agenda Item: ARC11/PRO11.

TS0001 Identifiers way forward Group Name: WG2 Source: Elloumi, Foti, Scarrone, Lu (tbc), Jeong (tbc) Meeting Date: Agenda Item: ARC11/PRO11.
PAWS: Security Considerations Yizhuang WU, Yang CUI PAWS WG 2012.07.30.

PAWS: Security Considerations Yizhuang WU, Yang CUI PAWS WG

Similar presentations

Ads by Google