Authorization Architecture Discussion Group Name: SEC WG Source: Seongyoon Kim, LG Electronics, Meeting Date: 28 MAY, 2014 Agenda.

Slides:



Advertisements
Similar presentations
Access Control Mechanism Discussion
Advertisements

CMDH Refinement Contribution: oneM2M-ARC-0397
SEC Clarification Group Name: WG4 (SEC-2014-xxxx) Decision  Meeting Date: Discussion  Source: OBERTHUR Technologies Information  Contact:
Summary on the M2M CMDH Policies Management Object (MCMDHMO)
Is a Node or not Node? ARC Node_resolution Group Name: ARC Source: Barbara Pareglio, NEC, Meeting Date: ARC#9.1 Agenda.
Access Control Mechanism for User Group Name: SEC WG Source: Seongyoon Kim, LG Electronics, Meeting Date: Agenda Item:
Problem of Current Notification Group Name: ARC WG Source: Heedong Choi, LG Electronics, Meeting Date: ARC 9.0 Agenda Item: TBD.
Problem of non-Blocking Synchronous mode Group Name: ARC WG Source: Yuan Tao, Mitch Tseng, Huawei Technologies Meeting Date: ARC 15.0 Agenda Item: TBD.
Method of Converting Resource definitions into XSD Group Name: WG3 (PRO) Source: Shingo Fujimoto, FUJITSU, Meeting Date:
Resource Announcement Procedures Group Name: WG2 Source: Rajesh Bhalla, Hao Wu - ZTE Meeting Date: Agenda Item: TBD.
2-levels Access control for HTTP binding Group Name: WG4 (& WG2/WG3 for information) Source: Shingo Fujimoto, FUJITSU, Meeting.
Thoughts on oneM2M resource tree Group Name: WG2 Architecture at TP#7 (Sophia, October 2013) Source: Nicolas Damour, Sierra Wireless
In-Band Access Control Framework Group Name: WG4 SEC Source: Qualcomm Meeting Date: Agenda Item:
Announcement Resources ARC Announcement_Issues Group Name: WG2 Source: Barbara Pareglio, NEC Meeting Date: Agenda Item: Input Contribution.
Introduction of PRO WG activities Group Name: TP Source: Shingo Fujimoto, FUJITSU, Meeting Date: Agenda Item:
End-to-End security definition Group Name: SEC WG4 Source: Phil Hawkes, Qualcomm, Meeting Date:
PRO R01-URI_mapping_discussion Discussion on URI mapping in protocol context Group Name: PRO and ARC Source: Shingo Fujimoto, FUJITSU,
3GPP Rel-13 Interworking discussions
In-Band Access Control Framework Group Name: WG4 SEC Source: Qualcomm Meeting Date: Agenda Item:
Answer the Questions Regarding Pending Issues on Access Control Group Name: WG4 SEC Source: LG Electronics Meeting Date: Agenda Item: SEC#11.4.
Management of CMDH Policies Group Name: WG5-MAS Source: Wolfgang Granzow, Qualcomm, Meeting Date: Agenda Item: Management.
TS0001 Identifiers way forward Group Name: WG2 Source: Elloumi, Foti, Scarrone, Lu (tbc), Jeong (tbc) Meeting Date: Agenda Item: ARC11/PRO11.
Discussion on the problem of non- Blocking Synchronous mode Group Name: ARC WG Source: Yuan Tao, Mitch Tseng, Huawei Technologies Meeting Date: ARC 15.2.
App-ID Discussion Group Name: ARC WG Source: Seongyoon Kim, LG Electronics, Meeting Date: 31 July 2014 Agenda Item: TBD.
Response Status Codes Concepts for oneM2M Group Name: WG3 Source: Philip Jacobs, Cisco, Meeting Date: Agenda Item: TS-0004.
Supporting long polling Group Name: ARC WG Source: SeungMyeong, LG Electronics, Meeting Date: x-xx Agenda Item: TBD.
Customized Resource Types MAS Group Name: MAS + ARC + PRO WGs Source: Wolfgang Granzow, Qualcomm Inc., Meeting Date:
Discussion on the problem of non- Blocking Synchronous mode Group Name: ARC WG Source: Yuan Tao, Mitch Tseng, Huawei Technologies Meeting Date: ARC 15.2.
Access Control Status Report Group Name: ARC/SEC Source: Dragan Vujcic, Oberthur Technologies, Meeting Date: 09/12/2013 Agenda Item:
Step by step approach Group Name: WG2 Source: Michael hs. Yang, LG uplus, Jaeseung Song, NEC Europe, Meeting.
Status Report on Access TP8 Group Name: WG2 Decision  Meeting Date: Discussion  Source: OBERTHUR Technologies Information  Contact:
Node-Specific Resource Group Name: ARC&MAS Source: LGE, Meeting Date: Agenda Item: Contribution.
Technical questions on oneM2M certification Group Name: TST Source: JaeSeung Song KETI, TST WG Chair Meeting Date: Agenda.
WG 2 Progress Report at TP#9 Group Name: oneM2M TP #9 Source: WG2 leadership Meeting Date: /21 Agenda Item: WG Reports.
Interworking with an External Dynamic Authorization System Group Name: SEC WG Source: Qualcomm Inc., Wolfgang Granzow & Phil Hawkes Meeting Date: SEC#20.2,
Access Control Status Report Group Name: ARC/SEC Source: Dragan Vujcic, Oberthur Technologies, Meeting Date: 09/12/2013 Agenda Item:
OIC INTERWORKING OPERATIONAL PROCEDURE (ADDRESSING AND DISCOVERY) Group Name: Architecture WG Source: Kiran Vedula, Samsung Electronics,
Routing Problem of the Current Architecture Group Name: ARC Source: Hongbeom Ahn, LG Electronics, Meeting Date: Agenda.
WG-2 - ARC TP #18 Status Report Group Name: oneM2M TP #18 Source: WG2 Chair (Nicolas Damour – Meeting Date: Agenda.
M2M Service Subscription Profile Discussion Group Name: oneM2M TP #19.2 Source: LG Electronics Meeting Date: Agenda Item:
SE abstraction scenarios Group Name: SEC Source: Claus Dietze, Giesecke & Devrient Meeting Date: Agenda Item: WI SE abstraction.
PRO/ARC and TST/PRO joint sessions at TP20 Group Name: oneM2M TP20 Source: Peter Niblett, IBM Meeting Date:
Security API discussion Group Name: SEC Source: Shingo Fujimoto, FUJITSU Meeting Date: Agenda Item: Security API.
3GPP SCEF Interworking Discussions
LWM2M Interworking Proxy Procedures ARC Considerations
Attribute-level access control Group Name: ARC WG Source: Yuan Tao, Mitch Tseng, Huawei Technologies Meeting Date: ARC 16 Agenda Item: TBD.
WG2 - ARC TP #20 Status Report Group Name: oneM2M TP #20 Source: WG2 Chair (Nicolas Damour – Meeting Date: Agenda.
WG2 PRO Status Report at TP19 Group Name: oneM2M TP19 Source: Peter Niblett, IBM Meeting Date: to Agenda Item: TP19, Item 10.3, Reports.
Issues of Current Access Control Rule and New Proposal Introduction Group Name: ARC 21 Source: Wei Zhou, Datang, Meeting Date:
Adding Non-blocking Requests Contribution: oneM2M-ARC-0441R01R01 Source: Josef Blanz, Qualcomm UK, Meeting Date: ARC 7.0,
CMDH and Policies Contribution: oneM2M-ARC-0603
Subscription and Notification Issue Group Name: WG2 Source: Qi Yu, Mitch Tseng- Huawei Technologies, Co. LTD. Meeting Date: ~23 Agenda Item:
Consideration Security Issues on Registration Group Name: WG4 (SEC) Source: Shingo Fujimoto, FUJITSU, Meeting Date:
DM Execute Group Name: WG2/WG5 Source: Jiaxin Yin, Huawei Technologies Co., Ltd., Meeting Date: Agenda Item: TBD.
Reasons for CSF Clean-up (Issues & Next Steps) Group Name: WG2 Source: Syed Husain – NTT DOCOMO Meeting Date: (ARC_9.3) Agenda Item: 6 DOC#:
WG1 - REQ Progress Report at TP #11 Group Name: WG1 REQ (Requirements) Source: WG1 Vice Chairs Meeting Date: to Agenda Item: TP#11,
Management CSF(s) Architectural choices Group Name: WG2 (ARC), WG5(MAS) Source: Catalina Mladin, InterDigital Comm., Meeting.
TS-0004 guideline for new resource type definition Group Name: PRO WG Source: SeungMyeong JEONG, LG Electronics Meeting Date: Agenda Item: TS.
Specifying the Address of Management Client of Managed Entity Group Name: ARC Source: Hongbeom Ahn, SK Telecom, Meeting Date: TP#21 Agenda.
CSE Retargeting to AE, IPE, and NoDN Hosted Resources
End-to-End Security for Primitives
2nd Interoperability testing issues
Issues of <locationPolicy> Discussion
Discussion about Use Case and Architecture in Developer Guide
3GPP Interworking Abstraction
oneM2M Versioning Next Steps
Considering issues regarding handling token
CMDH Refinement Contribution: oneM2M-ARC-0397R01
Service Layer Dynamic Authorization [SLDA]
Presentation transcript:

Authorization Architecture Discussion Group Name: SEC WG Source: Seongyoon Kim, LG Electronics, Meeting Date: 28 MAY, 2014 Agenda Item: TBD

Introduction Discussion on PIP, PAP and PDP Whether it is possible them to be the same entity © 2013 oneM2M Partners 2

Current SEC Specification © 2013 oneM2M Partners 3 We decided not to separate PIP, PAP and PDP. “NOTE: Release 1 does not support separation of PAP and PIP on different CSE from PDP.” However, Through my observation in ARC TS and SEC contribution, it is not feasible.

PIP Case © 2013 oneM2M Partners 4 In description of accessControlPolicyIDs attribute “If a resource type does have an accessControlPolicyIDs attribute definition, but the (optional) accessControlPolicyIDs attribute is not set, or it is set to a value that does not correspond to a valid, existing resource, or it refers to an resource that is not reachable (e.g. because it is located on a remote CSE that is offline or not reachable), then the system default access permissions shall apply.”  ARC TS considers the separation of PDP and PIP.

PAP Case © 2013 oneM2M Partners 5 Due to Location contexts, PDP need to retrieve location information of originator.  separation of PDP and PAP happens Location Hosting CSE (PAP) PDP AE (Originator) PEP Request Access Control Decision Request Location Request Access Control Decision Response Response

Summary © 2013 oneM2M Partners 6 PDP, PIP, and PAP need to be separated. We need to remove the limit “NOTE: Release 1 does not support separation of PAP and PIP on different CSE from PDP.”

PEP = PDP Discussion © 2013 oneM2M Partners 7 The fact that PEP and PDP are in the same point is very obvious. Hosting CSE works as PEP and PDP Hosting CSE gets all the needed information (e.g., access control policy, m2m service subscription, attributes of originator, etc.) Hosting CSE make access control decision

PEP != PDP Discussion © 2013 oneM2M Partners 8 PEP and PDP are separated As I mentioned in previous pages, PDP may not be PIP and PAP. Then who is PDP when PEP and PDP are separated? Always IN-CSE?

Conclusion © 2013 oneM2M Partners 9 PDP may not work as PIP and PAP Who is PDP, when PDP and PEP are separated, needs further discussion

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.