ACE BOF, IETF-89 London Authentication and Authorization for Constrained Environments (ACE) BOF Wed 09:00-11:30, Balmoral BOF Chairs: Kepeng Li, Hannes.

Slides:



Advertisements
Similar presentations
Service Function Chaining (SFC) BoF
Advertisements

SACM IETF-92 Meeting March 23 and 27, 2015 Dan Romascanu Adam Montville.
DDoS Open Threat Signaling BOF (DOTS) IETF 92, Dallas, Texas
OAuth/UMA for ACE 24 th March 2015 draft-maler-ace-oauth-uma-00.txt Eve Maler, Erik Wahlström, Samuel Erdtman, Hannes Tschofenig.
CCAMP Working Group Online Agenda and Slides at: ccamp Data tracker:
Authorization architecture sketches draft-selander-core-access-control-02 draft-gerdes-core-dcaf-authorize-02 draft-seitz-ace-design-considerations-00.
CCAMP Working Group Online Agenda and Slides at: ccamp Data tracker:
IETF-88 AQM WG Wesley Eddy Richard Scheffenegger
DetNet BoF Chairs: Lou Berger Pat Thaler Online Agenda and Slides at:
July 2013IETF TRILL WG1 TRILL Working Group TRansparent Interconnection of Lots of Links Mailing list address: Tools site:
Audio/Video Transport Extensions (AVTEXT). Administrivia Notetakers? Jabber scribe? Jabber Chat Room
Network Virtualization Overlays (NVO3) NVO3 Meeting, IETF 88, Vancouver Benson Schliesser Matthew Bocci
CCAMP Working Group Online Agenda and Slides at: Data tracker:
LMAP WG IETF 89, London, UK Dan Romascanu Jason Weil.
Dnssd WG Chairs: Tim Chown Ralph Droms IETF 89, London, 3 rd March 2014.
Wed 31 Jul & Fri 2 Aug 2013SIDR IETF 87 Berlin, German1 SIDR Working Group IETF 87 Berlin, Germany Wednesday, 31 Jul 2013 Friday, 2 Aug 2013.
CCAMP Working Group Online Agenda and Slides at: Data tracker:
ForCES WG Status Forwarding and Control Element Separation (IETF88 Vancouver, CA 2013) Chair: Jamal Hadi Salim Damascene.
SACM IETF-91Meeting November 10 and 14, 2014 Dan Romascanu Adam Montville.
Note Well This summary is only meant to point you in the right direction, and doesn't have all the nuances. The IETF's IPR Policy is set forth in BCP 79;
PWE3 WG Status IETF-88 Andy Malis Matthew Bocci Secretary:
RADEXT WG IETF 93 Agenda July 20, Please join the Jabber room:
1 TCP Maintenance and Minor Extensions (TCPM) Working Group Pasi Sarolahti Michael Scharf Yoshifumi Nishida IETF 90 – Toronto, Canada July 2014.
1 Benchmarking Methodology WG (bmwg) 86th IETF Tuesday, July 30, 2013 ( Berlin Local Time, GMT+2:00) Chairs: –Al Morton (acmorton(at)att.com)
CCAMP Working Group Online Agenda and Slides at: Data tracker:
DetNet WG 1 ST Meeting Chairs: Lou Berger Pat Thaler Secretary: Jouni Korhonen.
PWE3 WG Status IETF-87 Andy Malis Matthew Bocci
Wed 31 Jul & Fri 2 Aug 2013SIDR IETF 87 Berlin, German1 SIDR Working Group IETF 87 Berlin, Germany Wednesday, 31 Jul 2013 Friday, 2 Aug 2013.
LMAP WG INTERIM DUBLIN, IRELAND Jason Weil Dan Romascanu - remote.
Virtualized Network Function (VNF) Pool BoF IETF 90 th, Toronto, Canada. BoF Chairs: Ning Zong Melinda Shore
SACM IETF 89, London, UK Dan Romascanu Adam Montville.
Authentication and Authorization for Constrained Environment (ACE) WG Chairs: Kepeng Li, Hannes
PAWS Protocol to Access White Space DB IETF 88, Vancouver Gabor Bajko, Brian Rosen.
TSVWG IETF-89 (London) 5 th & 7 th March 2014 Gorry Fairhurst David Black James Polk WG chairs 1.
LMAP WG IETF 90, TORONTO, CA Dan Romascanu Jason Weil.
RADEXT WG IETF 89 Agenda March 4, Please join the Jabber room:
IS-IS WG IETF-90 Toronto Chris Hopps Hannes Gredler
DICE BOF, IETF-87 Berlin DTLS In Constrained Environments (DICE) BOF Wed 15:10-16:10, Potsdam 3 BOF Chairs: Zach Shelby, Carsten Bormann Responsible AD:
DetNet WG Chairs: Lou Berger Pat Thaler Secretary: Jouni Korhonen
1 IETF 95 Buenos Aires, AR TEAS Working Group Online Agenda and Slide: Data tracker:
Mon 23 Mar 2015SIDR IETF 92 Dallas, TX, US1 SIDR Working Group IETF 92 Dallas, TX, US Monday, 23 Mar 2015.
Chairs: Pascal Thubert Thomas Watteyne Etherpad for minutes: IPv6 over the TSCH mode.
Fri 24 Jul 2015SIDR IETF 93 Prague, CZ1 SIDR Working Group IETF 93 Prague, CZ Friday, 24 Jul 2015.
TEAS Working Group Online Agenda and Slides at: Data tracker:
SACM IETF 96 July 18 & 22, 2016 Adam Montville Karen O'Donoghue.
DetNet WG Chairs: Lou Berger Pat Thaler Secretary: Jouni Korhonen
Security Events (SecEvent)
May 12, 2015 Dan Romascanu Adam Montville
DetNet WG Chairs: Lou Berger
28 October 2016 Webex IPv6 over the TSCH mode of IEEE e
MMUSIC Virtual Interim June 17, 2013
SACM Virtual Interim Meeting
24 June 2016 Webex IPv6 over the TSCH mode of IEEE e Chairs:
DetNet WG Chairs: Lou Berger
TCP Maintenance and Minor Extensions (TCPM) Working Group Status
IETF 97th SUPA Working Group
Service Function Chaining (SFC)
PAWS Protocol to Access White Space DB
Authentication and Authorization for Constrained Environment (ACE)
SACM Virtual Interim Meeting
IETF103 Bangkok Web Authorization Protocol (OAuth)
IETF 97 Seoul MBONED.
TEAS Working Group IETF 97 Seoul Online Agenda and Slide:
Joint MPLS, PCE, TEAS and CCAMP WGs (hosted by CCAMP)
Service Function Chaining (SFC)
Web Authorization Protocol (oauth)
Note Well This is a reminder of IETF policies in effect on various topics such as patents or code of conduct. It is only meant to point you in the right.
IETF102 Montreal Web Authorization Protocol (OAuth)
Trusted Execution Environment Provisioning (TEEP) WG
IETF 98 pim wg meeting.
Presentation transcript:

ACE BOF, IETF-89 London Authentication and Authorization for Constrained Environments (ACE) BOF Wed 09:00-11:30, Balmoral BOF Chairs: Kepeng Li, Hannes Tschofenig Responsible AD: Barry Leiba Mailing List:

Note Well This summary is only meant to point you in the right direction, and doesn't have all the nuances. The IETF's IPR Policy is set forth in BCP 79; please read it carefully. The brief summary:  By participating with the IETF, you agree to follow IETF processes.  If you are aware that a contribution of yours (something you write, say, or discuss in any IETF context) is covered by patents or patent applications, you need to disclose that fact.  You understand that meetings might be recorded, broadcast, and publicly archived. For further information, talk to a chair, ask an Area Director, or review the following: BCP 9 (on the Internet Standards Process) BCP 25 (on the Working Group processes) BCP 78 (on the IETF Trust) BCP 79 (on Intellectual Property Rights in the IETF)

Agenda Introduction (Chairs) – 5 min Constrained Node Network (Carsten Bormann) -15 min Use Cases and Requirements (Ludwig Seitz) - 30 min Architectural Design Choices (Goran Selander) - 30 min Gap Analysis (Hannes Tschofenig) - 30 min Charter Discussion (Chairs) - 40 min

Prior Activities leading to this BOF Smart Object Workshop (March 2011)Smart Object Workshop Smart Object Security Workshop (March 2012)Smart Object Security Workshop Many relevant IETF working group activities this work builds on, including CORE, 6lowpan/6low, lwig, dice, etc. Various interoperability events

Problem Statement PUT “1” /lock GET /bloodpressure Resource server, client and network may be constrained.  How to support explicit and dynamic authorization? PUT “2.5mg” /sedative ClientResource Server

Related Work Use Cases: – ​ ​ – ​ ​ – ​ ​ Solutions: – ​ ​ – ​ ​ – ​ ​ – ​ ​ – ​ ​ – ​ ​ – ​ ​ – ​ ​ – ​ ​ – ​ ​ – ​ ​ – –

ACE BOF, IETF-89 London Constrained Node Network Carsten Bormann

ACE BOF, IETF-89 London Use Case and Requirements Ludwig Seitz

ACE BOF, IETF-89 London Architectural Design Choices Göran Selander

ACE BOF, IETF-89 London Gap Analysis Hannes Tschofenig

ACE BOF, IETF-89 London Charter Discussion Kepeng Li, Hannes Tschofenig

An Important Question a) Is this a topic the IETF should try to address? b) Is this a topic the IETF should not try to address?

Charter: Narrative (Constrained Environments) standardized solution for authentication and authorization authorized access to resources use CoAP and leverage DTLS security where possible employ additional less-constrained devices in order to relieve the constrained nodes existing authentication and authorization protocols are used and re-applied... restricting the options within each of the specifications operate across multiple domains

Charter: Tasks Document the use cases and high-level requirements for secured communication between constrained devices. Define profiles for encoding authentication and authorization data. Document design criteria for the required security protocols with respect to resource usage ( RAM, message round trips, power consumption etc. ). Define a mechanism for authenticated and protected transfer of authorization information suitable for constrained environments, and taking into account expiry/revocation. Define formats for access tokens and for authorization information that are suitable for constrained devices. Define bootstrapping for authorization information using the Resource Directory (see draft-ietf-core-resource-directory).draft-ietf-core-resource-directory

Charter Question The draft charter: – a) Is the scope of the charter clear enough? b) Is the scope of the charter not clear enough?

Engagement a)How many are willing to review? b)How many are interested to work on documents?