Presentation is loading. Please wait.

Presentation is loading. Please wait.

Access Control Mechanism for User Group Name: SEC WG Source: Seongyoon Kim, LG Electronics, Meeting Date: 2013-12-9 Agenda Item:

Published byMikayla Mullen Modified over 9 years ago

Similar presentations

Presentation on theme: "Access Control Mechanism for User Group Name: SEC WG Source: Seongyoon Kim, LG Electronics, Meeting Date: 2013-12-9 Agenda Item:"— Presentation transcript:

1 Access Control Mechanism for User Group Name: SEC WG Source: Seongyoon Kim, LG Electronics, seongyoon.kim@lge.com Meeting Date: 2013-12-9 Agenda Item: TBD

2 Introduction There were some discussions on whether oneM2M needs to define authorization of user in previous calls The motivation of the contribution is to introduce access control mechanism for user without any changes/impacts on current resource/architecture if we need the authorization of user This contribution is – To propose not to include any user context into resource/architecture – To provide means to access control per User © 2013 oneM2M Partners 2

3 We need to separate User  AE domain and AE  CSE domain © 2013 oneM2M Partners 3 User interacts with Application (AE). AE interacts with Application Framework (CSE). User doesn’t interact with Application Framework Imagine there is an Andriod application (e.g., Amazon). User logs in Amazon but it doesn’t mean User logs in Google; Authentication/Authorization of User shall be done at Amazon with Amazon User ID and PW. Google only knows Amazon Application ID and Amazon Application behavior.  Service Provider of AE and CSE cannot be the same. We should not allow Application Framework to know any context of User. Separation of Domains

4 Access Control per User? (1) How could we provide access control per User? – Case 1: Access Control on AE © 2013 oneM2M Partners 4 Access Control is done at AE. oneM2M doesn’t need to specify anything

5 Access Control per User? (2) – Case 2: Access Control on CSE (Delegation to CSE) 1.Use Extended AE ID consisting of App-Inst-ID and Extended-ID, Assign/Keep unique Extended-ID per User 2.Authorization per AE © 2013 oneM2M Partners 5

6 Proposal If we would like to achieve Authorization for User, it’s better to have unique AE ID per User – CSE doesn’t need to know User information (User ID, token, etc.) – It works with current architecture without changing resource/adding entities – We can reuse current access control mechanism defined in ARC (i.e., accessRight Resource) © 2013 oneM2M Partners 6

Download ppt "Access Control Mechanism for User Group Name: SEC WG Source: Seongyoon Kim, LG Electronics, Meeting Date: 2013-12-9 Agenda Item:"

Similar presentations

Access Control Mechanism Discussion

Access Control Mechanism Discussion
Call for test suites Group Name: REQ Source: Jiaxin Yin, Huawei Technologies Co., Ltd., Meeting Date: 2015-1-8 Agenda Item: TBD.

Call for test suites Group Name: REQ Source: Jiaxin Yin, Huawei Technologies Co., Ltd., Meeting Date: Agenda Item: TBD.
SEC Clarification Group Name: WG4 (SEC-2014-xxxx) Decision  Meeting Date: 2014-05-07 Discussion  Source: OBERTHUR Technologies Information  Contact:

SEC Clarification Group Name: WG4 (SEC-2014-xxxx) Decision  Meeting Date: Discussion  Source: OBERTHUR Technologies Information  Contact:
Problem of Current Notification Group Name: ARC WG Source: Heedong Choi, LG Electronics, Meeting Date: ARC 9.0 Agenda Item: TBD.

Problem of Current Notification Group Name: ARC WG Source: Heedong Choi, LG Electronics, Meeting Date: ARC 9.0 Agenda Item: TBD.
Problem of non-Blocking Synchronous mode Group Name: ARC WG Source: Yuan Tao, Mitch Tseng, Huawei Technologies Meeting Date: ARC 15.0 Agenda Item: TBD.

Problem of non-Blocking Synchronous mode Group Name: ARC WG Source: Yuan Tao, Mitch Tseng, Huawei Technologies Meeting Date: ARC 15.0 Agenda Item: TBD.
OneM2M portal introduction Group Name: Technical Plenary Source: Gerry McAuley, ETSI, Meeting Date: 2012-09-24 Agenda Item: 1.5.

OneM2M portal introduction Group Name: Technical Plenary Source: Gerry McAuley, ETSI, Meeting Date: Agenda Item: 1.5.
Method of Converting Resource definitions into XSD Group Name: WG3 (PRO) Source: Shingo Fujimoto, FUJITSU, Meeting Date:

Method of Converting Resource definitions into XSD Group Name: WG3 (PRO) Source: Shingo Fujimoto, FUJITSU, Meeting Date:
Mechanism to support establishment of charging policies Group Name: WG2-ARC Source: InterDigital Meeting Date: TP8 Agenda Item:

Mechanism to support establishment of charging policies Group Name: WG2-ARC Source: InterDigital Meeting Date: TP8 Agenda Item:
2-levels Access control for HTTP binding Group Name: WG4 (& WG2/WG3 for information) Source: Shingo Fujimoto, FUJITSU, Meeting.

2-levels Access control for HTTP binding Group Name: WG4 (& WG2/WG3 for information) Source: Shingo Fujimoto, FUJITSU, Meeting.
App-ID Use Cases, Syntax and Attributes SEC-2015-0508-App-ID_Use_Cases,_Syntax_and_Attributes Group Name: Architecture Source: Darold Hemphill, iconectiv,

App-ID Use Cases, Syntax and Attributes SEC App-ID_Use_Cases,_Syntax_and_Attributes Group Name: Architecture Source: Darold Hemphill, iconectiv,
Framework for Performance Metric Development draft-morton-perf-metrics-framework-01.txt Alan Clark IETF 70 PMOL WG.

Framework for Performance Metric Development draft-morton-perf-metrics-framework-01.txt Alan Clark IETF 70 PMOL WG.
Proposal for OID-based M2M Node ID Group Name: WG2 Architecture at TP#8 (Miyazaki, December 2013) Source: Yong-Suk Park, KETI, Meeting.

Proposal for OID-based M2M Node ID Group Name: WG2 Architecture at TP#8 (Miyazaki, December 2013) Source: Yong-Suk Park, KETI, Meeting.
In-Band Access Control Framework Group Name: WG4 SEC Source: Qualcomm Meeting Date: 2013-11-19 Agenda Item:

In-Band Access Control Framework Group Name: WG4 SEC Source: Qualcomm Meeting Date: Agenda Item:
3GPP Rel-13 Interworking discussions

3GPP Rel-13 Interworking discussions
In-Band Access Control Framework Group Name: WG4 SEC Source: Qualcomm Meeting Date: 2013-11-26 Agenda Item:

In-Band Access Control Framework Group Name: WG4 SEC Source: Qualcomm Meeting Date: Agenda Item:
Answer the Questions Regarding Pending Issues on Access Control Group Name: WG4 SEC Source: LG Electronics Meeting Date: 2014-07-15 Agenda Item: SEC#11.4.

Answer the Questions Regarding Pending Issues on Access Control Group Name: WG4 SEC Source: LG Electronics Meeting Date: Agenda Item: SEC#11.4.
An operator’s perspective on support for different M2M deployment scenarios AT&T Group Name: TP Source: Farooq Bari, Jianrong Wang; AT&T;

An operator’s perspective on support for different M2M deployment scenarios AT&T Group Name: TP Source: Farooq Bari, Jianrong Wang; AT&T;
TS0001 Identifiers way forward Group Name: WG2 Source: Elloumi, Foti, Scarrone, Lu (tbc), Jeong (tbc) Meeting Date: 2014-06-07 Agenda Item: ARC11/PRO11.

TS0001 Identifiers way forward Group Name: WG2 Source: Elloumi, Foti, Scarrone, Lu (tbc), Jeong (tbc) Meeting Date: Agenda Item: ARC11/PRO11.
Discussion on the problem of non- Blocking Synchronous mode Group Name: ARC WG Source: Yuan Tao, Mitch Tseng, Huawei Technologies Meeting Date: ARC 15.2.

Discussion on the problem of non- Blocking Synchronous mode Group Name: ARC WG Source: Yuan Tao, Mitch Tseng, Huawei Technologies Meeting Date: ARC 15.2.
App-ID Discussion Group Name: ARC WG Source: Seongyoon Kim, LG Electronics, Meeting Date: 31 July 2014 Agenda Item: TBD.

App-ID Discussion Group Name: ARC WG Source: Seongyoon Kim, LG Electronics, Meeting Date: 31 July 2014 Agenda Item: TBD.

Similar presentations

Ads by Google