ace use cases & design patterns
TRANSCRIPT
![Page 1: ACE Use Cases & Design Patterns](https://reader033.vdocument.in/reader033/viewer/2022043013/626b7beae4674628b86023b5/html5/thumbnails/1.jpg)
ACE Use Cases & Design Patterns
draft-seitz-ace-usecases-01
Ludwig Seitz ([email protected])
IETF ACE WG meetingJuly 23, 2014
![Page 2: ACE Use Cases & Design Patterns](https://reader033.vdocument.in/reader033/viewer/2022043013/626b7beae4674628b86023b5/html5/thumbnails/2.jpg)
2
Overview
• IoT use cases– Container Monitoring– Home Automation– Building Automation– Smart Metering
Feel free to volunteer your use case!
(e.g. Industrial Control Systems, Automotive)
![Page 3: ACE Use Cases & Design Patterns](https://reader033.vdocument.in/reader033/viewer/2022043013/626b7beae4674628b86023b5/html5/thumbnails/3.jpg)
3
Question
• Is the three-party architecture sufficient to cover these use cases?
• Are all parts of that architecture necessary for these use cases ?
Client Protected resource
access
Resource Server
Authorization Server
![Page 4: ACE Use Cases & Design Patterns](https://reader033.vdocument.in/reader033/viewer/2022043013/626b7beae4674628b86023b5/html5/thumbnails/4.jpg)
4
• Which message sequence and design pattern do we want to focus on (cf. RFC 2904)
Question ctd
ClientResource
Server
Authorization Server
1.2.
3.
Push
ClientResource
Server
Authorization Server
2.
1.
Pull
3.
4.
Agent
Client Resource Server
Authorization Server
1. 4. 2. 3.
e.g. OAuth, Kerberos e.g. EAP, ABFAB4.
ClientResource
Server
Authorization Server
1.
2.
5.
Push & confirm
3.4.
e.g. OAuth token introspection
![Page 5: ACE Use Cases & Design Patterns](https://reader033.vdocument.in/reader033/viewer/2022043013/626b7beae4674628b86023b5/html5/thumbnails/5.jpg)
5
Container Monitoring
Storage & ripening
![Page 6: ACE Use Cases & Design Patterns](https://reader033.vdocument.in/reader033/viewer/2022043013/626b7beae4674628b86023b5/html5/thumbnails/6.jpg)
6
Container Monitoring
• (Presented at IETF 89)• Containers equipped with sensors and actuators
– Monitor and control environment– Monitor position– Log and report condition of cargo
• Stakeholders with different access rights– Owner– Transporters– Storage
• RS needs to do access control while offline– Needs push message sequence
![Page 7: ACE Use Cases & Design Patterns](https://reader033.vdocument.in/reader033/viewer/2022043013/626b7beae4674628b86023b5/html5/thumbnails/7.jpg)
7
Home Automation
Remotedelegationof access
rights
![Page 8: ACE Use Cases & Design Patterns](https://reader033.vdocument.in/reader033/viewer/2022043013/626b7beae4674628b86023b5/html5/thumbnails/8.jpg)
8
Home Automation
• Smart door lock + alarm• Remote delegation of physical access rights
![Page 9: ACE Use Cases & Design Patterns](https://reader033.vdocument.in/reader033/viewer/2022043013/626b7beae4674628b86023b5/html5/thumbnails/9.jpg)
9
Building Automation
Installation &Commissioning
Decommissioning
SecurityLifecycle
Operational
Maintenance
![Page 10: ACE Use Cases & Design Patterns](https://reader033.vdocument.in/reader033/viewer/2022043013/626b7beae4674628b86023b5/html5/thumbnails/10.jpg)
10
Building Automation
• Device lifecycle– Installation and commissioning– Operational– Maintenance– Decommissioning
• Context-based authorization– Access to light + HVAC if in the room
• Emergency override of access rights– Manual HVAC controls disabled by fire alarm
![Page 11: ACE Use Cases & Design Patterns](https://reader033.vdocument.in/reader033/viewer/2022043013/626b7beae4674628b86023b5/html5/thumbnails/11.jpg)
13
Smart Metering
Base station
![Page 12: ACE Use Cases & Design Patterns](https://reader033.vdocument.in/reader033/viewer/2022043013/626b7beae4674628b86023b5/html5/thumbnails/12.jpg)
14
Smart Metering
• Meters ↔ base stations: wireless comm– Dense urban environment → very short range– Water & Gas meters battery powered
• Fixed base stations too expensive– Too many needed to cover all meters– “Hostile environment” (sabotage, tampering)
• Solution: “Drive-by metering”– Needs push message sequence
• Power meters are mains powered (duh!)– Can use more powerful comm → longer range– Other meters could piggyback on that
![Page 13: ACE Use Cases & Design Patterns](https://reader033.vdocument.in/reader033/viewer/2022043013/626b7beae4674628b86023b5/html5/thumbnails/13.jpg)
15
Thank you!
Questions/comments?