SlideShare a Scribd company logo

Architecture authorization-constrained

Ahmed Sabeeh, profile picture
Ahmed Sabeeh

This document proposes an architecture for authorization in constrained environments. It defines three levels - constrained, less-constrained, and principal. The constrained level consists of clients and resource servers with limited capabilities. The less-constrained level includes client and authorization servers with more capabilities. The principal level defines resource owners and requesting parties. It also outlines protocols, authorization granularity levels, and tasks related to authorization and authentication in constrained networks.

Internet
1 of 63
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Department of Computer Science & Engineering, MNNIT Allahabad, Allahabad January 2, 2018
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Outline Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Constrained Nodes As described in [RFC7228] Constrained nodes are small devices with limited abilities which in many cases are made to fulfill a specific simple task. They have limited hardware resources such as processing power, memory, non-volatile storage and transmission ca- pacity and additionally in most cases do not have user interfaces and displays.
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Constrained Network As described in [RFC7228] A network where some of the characteristics pretty much taken for granted with link layers in common use in the internet at the time of writing are not attainable.
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Constrained Node Network As described in [RFC7228] A network whose characteristics are influenced by being composed of a significant portion of constrained nodes. A constrained-node network always is a constrained net- work.
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Objective The limitations of the constrained nodes needed for se- curity mechanisms which take the special characteristics of constrained environments into account. The required authorization-related tasks are identified as guidance for the development of authentication and au- thorization solutions for constrained environments.
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Terminology Resource (R): An item of interest which is represented through an interface. It might contain sensor or actuator values or other information. Actor: A logical functional entity that performs one or more tasks. Multiple Actors may be present within a single device or a single piece of software. Client (C) : An entity which attempts to access a Re- source on a RS. Resource Server (RS) : An entity which hosts and repre- sents a Resource. Principal: An individual that is either Requesting Party or Resource Owner or both.
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Terminology Resource Owner (RO): The Principal that is in charge of the Resource and controls its access permissions. Requesting Party (RqP): The Principal that is in charge of the Client and controls the requests a Client makes and its acceptance of responses. Authorization Server (AS): An entity that prepares and endorses authentication and authorization data for a Re- source Server. Client Authorization Server (CAS): An entity that pre- pares and endorses authentication and authorization data for a Client.
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Terminology Authorization Manager: An entity that prepares and en- dorses authentication and authorization data for a con- strained node. Authenticated Authorization: It ensures that authoriza- tion is applied to and made available for authenticated entities and that entities providing authentication ser- vices are authorized to do so for the specific authorization process at hand.
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Problem Statement Figure 1: Basic scenario Client wants to access Resource on a Resource Server. Client and Resource Server do not necessarily know each other and have no security relationship. Client and/or Resource Server are constrained.
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Problem Statement Security Objectives No entity not authorized by the Resource Owner has ac- cess to Resource. Client is exchanging information with a Resource only when it can ascertain that Requesting Party has autho- rized the exchange with Resource.
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Architecture The architecture consist of three level : Principal level - The level at which components are as- sumed to be functionally unconstrained. Less-Constrained Level - The level at which components can only fulfill a limited number of tasks. Constrained level - The level at which some functional constraints are assumed to apply to the components.
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Architecture Constrained Level Figure 2: Constrained Level
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Constrained Level Actors Client performs the following tasks: Securely transmit an access request. Validate that the Requesting Party authorization infor- mation allows Client to communicate with Resource Server as a server for Resource. Resource sever performs the following tasks: Communicate in a secure way which includes responses to access requests. Validate that the Resource Owner authorization informa- tion allows Resource Server to grant Client access to the requested Resource as requested.
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Principal Level Figure 3: Principal Level
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Principal Level Actors Requesting Party specifies security policies for Client. Resource Owner specifies authorization policies for Re- source and decides with whom Resource Server is allowed to communicate.
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Less-Constrained Level Figure 4: Overall Architecture
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Less-Constrained Level Actors Client Authorization Server performs the following tasks: Validate on the Client side that an entity has certain attributes. Obtain authorization information about an entity from Requesting Party and provide it to Client. Negotiate means for secure communication to communi- cate with Client.
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Less-Constrained Level Actors Authorization Server performs the following tasks: Validate on the server side that an entity has certain attributes. Obtain authorization information about an entity from Resource Owner and provide it to Resource Server . Negotiate means for secure communication to communi- cate with Resource Owner .
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Architecture variants The elements of the architecture are parts of a conceptual model and may be instantiated in various ways in practice. If Client is located on a more powerful device, it can be combined with Client Authorization Server.
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Architecture variants If Resource Server is located on a more powerful device, it can be combined with Authorization Server.
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Architecture Variants If Client and Resource Server have the same Principal then Client Authorization Server and Authorization Server can be combined.
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Information Flow Figure 5: Information flow that needs to be protected Here, less-constrained nodes, Client Authorization Server and Authorization Server, support the constrained nodes, Client and Resource Server, with control information. The message flow may pass unprotected paths and thus needs to be protected.
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Information Flow Problem Statement The interaction between potentially constrained endpoints is controlled by control information provided by less-constrained nodes on behalf of the Principals of the endpoints. The interaction between the endpoints needs to be se- cured, as well as the establishment of the necessary keys for securing the interaction, potentially end-to-end through intermediary nodes. The mechanism for transferring control information needs to be secured, potentially end-to-end through intermedi- ary nodes.
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Protocols A protocol is considered to be on the constrained level if it is used between the actors Client and Resource Server which are considered to be constrained and might belong to the different security level. Protocols on constraint level which are used for channel security are: Constrained Application Protocol (CoAP) Datagram Transport Layer Security Protocol (DTLS)
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Protocols Cross Level Support Protocols It refers to protocols that operate between a constrained device and its corresponding less-constrained device as cross-level support protocols. Less-Constrained Level Protocols A protocol is considered to be on the less-constrained level if it is used between the actors Client Authorization Server and Authorization Server.
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Authorization According to Security Glossary [RFC4949], Authorization is the function of specifying access rights or privileges to resources.
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Granularity Levels for Authorization Device Authorization : Different access permissions are granted to individual devices Owner Authorization : Individual owners are authorized Flat Authorization : All authenticated entities are implic- itly authorized and have the same access permissions Unrestricted Authorization : No authorization mecha- nism is used for accessing resources and all entities are able to access the item.
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Authorization Related Task The following problems related to authorization need to be addressed: Authorization Server needs to transfer authorization in- formation in defined format and encoding to Resource Server. Client Authorization Server needs to transfer authoriza- tion information in defined format and encoding to Client. Client and Resource Server need to be able to verify the authenticity of the authorization information they re- ceive.
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Authorization Related Task The Resource Server needs to enforce the authorization decisions of the Authorization Server, while Client needs to abide with the authorization decisions of the Client Authorization Server. The authorization information might require additional policy evaluation which is adapted by constrained nodes. For a particular authorization, authorization decision may need different authorization information at different times in different ways.
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Authentication According to Security Glossary [RFC4949], Authentication is the process of verifying a claim that a system entity or system resource has a certain attribute value.
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Authentication Related Task The following problems need to be addressed, when consider- ing authentication: Resource Server needs to authenticate Authorization Server, and Client needs to authenticate Client Authorization Server to ensure that the authorization information and related data comes from the correct source. Client Authorization Server and Authorization Server may need to authenticate each other, both to perform the re- quired business logic and to ensure that Client Autho- rization Server gets security information related to the resources from the right source.
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Authentication Related Task In some use cases Resource Server needs to authenticate some property of Client, in order to map it to the relevant authorization information. Client may need to authenticate Resource Server, in order to ensure that it is interacting with the right resources. . Client Authorization Server and Authorization Server need to authenticate their communication partner, in order to ensure it serves the correct device.
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Communication Security There are different alternatives to provide communication se- curity and the problem is to choose the optimal one. Session-based security Object security Hybrid security
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Session Based Security It offers security, including integrity and confidentiality protection, for the whole application layer exchange. It may not provide end-to-end security over multiple hops. It has expensive cost of handshake protocol for constrained devices especially in terms of memory and power con- sumption for message transmissions.
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Object Security Secure objects can be stored or cached in network nodes and provide security for a more flexible communication model such as publish/subscribe. A problem with object security is that it can not provide confidentiality for the message headers.
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Hybrid Security It uses both session-based security and object security. An example of hybrid security is where authorization in- formation and cryptographic keys are provided by secure data objects, but where the resource access is protected by session-based security.
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Cryptographic Keys Symmetric vs Asymmetric Keys Keys are required for protection of resource access and for protection of transport of authentication and autho- rization information. Devices can easily perform symmetric cryptography but deployment is difficult. Asymmetric cryptography considerably takes more time/battery but has benefits such as in terms of deployment.
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Cryptographic Keys Key Establishment : How are the corresponding cryptographic keys established? Revocation and Expiration : How are keys replaced and how is a key that has been compromised revoked in a manner that reaches all af- fected parties, also keeping in mind scenarios with inter- mittent connectivity?
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Assumptions and Requirements In this section we list a set of candidate assumptions and requirements to make the problem description more concise and precise. Many of these assumptions and requirements are target- ing specific solutions and not the architecture itself.
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Architecture The architecture needs to have following types of nodes Resource Server Client Authorization Server Client Authorization Server
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Constrained Devices Client and Resource Server are constrained nodes and the constraints may include: Unable to manage complex authorization policies Unable to manage a large number of secure connections Without user interface Without constant network connectivity Unable to precisely measure time Required to save on wireless communication due to high power consumption
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Constrained Devices Client Authorization Server and Authorization Server are not assumed to be constrained devices. All devices under consideration can process symmetric cryptography without incurring an excessive performance penalty. Public key cryptography requires additional Resources such as RAM, ROM, power, specialized hardware. A DTLS handshake involves significant computation, com- munication, and memory overheads in the context of con- strained devices.
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Authentication Resource sever needs to authenticate Authorization Server Client needs to authenticate Client Authorization Server Depending on use case and authorization requirements nodes may need to authenticate messages from each other.
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Server-Side Authorization Resource sever enforces authorization for access to a Re- source based on credentials presented by Client, the re- quested Resource, the REST method, and local context in Resource Sever at the time of the request, or on any subset of this information. The credentials presented by Client may have been pro- vided by Client Authorization Server. The underlying authorization decision is taken either by Authorization Server or Resource Server.
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Server-side Authentication The authorization decision is enforced by Resource Server. Resource Server needs to have authorization information in order to verify that Client is allowed to access the Resource as requested. Resource sever needs to make sure that it provides Re- source access only to authorized Clients. Authorization may also be required for access to infor- mation about a Resource The solution may need to be able to support the delega- tion of access rights.
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Client-Side Authorization Information Client enforces Client-side authorization by protecting its requests to Resource Server and by authenticating results from Resource Server It uses decisions, policies and keying material provided by Client Authorization Server.
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Server-Side Authorization Information Authorization information is transferred from Authoriza- tion Server to Resource Sever using Agent, Push or Pull mechanisms. Resource sever needs to authenticate that the authoriza- tion information is coming from Authorization Server. The authorization information may also be encrypted end-to-end between Authorization Server and Resource Sever. The architecture supports the case where Resource Sever may not be able to communicate with Authorization Server at the time of the request from Client.
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Server-side Authorization Information Resource Sever may store or cache authorization infor- mation. Authorization information may be pre-configured in Re- source Server. Authorization information stored or cached in Resource Sever can be changed which is subject to authorization.
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Server-Side Authorization Information Authorization policies stored on Resource Sever may be handled as a Resource. There may be mechanisms for Client to look up the Au- thorization Server which provides authorization informa- tion about a particular Resource.
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Resource Access Resources are accessed in a RESTful manner using meth- ods such as GET, PUT, POST, DELETE. By default, the Resource request needs to be integrity protected and may be encrypted end-to-end from Client to Resource Server and vice versa. Resource Sever/Client needs to be able to verify that the request comes from an authorized Client/authorized Resource Server.
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Keys and Cipher Suites A constrained node and its Authorization Manager have established cryptographic keys. The transfer of authorization information is protected with symmetric and/or asymmetric keys. The access request/response can be protected with sym- metric and/or asymmetric keys.
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Keys and Cipher Suites There must be a mechanism for Resource Server to estab- lish the necessary key(s) to verify and decrypt the request and to protect the response. There must be a mechanism for Client to establish the necessary key(s) to protect the request and to verify and decrypt the response. There must be a mechanism for Client to obtain the sup- ported cipher suites of a Resource Server.
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Network Considerations A solution will need to consider network overload due to avoidable communication of a constrained node with its Authorization Manager. A solution will need to consider network overload by com- pact authorization information representation. A solution may want to optimize the case where autho- rization information does not change often. A solution may consider support for an efficient mecha- nism for providing authorization information to multiple Resource Servers.
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Legacy Considerations A solution may consider interworking with existing infras- tructure. A solution may consider supporting authorization of ac- cess to legacy devices.
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Security Considerations Physical Attacks on Sensor and Actuator Networks: Unauthorized access to data, including eavesdropping and manipulation of data. Denial-of-service making the sensor/actuator unable to perform its intended task correctly. Instead of eavesdropping the sensor data or attacking the authorization system to gain access to the data, the at- tacker cloud make its own measurements on the physical object. Instead of manipulating the sensor data, the attacker could change the physical object or perform unauthorized action directly on the physical object.
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Clocks and Time Measurements Some applications may require a device to be aware of the wall-clock time Security mechanism is required for those devices so that it can be determine whether a pubic key certificate, access token or some assertion is valid. Dynamic authorization is suitable for such devices which has the ability to handle expiry or revocation of autho- rization decisions or to distinguish new authorization de- cisions from old.
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References References I [1] Carsten Bormann, Mehmet Ersue, and Ari Kernen. Terminology for Constrained-Node Networks. RFC 7228, May 2014. [2] Roy T. Fielding and Julian Reschke. Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing. RFC 7230, June 2014. [3] Roy T. Fielding and Julian Reschke. Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content. RFC 7231, June 2014.
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References References II [4] Oscar Garcia-Morchon, Sandeep Kumar, and Mohit Sethi. State-of-the-Art and Challenges for the Internet of Things Security. Internet-Draft draft-irtf-t2trg-iot-seccons-09, Internet Engineering Task Force, December 2017. Work in Progress. [5] Stefanie Gerdes. Authorization-Related Tasks in Constrained Environments. Internet-Draft draft-gerdes-ace-tasks-00, Internet Engineering Task Force, September 2015. Work in Progress.
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References References III [6] Thomas Hardjono, Eve Maler, Maciej Machulak, and Domenico Catalano. User-Managed Access (UMA) Profile of OAuth 2.0. Internet-Draft draft-hardjono-oauth-umacore-14, Internet Engineering Task Force, January 2016. Work in Progress. [7] Dick Hardt. The OAuth 2.0 Authorization Framework. RFC 6749, October 2012. [8] R. Hummen, H. Shafagh, S. Raza, T. Voig, and K. Wehrle. Delegation-based authentication and authorization for the ip-based internet of things. In 2014 Eleventh Annual IEEE International Conference on Sensing, Communication, and Networking (SECON), pages 284–292, June 2014.
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References References IV [9] Michael Koster, Ari Kernen, and Jaime Jimenez. Publish-Subscribe Broker for the Constrained Application Protocol (CoAP). Internet-Draft draft-ietf-core-coap-pubsub-02, Internet Engineering Task Force, July 2017. Work in Progress. [10] Dr. Clifford Neuman, Sam D. Hartman, Kenneth Raeburn, and Tom Yu. The Kerberos Network Authentication Service (V5). RFC 4120, July 2005. [11] Eric Rescorla and Tim Dierks. The Transport Layer Security (TLS) Protocol Version 1.2. RFC 5246, August 2008.
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References References V [12] Eric Rescorla and Nagendra Modadugu. Datagram Transport Layer Security Version 1.2. RFC 6347, January 2012. [13] Ludwig Seitz, Stefanie Gerdes, Gran Selander, Mehdi Mani, and Sandeep Kumar. Use Cases for Authentication and Authorization in Constrained Environments. RFC 7744, January 2016. [14] Gran Selander, John Mattsson, Francesca Palombini, and Ludwig Seitz. Object Security for Constrained RESTful Environments (OSCORE). Internet-Draft draft-ietf-core-object-security-07, Internet Engineering Task Force, November 2017. Work in Progress.
An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References References VI [15] Zach Shelby, Klaus Hartke, and Carsten Bormann. The Constrained Application Protocol (CoAP). RFC 7252, June 2014. [16] Robert W. Shirey. Internet Security Glossary, Version 2. RFC 4949, August 2007. [17] David Spence, George Gross, Cees de Laat, Stephen Farrell, Leon HM Gommans, Pat R. Calhoun, Matt Holdrege, Betty W. de Bruijn, and John Vollbrecht. AAA Authorization Framework. RFC 2904, August 2000.

More Related Content

PPT
Privacy preserving secure data exchange in mobile P2P
www.pixelsolutionbd.com
 
PDF
77201924
IJRAT
 
PDF
Password-Authenticated Key Exchange Scheme Using Chaotic Maps towards a New A...
dbpublications
 
DOCX
Identity based proxy-oriented data uploading and remote data integrity checki...
Finalyearprojects Toall
 
DOC
documentation for identity based secure distrbuted data storage schemes
Sahithi Naraparaju
 
PDF
IRJET- A Novel and Secure Approach to Control and Access Data in Cloud St...
IRJET Journal
 
PDF
Identity based proxy-oriented data uploading and remote data integrity checki...
Shakas Technologies
 
PPTX
Access Control for Linked Data: Past, Present and Future
Sabrina Kirrane
 
Privacy preserving secure data exchange in mobile P2P
www.pixelsolutionbd.com
 
77201924
IJRAT
 
Password-Authenticated Key Exchange Scheme Using Chaotic Maps towards a New A...
dbpublications
 
Identity based proxy-oriented data uploading and remote data integrity checki...
Finalyearprojects Toall
 
documentation for identity based secure distrbuted data storage schemes
Sahithi Naraparaju
 
IRJET- A Novel and Secure Approach to Control and Access Data in Cloud St...
IRJET Journal
 
Identity based proxy-oriented data uploading and remote data integrity checki...
Shakas Technologies
 
Access Control for Linked Data: Past, Present and Future
Sabrina Kirrane
 

What's hot (19)

PDF
IDENTITY-BASED PROXY-ORIENTED DATA UPLOADING AND REMOTE DATA INTEGRITY CHECKI...
Nexgen Technology
 
PDF
Ijcatr04051007
Editor IJCATR
 
PPT
Authorization Policy in a PKI Environment Mary Thompson Srilekha Mudumbai A...
Information Security Awareness Group
 
PDF
317c0cdb 81da-40f9-84f2-1c5fba2f4b2d
P2PSystem
 
PPT
Acupulco cda access (2)
eyetech
 
PDF
An Improved Integrated Hash and Attributed based Encryption Model on High Dim...
IJECEIAES
 
PDF
Identity based encryption with outsourced revocation in cloud computing
Pvrtechnologies Nellore
 
PDF
iaetsd Robots in oil and gas refineries
Iaetsd Iaetsd
 
PDF
Cryptographic Countermeasure Against Prevention Of Dos and Distributed DOS A...
IRJET Journal
 
PDF
IRJET - Efficient and Verifiable Queries over Encrypted Data in Cloud
IRJET Journal
 
PDF
Circuit Ciphertext-policy Attribute-based Hybrid Encryption with Verifiable D...
1crore projects
 
PDF
Identity based encryption with cloud revocation authority and its applications
Shakas Technologies
 
PDF
Design an active verification mechanism for certificates revocation in OCSP f...
IJECEIAES
 
PPTX
Attributes based encryption with verifiable outsourced decryption
KaashivInfoTech Company
 
PDF
Improving Efficiency of Security in Multi-Cloud
IJTET Journal
 
PPTX
Sabrina Kirrane INSIGHT Viva Presentation
Sabrina Kirrane
 
PDF
Identity-Based Distributed Provable Data Possession in Multicloud Storage
1crore projects
 
PDF
PROVABLE DATA PROCESSING (PDP) A MODEL FOR CLIENT'S SECURED DATA ON CLOUD
Journal For Research
 
PDF
IRJET- Efficient Traceable Authorization Search System for Secure Cloud Storage
IRJET Journal
 
IDENTITY-BASED PROXY-ORIENTED DATA UPLOADING AND REMOTE DATA INTEGRITY CHECKI...
Nexgen Technology
 
Ijcatr04051007
Editor IJCATR
 
Authorization Policy in a PKI Environment Mary Thompson Srilekha Mudumbai A...
Information Security Awareness Group
 
317c0cdb 81da-40f9-84f2-1c5fba2f4b2d
P2PSystem
 
Acupulco cda access (2)
eyetech
 
An Improved Integrated Hash and Attributed based Encryption Model on High Dim...
IJECEIAES
 
Identity based encryption with outsourced revocation in cloud computing
Pvrtechnologies Nellore
 
iaetsd Robots in oil and gas refineries
Iaetsd Iaetsd
 
Cryptographic Countermeasure Against Prevention Of Dos and Distributed DOS A...
IRJET Journal
 
IRJET - Efficient and Verifiable Queries over Encrypted Data in Cloud
IRJET Journal
 
Circuit Ciphertext-policy Attribute-based Hybrid Encryption with Verifiable D...
1crore projects
 
Identity based encryption with cloud revocation authority and its applications
Shakas Technologies
 
Design an active verification mechanism for certificates revocation in OCSP f...
IJECEIAES
 
Attributes based encryption with verifiable outsourced decryption
KaashivInfoTech Company
 
Improving Efficiency of Security in Multi-Cloud
IJTET Journal
 
Sabrina Kirrane INSIGHT Viva Presentation
Sabrina Kirrane
 
Identity-Based Distributed Provable Data Possession in Multicloud Storage
1crore projects
 
PROVABLE DATA PROCESSING (PDP) A MODEL FOR CLIENT'S SECURED DATA ON CLOUD
Journal For Research
 
IRJET- Efficient Traceable Authorization Search System for Secure Cloud Storage
IRJET Journal
 
Ad

Similar to Architecture authorization-constrained (20)

ODP
RESTful Web Services
Imran M Yousuf
 
PPTX
About HTTP and REST
Maggie Georgieva
 
PDF
ROC for Adaptive Systems
Tom Mueck
 
PPTX
API Security in a Microservice Architecture
Matt McLarty
 
PPTX
REST & RESTful APIs: The State of Confusion
Glenn Antoine
 
PDF
Securing FIWARE Architectures
FIWARE
 
PDF
Privacy protection for role based access control in service oriented architec...
IJNSA Journal
 
PDF
PRIVACY PROTECTION FOR ROLE-BASED ACCESS CONTROL IN SERVICE ORIENTED ARCHITEC...
IJNSA Journal
 
PPTX
Rest surekha
Surekha Achanta
 
PDF
Novelties in Java EE 7: JAX-RS 2.0 + IPT REST HATEOAS Polling Demo @ BGOUG Co...
Trayan Iliev
 
PDF
A Deep Dive into REST API Framework Survey
IRJET Journal
 
PDF
Rest API Automation with REST Assured
TO THE NEW Pvt. Ltd.
 
DOC
Combining efficiency, fidelity, and flexibility in resource information services
Pvrtechnologies Nellore
 
PPTX
Svcc services presentation (Silicon Valley code camp 2011)
Jen Wong
 
PDF
AAA Protocol
Netwax Lab
 
PDF
Survey on Restful Web Services Using Open Authorization (Oauth)I01545356
IOSR Journals
 
PDF
Full Stack Developer Interview Questions (1).pdf
Chithra s
 
PDF
Full-Stack-Interview-Questions-and-Answers.pdf
cssweetyrajakumarim
 
PPTX
MODULE 1-1.4 LOGICAL DESIGN OF IOT.pptx FUNDAMENTALS AND DESIGN METHODOLOGY O...
karthikeyini121
 
PPTX
Building enterprise web applications with spring 3
Abdelmonaim Remani
 
RESTful Web Services
Imran M Yousuf
 
About HTTP and REST
Maggie Georgieva
 
ROC for Adaptive Systems
Tom Mueck
 
API Security in a Microservice Architecture
Matt McLarty
 
REST & RESTful APIs: The State of Confusion
Glenn Antoine
 
Securing FIWARE Architectures
FIWARE
 
Privacy protection for role based access control in service oriented architec...
IJNSA Journal
 
PRIVACY PROTECTION FOR ROLE-BASED ACCESS CONTROL IN SERVICE ORIENTED ARCHITEC...
IJNSA Journal
 
Rest surekha
Surekha Achanta
 
Novelties in Java EE 7: JAX-RS 2.0 + IPT REST HATEOAS Polling Demo @ BGOUG Co...
Trayan Iliev
 
A Deep Dive into REST API Framework Survey
IRJET Journal
 
Rest API Automation with REST Assured
TO THE NEW Pvt. Ltd.
 
Combining efficiency, fidelity, and flexibility in resource information services
Pvrtechnologies Nellore
 
Svcc services presentation (Silicon Valley code camp 2011)
Jen Wong
 
AAA Protocol
Netwax Lab
 
Survey on Restful Web Services Using Open Authorization (Oauth)I01545356
IOSR Journals
 
Full Stack Developer Interview Questions (1).pdf
Chithra s
 
Full-Stack-Interview-Questions-and-Answers.pdf
cssweetyrajakumarim
 
MODULE 1-1.4 LOGICAL DESIGN OF IOT.pptx FUNDAMENTALS AND DESIGN METHODOLOGY O...
karthikeyini121
 
Building enterprise web applications with spring 3
Abdelmonaim Remani
 
Ad

Recently uploaded (20)

PPT
FIRE PREVENTION AND CONTROL PLAN- LUS.FM.MQ.OM.UTM.PLN.00014.ppt
MelwinPaul6
 
PPTX
artificialintelligenceai1-copy-210604123353.pptx
b45r14
 
PPT
415456121-Jiwratrwecdtwfdsfwgdwedvwe dbwsdjsadca-EVN.ppt
woldemariamworku2
 
PDF
Lean-Manufacturing-Tools-Techniques-and-How-To-Use-Them.pdf
Turreteng
 
PDF
simpleintnettestmetiaerl for the simple testint
sherlockholmes10009
 
PDF
Alethe Consulting Corporate Profile and Solution Aproach
debashisrakshit2025
 
PPTX
t_and_OpenAI_Combined_two_pressentations
wuvjwfnaadbnzelauy
 
PPTX
APNIC Report, presented at APAN 60 by Thy Boskovic
APNIC
 
PPTX
The-Importance-of-School-Sanitation.pptx
shinjanmandal111
 
PDF
Exploring VPS Hosting Trends for SMBs in 2025
Liquid Web
 
PDF
Smart Home Technology for Health Monitoring (www.kiu.ac.ug)
publication11
 
PPTX
1402_iCSC_-_RESTful_Web_APIs_--_Josef_Hammer.pptx
mwnorman1
 
PDF
Introduction to the IoT system, how the IoT system works
TinBinh
 
PDF
Understand the Gitlab_presentation_task.pdf
ruhinisiyara
 
PPTX
Mathew Digital SEO Checklist Guidlines 2025
Mathew Digital
 
PDF
📍 LABUAN4D EXCLUSIVE SERVER STAR GAMING ASIA NO.1 TERPOPULER DI INDONESIA ! 🌟
alexiskandar061
 
PDF
SlidesGDGoCxRAIS about Google Dialogflow and NotebookLM.pdf
minhtrietgect
 
PPT
250152213-Excitation-SystemWERRT (1).ppt
woldemariamworku2
 
PDF
Uptota Investor Deck - Where Africa Meets Blockchain
jjc123linkedin
 
PPT
isotopes_sddsadsaadasdasdasdasdsa1213.ppt
Kenneth James Alamillo
 
FIRE PREVENTION AND CONTROL PLAN- LUS.FM.MQ.OM.UTM.PLN.00014.ppt
MelwinPaul6
 
artificialintelligenceai1-copy-210604123353.pptx
b45r14
 
415456121-Jiwratrwecdtwfdsfwgdwedvwe dbwsdjsadca-EVN.ppt
woldemariamworku2
 
Lean-Manufacturing-Tools-Techniques-and-How-To-Use-Them.pdf
Turreteng
 
simpleintnettestmetiaerl for the simple testint
sherlockholmes10009
 
Alethe Consulting Corporate Profile and Solution Aproach
debashisrakshit2025
 
t_and_OpenAI_Combined_two_pressentations
wuvjwfnaadbnzelauy
 
APNIC Report, presented at APAN 60 by Thy Boskovic
APNIC
 
The-Importance-of-School-Sanitation.pptx
shinjanmandal111
 
Exploring VPS Hosting Trends for SMBs in 2025
Liquid Web
 
Smart Home Technology for Health Monitoring (www.kiu.ac.ug)
publication11
 
1402_iCSC_-_RESTful_Web_APIs_--_Josef_Hammer.pptx
mwnorman1
 
Introduction to the IoT system, how the IoT system works
TinBinh
 
Understand the Gitlab_presentation_task.pdf
ruhinisiyara
 
Mathew Digital SEO Checklist Guidlines 2025
Mathew Digital
 
📍 LABUAN4D EXCLUSIVE SERVER STAR GAMING ASIA NO.1 TERPOPULER DI INDONESIA ! 🌟
alexiskandar061
 
SlidesGDGoCxRAIS about Google Dialogflow and NotebookLM.pdf
minhtrietgect
 
250152213-Excitation-SystemWERRT (1).ppt
woldemariamworku2
 
Uptota Investor Deck - Where Africa Meets Blockchain
jjc123linkedin
 
isotopes_sddsadsaadasdasdasdasdsa1213.ppt
Kenneth James Alamillo
 

Architecture authorization-constrained

  • 1. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Department of Computer Science & Engineering, MNNIT Allahabad, Allahabad January 2, 2018
  • 2. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Outline Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References
  • 3. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Constrained Nodes As described in [RFC7228] Constrained nodes are small devices with limited abilities which in many cases are made to fulfill a specific simple task. They have limited hardware resources such as processing power, memory, non-volatile storage and transmission ca- pacity and additionally in most cases do not have user interfaces and displays.
  • 4. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Constrained Network As described in [RFC7228] A network where some of the characteristics pretty much taken for granted with link layers in common use in the internet at the time of writing are not attainable.
  • 5. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Constrained Node Network As described in [RFC7228] A network whose characteristics are influenced by being composed of a significant portion of constrained nodes. A constrained-node network always is a constrained net- work.
  • 6. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Objective The limitations of the constrained nodes needed for se- curity mechanisms which take the special characteristics of constrained environments into account. The required authorization-related tasks are identified as guidance for the development of authentication and au- thorization solutions for constrained environments.
  • 7. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Terminology Resource (R): An item of interest which is represented through an interface. It might contain sensor or actuator values or other information. Actor: A logical functional entity that performs one or more tasks. Multiple Actors may be present within a single device or a single piece of software. Client (C) : An entity which attempts to access a Re- source on a RS. Resource Server (RS) : An entity which hosts and repre- sents a Resource. Principal: An individual that is either Requesting Party or Resource Owner or both.
  • 8. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Terminology Resource Owner (RO): The Principal that is in charge of the Resource and controls its access permissions. Requesting Party (RqP): The Principal that is in charge of the Client and controls the requests a Client makes and its acceptance of responses. Authorization Server (AS): An entity that prepares and endorses authentication and authorization data for a Re- source Server. Client Authorization Server (CAS): An entity that pre- pares and endorses authentication and authorization data for a Client.
  • 9. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Terminology Authorization Manager: An entity that prepares and en- dorses authentication and authorization data for a con- strained node. Authenticated Authorization: It ensures that authoriza- tion is applied to and made available for authenticated entities and that entities providing authentication ser- vices are authorized to do so for the specific authorization process at hand.
  • 10. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Problem Statement Figure 1: Basic scenario Client wants to access Resource on a Resource Server. Client and Resource Server do not necessarily know each other and have no security relationship. Client and/or Resource Server are constrained.
  • 11. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Problem Statement Security Objectives No entity not authorized by the Resource Owner has ac- cess to Resource. Client is exchanging information with a Resource only when it can ascertain that Requesting Party has autho- rized the exchange with Resource.
  • 12. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Architecture The architecture consist of three level : Principal level - The level at which components are as- sumed to be functionally unconstrained. Less-Constrained Level - The level at which components can only fulfill a limited number of tasks. Constrained level - The level at which some functional constraints are assumed to apply to the components.
  • 13. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Architecture Constrained Level Figure 2: Constrained Level
  • 14. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Constrained Level Actors Client performs the following tasks: Securely transmit an access request. Validate that the Requesting Party authorization infor- mation allows Client to communicate with Resource Server as a server for Resource. Resource sever performs the following tasks: Communicate in a secure way which includes responses to access requests. Validate that the Resource Owner authorization informa- tion allows Resource Server to grant Client access to the requested Resource as requested.
  • 15. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Principal Level Figure 3: Principal Level
  • 16. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Principal Level Actors Requesting Party specifies security policies for Client. Resource Owner specifies authorization policies for Re- source and decides with whom Resource Server is allowed to communicate.
  • 17. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Less-Constrained Level Figure 4: Overall Architecture
  • 18. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Less-Constrained Level Actors Client Authorization Server performs the following tasks: Validate on the Client side that an entity has certain attributes. Obtain authorization information about an entity from Requesting Party and provide it to Client. Negotiate means for secure communication to communi- cate with Client.
  • 19. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Less-Constrained Level Actors Authorization Server performs the following tasks: Validate on the server side that an entity has certain attributes. Obtain authorization information about an entity from Resource Owner and provide it to Resource Server . Negotiate means for secure communication to communi- cate with Resource Owner .
  • 20. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Architecture variants The elements of the architecture are parts of a conceptual model and may be instantiated in various ways in practice. If Client is located on a more powerful device, it can be combined with Client Authorization Server.
  • 21. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Architecture variants If Resource Server is located on a more powerful device, it can be combined with Authorization Server.
  • 22. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Architecture Variants If Client and Resource Server have the same Principal then Client Authorization Server and Authorization Server can be combined.
  • 23. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Information Flow Figure 5: Information flow that needs to be protected Here, less-constrained nodes, Client Authorization Server and Authorization Server, support the constrained nodes, Client and Resource Server, with control information. The message flow may pass unprotected paths and thus needs to be protected.
  • 24. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Information Flow Problem Statement The interaction between potentially constrained endpoints is controlled by control information provided by less-constrained nodes on behalf of the Principals of the endpoints. The interaction between the endpoints needs to be se- cured, as well as the establishment of the necessary keys for securing the interaction, potentially end-to-end through intermediary nodes. The mechanism for transferring control information needs to be secured, potentially end-to-end through intermedi- ary nodes.
  • 25. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Protocols A protocol is considered to be on the constrained level if it is used between the actors Client and Resource Server which are considered to be constrained and might belong to the different security level. Protocols on constraint level which are used for channel security are: Constrained Application Protocol (CoAP) Datagram Transport Layer Security Protocol (DTLS)
  • 26. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Protocols Cross Level Support Protocols It refers to protocols that operate between a constrained device and its corresponding less-constrained device as cross-level support protocols. Less-Constrained Level Protocols A protocol is considered to be on the less-constrained level if it is used between the actors Client Authorization Server and Authorization Server.
  • 27. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Authorization According to Security Glossary [RFC4949], Authorization is the function of specifying access rights or privileges to resources.
  • 28. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Granularity Levels for Authorization Device Authorization : Different access permissions are granted to individual devices Owner Authorization : Individual owners are authorized Flat Authorization : All authenticated entities are implic- itly authorized and have the same access permissions Unrestricted Authorization : No authorization mecha- nism is used for accessing resources and all entities are able to access the item.
  • 29. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Authorization Related Task The following problems related to authorization need to be addressed: Authorization Server needs to transfer authorization in- formation in defined format and encoding to Resource Server. Client Authorization Server needs to transfer authoriza- tion information in defined format and encoding to Client. Client and Resource Server need to be able to verify the authenticity of the authorization information they re- ceive.
  • 30. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Authorization Related Task The Resource Server needs to enforce the authorization decisions of the Authorization Server, while Client needs to abide with the authorization decisions of the Client Authorization Server. The authorization information might require additional policy evaluation which is adapted by constrained nodes. For a particular authorization, authorization decision may need different authorization information at different times in different ways.
  • 31. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Authentication According to Security Glossary [RFC4949], Authentication is the process of verifying a claim that a system entity or system resource has a certain attribute value.
  • 32. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Authentication Related Task The following problems need to be addressed, when consider- ing authentication: Resource Server needs to authenticate Authorization Server, and Client needs to authenticate Client Authorization Server to ensure that the authorization information and related data comes from the correct source. Client Authorization Server and Authorization Server may need to authenticate each other, both to perform the re- quired business logic and to ensure that Client Autho- rization Server gets security information related to the resources from the right source.
  • 33. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Authentication Related Task In some use cases Resource Server needs to authenticate some property of Client, in order to map it to the relevant authorization information. Client may need to authenticate Resource Server, in order to ensure that it is interacting with the right resources. . Client Authorization Server and Authorization Server need to authenticate their communication partner, in order to ensure it serves the correct device.
  • 34. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Communication Security There are different alternatives to provide communication se- curity and the problem is to choose the optimal one. Session-based security Object security Hybrid security
  • 35. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Session Based Security It offers security, including integrity and confidentiality protection, for the whole application layer exchange. It may not provide end-to-end security over multiple hops. It has expensive cost of handshake protocol for constrained devices especially in terms of memory and power con- sumption for message transmissions.
  • 36. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Object Security Secure objects can be stored or cached in network nodes and provide security for a more flexible communication model such as publish/subscribe. A problem with object security is that it can not provide confidentiality for the message headers.
  • 37. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Hybrid Security It uses both session-based security and object security. An example of hybrid security is where authorization in- formation and cryptographic keys are provided by secure data objects, but where the resource access is protected by session-based security.
  • 38. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Cryptographic Keys Symmetric vs Asymmetric Keys Keys are required for protection of resource access and for protection of transport of authentication and autho- rization information. Devices can easily perform symmetric cryptography but deployment is difficult. Asymmetric cryptography considerably takes more time/battery but has benefits such as in terms of deployment.
  • 39. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Cryptographic Keys Key Establishment : How are the corresponding cryptographic keys established? Revocation and Expiration : How are keys replaced and how is a key that has been compromised revoked in a manner that reaches all af- fected parties, also keeping in mind scenarios with inter- mittent connectivity?
  • 40. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Assumptions and Requirements In this section we list a set of candidate assumptions and requirements to make the problem description more concise and precise. Many of these assumptions and requirements are target- ing specific solutions and not the architecture itself.
  • 41. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Architecture The architecture needs to have following types of nodes Resource Server Client Authorization Server Client Authorization Server
  • 42. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Constrained Devices Client and Resource Server are constrained nodes and the constraints may include: Unable to manage complex authorization policies Unable to manage a large number of secure connections Without user interface Without constant network connectivity Unable to precisely measure time Required to save on wireless communication due to high power consumption
  • 43. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Constrained Devices Client Authorization Server and Authorization Server are not assumed to be constrained devices. All devices under consideration can process symmetric cryptography without incurring an excessive performance penalty. Public key cryptography requires additional Resources such as RAM, ROM, power, specialized hardware. A DTLS handshake involves significant computation, com- munication, and memory overheads in the context of con- strained devices.
  • 44. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Authentication Resource sever needs to authenticate Authorization Server Client needs to authenticate Client Authorization Server Depending on use case and authorization requirements nodes may need to authenticate messages from each other.
  • 45. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Server-Side Authorization Resource sever enforces authorization for access to a Re- source based on credentials presented by Client, the re- quested Resource, the REST method, and local context in Resource Sever at the time of the request, or on any subset of this information. The credentials presented by Client may have been pro- vided by Client Authorization Server. The underlying authorization decision is taken either by Authorization Server or Resource Server.
  • 46. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Server-side Authentication The authorization decision is enforced by Resource Server. Resource Server needs to have authorization information in order to verify that Client is allowed to access the Resource as requested. Resource sever needs to make sure that it provides Re- source access only to authorized Clients. Authorization may also be required for access to infor- mation about a Resource The solution may need to be able to support the delega- tion of access rights.
  • 47. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Client-Side Authorization Information Client enforces Client-side authorization by protecting its requests to Resource Server and by authenticating results from Resource Server It uses decisions, policies and keying material provided by Client Authorization Server.
  • 48. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Server-Side Authorization Information Authorization information is transferred from Authoriza- tion Server to Resource Sever using Agent, Push or Pull mechanisms. Resource sever needs to authenticate that the authoriza- tion information is coming from Authorization Server. The authorization information may also be encrypted end-to-end between Authorization Server and Resource Sever. The architecture supports the case where Resource Sever may not be able to communicate with Authorization Server at the time of the request from Client.
  • 49. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Server-side Authorization Information Resource Sever may store or cache authorization infor- mation. Authorization information may be pre-configured in Re- source Server. Authorization information stored or cached in Resource Sever can be changed which is subject to authorization.
  • 50. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Server-Side Authorization Information Authorization policies stored on Resource Sever may be handled as a Resource. There may be mechanisms for Client to look up the Au- thorization Server which provides authorization informa- tion about a particular Resource.
  • 51. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Resource Access Resources are accessed in a RESTful manner using meth- ods such as GET, PUT, POST, DELETE. By default, the Resource request needs to be integrity protected and may be encrypted end-to-end from Client to Resource Server and vice versa. Resource Sever/Client needs to be able to verify that the request comes from an authorized Client/authorized Resource Server.
  • 52. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Keys and Cipher Suites A constrained node and its Authorization Manager have established cryptographic keys. The transfer of authorization information is protected with symmetric and/or asymmetric keys. The access request/response can be protected with sym- metric and/or asymmetric keys.
  • 53. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Keys and Cipher Suites There must be a mechanism for Resource Server to estab- lish the necessary key(s) to verify and decrypt the request and to protect the response. There must be a mechanism for Client to establish the necessary key(s) to protect the request and to verify and decrypt the response. There must be a mechanism for Client to obtain the sup- ported cipher suites of a Resource Server.
  • 54. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Network Considerations A solution will need to consider network overload due to avoidable communication of a constrained node with its Authorization Manager. A solution will need to consider network overload by com- pact authorization information representation. A solution may want to optimize the case where autho- rization information does not change often. A solution may consider support for an efficient mecha- nism for providing authorization information to multiple Resource Servers.
  • 55. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Legacy Considerations A solution may consider interworking with existing infras- tructure. A solution may consider supporting authorization of ac- cess to legacy devices.
  • 56. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Security Considerations Physical Attacks on Sensor and Actuator Networks: Unauthorized access to data, including eavesdropping and manipulation of data. Denial-of-service making the sensor/actuator unable to perform its intended task correctly. Instead of eavesdropping the sensor data or attacking the authorization system to gain access to the data, the at- tacker cloud make its own measurements on the physical object. Instead of manipulating the sensor data, the attacker could change the physical object or perform unauthorized action directly on the physical object.
  • 57. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References Clocks and Time Measurements Some applications may require a device to be aware of the wall-clock time Security mechanism is required for those devices so that it can be determine whether a pubic key certificate, access token or some assertion is valid. Dynamic authorization is suitable for such devices which has the ability to handle expiry or revocation of autho- rization decisions or to distinguish new authorization de- cisions from old.
  • 58. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References References I [1] Carsten Bormann, Mehmet Ersue, and Ari Kernen. Terminology for Constrained-Node Networks. RFC 7228, May 2014. [2] Roy T. Fielding and Julian Reschke. Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing. RFC 7230, June 2014. [3] Roy T. Fielding and Julian Reschke. Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content. RFC 7231, June 2014.
  • 59. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References References II [4] Oscar Garcia-Morchon, Sandeep Kumar, and Mohit Sethi. State-of-the-Art and Challenges for the Internet of Things Security. Internet-Draft draft-irtf-t2trg-iot-seccons-09, Internet Engineering Task Force, December 2017. Work in Progress. [5] Stefanie Gerdes. Authorization-Related Tasks in Constrained Environments. Internet-Draft draft-gerdes-ace-tasks-00, Internet Engineering Task Force, September 2015. Work in Progress.
  • 60. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References References III [6] Thomas Hardjono, Eve Maler, Maciej Machulak, and Domenico Catalano. User-Managed Access (UMA) Profile of OAuth 2.0. Internet-Draft draft-hardjono-oauth-umacore-14, Internet Engineering Task Force, January 2016. Work in Progress. [7] Dick Hardt. The OAuth 2.0 Authorization Framework. RFC 6749, October 2012. [8] R. Hummen, H. Shafagh, S. Raza, T. Voig, and K. Wehrle. Delegation-based authentication and authorization for the ip-based internet of things. In 2014 Eleventh Annual IEEE International Conference on Sensing, Communication, and Networking (SECON), pages 284–292, June 2014.
  • 61. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References References IV [9] Michael Koster, Ari Kernen, and Jaime Jimenez. Publish-Subscribe Broker for the Constrained Application Protocol (CoAP). Internet-Draft draft-ietf-core-coap-pubsub-02, Internet Engineering Task Force, July 2017. Work in Progress. [10] Dr. Clifford Neuman, Sam D. Hartman, Kenneth Raeburn, and Tom Yu. The Kerberos Network Authentication Service (V5). RFC 4120, July 2005. [11] Eric Rescorla and Tim Dierks. The Transport Layer Security (TLS) Protocol Version 1.2. RFC 5246, August 2008.
  • 62. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References References V [12] Eric Rescorla and Nagendra Modadugu. Datagram Transport Layer Security Version 1.2. RFC 6347, January 2012. [13] Ludwig Seitz, Stefanie Gerdes, Gran Selander, Mehdi Mani, and Sandeep Kumar. Use Cases for Authentication and Authorization in Constrained Environments. RFC 7744, January 2016. [14] Gran Selander, John Mattsson, Francesca Palombini, and Ludwig Seitz. Object Security for Constrained RESTful Environments (OSCORE). Internet-Draft draft-ietf-core-object-security-07, Internet Engineering Task Force, November 2017. Work in Progress.
  • 63. An Architecture for Authorization in Constrained Environments Priya Kushwaha 2016IS17 Constrained Nodes Constrained Node Network Objective Terminology Problem Statement Architecture Protocols Related Task Assumptions and Requirements References References VI [15] Zach Shelby, Klaus Hartke, and Carsten Bormann. The Constrained Application Protocol (CoAP). RFC 7252, June 2014. [16] Robert W. Shirey. Internet Security Glossary, Version 2. RFC 4949, August 2007. [17] David Spence, George Gross, Cees de Laat, Stephen Farrell, Leon HM Gommans, Pat R. Calhoun, Matt Holdrege, Betty W. de Bruijn, and John Vollbrecht. AAA Authorization Framework. RFC 2904, August 2000.