- From: Ulf Bjorkengren <ulfbjorkengren@geotab.com>
- Date: Wed, 27 May 2020 15:24:21 +0200
- To: public-automotive <public-automotive@w3.org>
- Message-ID: <CAHfMbK-mnRk=wBYkQrSe32t_jnd_dxkXfNaTVGsMkqb8J8kn+w@mail.gmail.com>
Hi, thinking about the access control task led me back to the thoughts of including RBAC in the model, which I think has a merit to it. As we stumbled onto some rabbit holes and other obstacles in our previous attempt, below you find an attempt to try to steer around these obstacles. I am not claiming that it is a complete model down to the lowest detail level, but maybe with some further thought it can enable the use of an RBAC model, which I think would be an improvement. ''i hope we can find a slot to discuss it in today's virtual f2f meeting. BR Ulf RBAC model with a “combi-role” definition. The combi-role consists of three role-components: User Application Device The following is the basic sets of defined roles for each component. User roles OEM (60) Dealer (50) Independent (40) Owner (30) Driver (20) Passenger (10) Undefined (0) Application OEM (12) Third party (6) Undefined (0) Device Vehicle (12) Nomadic (8) Cloud (4) Undefined (0) The combi-role is coded into a 16-bit integer where the 6 MSB are used to assign User roles, the 4 LSB are used to assign Device roles, and the 4 bits in between are used to assign Application roles. The values to represent each role component are shown within the parentheses above. So as an example the encoded combi-role value for User=OEM, Application=Third party, Device = Cloud would be: 60*256 + 6*16 + 4 = 15460 The negotiation for which combi-role that a requesting client is assigned is a part of the communication between the client and the AGT server. The client requests a combi-role, and depending on the request the server may subject the client to different authentication mechanisms, e. g. challenge-response, certificate verification, MAC address check, proximity check, etc. The combi-role can be used to map pre-defined access profiles to client requests for scope of access to the VSS tree. This may also be reflected in what parts of the VSS tree that is returned on a getmetadata request. The model supports additions of further combi-roles as there are many unused encoded values. This will work seamlessly in the local ecosystem, but is likely to be incompatible with other OEM ecosystems. This model supports both a hierarchical and non-hierarchical role model. The encoded combi-role values may be tied to nodes in the VSS tree as a means of declaring the access scope. -- Ulf Bjorkengren *Geotab* Senior Connectivity Strategist | Ph. D. Mobile +45 53562142 Visit www.geotab.com
Received on Wednesday, 27 May 2020 13:23:47 UTC