RE: IOTDB: how granting access to value in a device? from Da Cruz Pinto, Marcelo on 2015-06-04 (public-web-of-things@w3.org from June 2015)

From: Da Cruz Pinto, Marcelo <marcelo.da.cruz.pinto@intel.com>
Date: Thu, 4 Jun 2015 18:48:03 +0000
To: David Janes <davidjanes@davidjanes.com>
CC: Joachim Lindborg <joachim.lindborg@sust.se>, public-web-of-. <public-web-of-things@w3.org>
Message-ID: <0A38A08BA24AFC4383E156B62EB027903CA14B91@fmsmsx101.amr.corp.intel.com>

Agree, that’s why I stated there are multiple ways of doing this. The good thing about REST APIs is that you can, theoretically, support several access control models at the same time (e.g., OAuth2 and UMA)

From: davidjanes@gmail.com [mailto:davidjanes@gmail.com] On Behalf Of David Janes
Sent: Wednesday, June 3, 2015 5:45 AM
To: Da Cruz Pinto, Marcelo
Cc: Joachim Lindborg; public-web-of-.
Subject: Re: IOTDB: how granting access to value in a device?

I think it's key that these things don't get baked in at too low a level or too early. There may be many different security models that people want to use. If the spec is done well, there'll be flexibility. That's not to say that you might now want to have a recommended security model, but picking that will require a lot of hands on experience.

D.

On Tue, Jun 2, 2015 at 6:10 PM, Da Cruz Pinto, Marcelo <marcelo.da.cruz.pinto@intel.com<mailto:marcelo.da.cruz.pinto@intel.com>> wrote:
There are actually a number of ways in which you can negotiate access and manage policy for device functionality (sensors and actuators), depending of the layer at which you want to establish the control. If we consider the scenario in which device functions are exposed via REST APIs (regardless on whether the APIs are cloud-hosted or exposed by devices directly), the UMA (User-Managed Access) protocol is a very good fit. We (Intel) published a small article on how UMA may be mapped to IoT devices here: https://kantarainitiative.org/confluence/display/uma/Case+Study%3A+IoT+-+Intelligent+Refrigerated+Shipping+Containers

From: Joachim Lindborg [mailto:joachim.lindborg@sust.se<mailto:joachim.lindborg@sust.se>]
Sent: Tuesday, June 2, 2015 1:31 PM
To: public-web-of-.
Subject: IOTDB: how granting access to value in a device?

How do I grant / block access to specific device values

one client can read the temperature another can take the picture

Is it the plan that all devices are fully published on internet? I wouldn't like to have my home exposed to internet.

Regards
Joachim Lindborg
CTO, systems architect

Sustainable Innovation  SUST.se<http://SUST.se>
Barnhusgatan 3 111 23 Stockholm
Email: Joachim.lindborg@sust.se<mailto:Joachim.lindborg@sust.se>
linkedin: http://www.linkedin.com/in/joachimlindborg

Tel +46 706-442270

Received on Thursday, 4 June 2015 18:49:14 UTC