IETF ACE – Authentication & Authz for Internet of Things / Scenarios & Solutions
From IIW
IETC ACE Authentication & Authorization for Internet of Things
Tuesday 4C
Convener: Thomas, Eve, Erik, Hannes Notes-taker(s): Eve
Tags for the session - technology discussed/ideas considered:
Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:
The goals of the session were:
- Get feedback on this draft: http://tools.ietf.org/html/draft-maler-ace-oauth-uma-00 Hannes also presented this slide deck: http://www.ietf.org/proceedings/92/slides/slides-92-ace-9.pptx (Here is a supplementary IETF #92 presentation that talks about IoT architecture and security: http://www.tschofenig.priv.at/wp/?p=1084 )
- Interest people in getting involved in the IETF ACE (Authentication and Authorization for Constrained Environments) group: http://datatracker.ietf.org/wg/ace/charter/ (To this end, we collected the names and email addresses of nine people, and we'll be sharing them with each other and asking them to get involved.)
- Gather ideas for adapting OAuth and UMA for responding to the authorization challenges identified by the ACE group.
In the session, we discussed the following topics:
- Having access to multiple authorization servers is of interest. A cloud AS is desired for "sharing" functions, and a local AS is desired for "backup" and privacy functions.
- Local token introspection is of interest. However, if the resource owner has revoked access in the meantime, there may be "entitlement latency", which in some use cases could be a severe problem.
- "Fail open" scenarios are of more interest in IoT scenarios than web scenarios, which typically prize strong security. If a car dies on the highway because an access token has expired, it's a big problem!
- A system design view of challenges is especially important in IoT, where, e.g., physical security and life-and-limb considerations tend to come into play.
- The question of federated login comes up depending on use case. We examined a "door lock" scenario. If the person is an employee vs. a consumer, they will expect different login options.
- Thomas presented a new draft, "Fluffy": https://datatracker.ietf.org/doc/draft-hardjono-ace-fluffy/?include_text=1
This is a lighter-weight way of distributing keying material than Kerberos, which would be valuable in IoT scenarios.