iot時代のインターネット技術動向 -アプリケーションプロトコル編-

IoT

2016.4.20 ID

Copyright (C) 2016 Yahoo Japan Corporation. All Rights Reserved.

kura

ID /

OpenID ID

@kura_lab


1. IETF Areas / IRTF Research Groups

2. ace WGsec areaIETF95

3. core WGart areaIETF94

IETF Areas IRTF Research Groups


IETF Areasartgenintopsrtgsectsv

Applications and Real-Time Area

General Area

Internet Area

Operations and Management Area

Routing Area

Security Area

Transport Area



APP+RAI(Real-time Applications and Infrastructure)

WG

IPIPv4IPv6

DNS / IPv6 /



43 WGs

2 WGs

19 WGs

16 WGs

24 WGs

19 WGs

12 WGs2016.4



43 WGs

1 WGs

19 WGs

16 WGs

24 WGs

19 WGs

12 WGs2016.4

core WG

ace WG

IoT


IRTF Research GroupsIRTF (Internet Research Task Force)

Active 10 Groups

t2trg (Thing-to-Thing Research Group)

https://datatracker.ietf.org/rg/t2trg/documents/

https://datatracker.ietf.org/rg/t2trg/documents/

ace WG


ace WG (sec Area)Authentication and Authorizationfor Constrained Environments (ace)

IoTIoT


ace WG (sec Area)1. Use Cases for Authentication and Authorization

in Constrained Environments

ace WGIoT

2. An architecture for authorization in constrained environments

3. Authorization for the Internet of Things using OAuth 2.0

OAuth 2.0IoT


ace WG (sec Area)4. CBOR Web Token

JSONIoT

5. Security for Low-Latency Group Communication

IoT


Use CaseUse Cases for Authentication and Authorization in Constrained Environments[RFC7744]

20161RFC

https://tools.ietf.org/html/rfc7744

ace WGIoT



Use Case

201422RFC

https://datatracker.ietf.org/doc/rfc7744/

https://datatracker.ietf.org/doc/rfc7744/


CategoryInformational Standard Track


Use Case

REST

Client

M2M


Use CaseConstrained device

Terminology for Constrained-Node Networks




Use Case

CoAP (The Constrained Application Protocol)




Container Monitoring Bananas for Munich


Bananas for Munich Authorization Problem SummaryU1.1:

U1.2:

U1.3:


Bananas for Munich Authorization Problem SummaryU1.4:

U1.5:

U1.6:


Bananas for Munich Authorization Problem Summary

U1.7:

U1.8:


Bananas for Munich Authorization Problem Summary

U1.9:

U1.10:


Home Automation Controlling the Smart Home Infrastructure

HVACHeating, Ventilation, and Air Conditioning


Home Automation Controlling the Smart Home Infrastructure


Home Automation Seamless Authorization


Home Automation Remotely Letting in a Visitor


Home Automation Selling the House


Home Automation Authorization Problems SummaryU2.1:

U2.2:

U2.3:

U2.4:



U2.6:

U2.7:

U2.8:



U2.10:

U2.11:

U2.12:

U2.13:


Use Case

Personal Health Monitoring

Building Automation

Smart Metering

Sports and Entertainment

Industrial Control Systems


ActorsAn architecture for authorization in constrained environments [Active I-D]

https://www.ietf.org/proceedings/94/slides/slides-94-ace-2.pdf

https://tools.ietf.org/html/draft-ietf-ace-actors-03

https://www.ietf.org/proceedings/94/slides/slides-94-ace-2.pdfhttps://tools.ietf.org/html/draft-ietf-ace-actors-03


Actors

201452draft

OAuth


ActorsSingle-Domain with Single AS Cross-Domain with Single AS


ace WGACE Solutions [Expires soon]


draft-cuellar-ace-solutions-00

PAT Tokens(Privacy-Enhanced-Authorization-Tokens) [Expires soon]


https://www.ietf.org/proceedings/94/slides/slides-94-ace-6.pdfhttps://www.ietf.org/proceedings/94/slides/slides-94-ace-5.pdf

DCAF vs OAuth


DCAF vs OAuthDelegated Authenticated Authorization Framework (DCAF) [Expires soon]


DTLS



DCAF vs OAuthAuthorization using OAuth 2.0


ACRE(ace-core-authz)OAuth(ace-oauth-iot/introspection)draft

OAuth 2.0



Authorization for the Internet of Things using OAuth 2.0

Authorization for the Internet of Things using OAuth 2.0 [Active I-D]

https://tools.ietf.org/html/draft-ietf-ace-oauth-authz-01

DCAFOAuthOAuthOAuth

Authorization using OAuth 2.0draft

https://tools.ietf.org/html/draft-ietf-ace-oauth-authz-01


Authorization for the Internet of Things using OAuth 2.0

PSK(Pre-Shared Key)-based / RPK(Raw-Public Key)-based

no introspection

Resource ServerIoT)Token Introspection

CoAP based

Client->Authorization Server / Client->Resource Server

DTLS

CBOR/COSE token


CBOR Web TokenCBOR Web TokenCWT


https://tools.ietf.org/html/draft-wahlstroem-ace-cbor-web-token-00

ace WGCWTdraft

CBOR/COSEJSON Web TokenJSONIoT

https://www.ietf.org/proceedings/95/slides/slides-95-ace-1.pdfhttps://tools.ietf.org/html/draft-wahlstroem-ace-cbor-web-token-00


Security for Low-Latency Group Communication

Security for Low-Latency Group Communication

https://datatracker.ietf.org/doc/draft-somaraju-ace-multicast/

https://tools.ietf.org/html/draft-somaraju-ace-multicast-01

https://datatracker.ietf.org/doc/draft-somaraju-ace-multicast/https://tools.ietf.org/html/draft-somaraju-ace-multicast-01

core WG


core WG (art Area)

Constrained RESTful Environments (core)

RESTful

IoT


core WG (art Area)CoRE Resource Directory

draft-ietf-core-resource-directory-05.txt

Resource Directory(RD)M2M


core WG (art Area)A TCP and TLS Transport for the Constrained Application Protocol (CoAP)

draft-tschofenig-core-coap-tcp-tls-04.txt

CoAP over TCP / CoAP over TLS


core WG (art Area)Reusable Interface Definitions for Constrained RESTful Environments

draft-ietf-core-interfaces-04.txt

Content-FormatsLinksCollection TypesBinding methods(Polloing/Observe/Push)Interface


core WG (ART)Media Types for Sensor Markup Language (SenML)

draft-jennings-core-senml-02.txt

HTTPCoAPJSONCBORXMLEXI


core WG (ART)CoAP Management Interface(COMI)

draft-vanderstok-core-comi-08.txt

CoAPRESTCONF/YANGCBOR


core WG (ART)Patch Method for Constrained Application Protocol (CoAP)

draft-vanderstok-core-patch-02.txt

CoAP PUT method

CoAPmethodPATCHiPATCH


core WG (ART)CoAP FETCH Method

draft-bormann-core-coap-fetch-00.txt

CoAP methodFETCH

Constrained Objects Language

draft-veillette-core-cool-00


core WG (ART)Publish-Subscribe Broker for the Constrained Application Protocol (CoAP)

draft-koster-core-coap-pubsub-03

CoAPPub/Sub broker


1. IETF Areas / IRTF Research Groups

ace WGcore WGIoT

2. ace WGsec area

IoT

3. core WGart area

IoTRESTful