IETF Logo Mail Archive

Re: [Ace] Next step for use case document

Göran Selander <goran.selander@ericsson.com> Mon, 29 September 2014 13:08 UTC

Return-Path: <goran.selander@ericsson.com>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5788C1A1BD7 for <ace@ietfa.amsl.com>; Mon, 29 Sep 2014 06:08:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.201
X-Spam-Level:
X-Spam-Status: No, score=-1.201 tagged_above=-999 required=5 tests=[BAYES_50=0.8, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id a_0vlYUjnoZY for <ace@ietfa.amsl.com>; Mon, 29 Sep 2014 06:08:33 -0700 (PDT)
Received: from sesbmg23.ericsson.net (sesbmg23.ericsson.net [193.180.251.37]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6CE6D1A1B85 for <ace@ietf.org>; Mon, 29 Sep 2014 06:08:31 -0700 (PDT)
X-AuditID: c1b4fb25-f791c6d00000617b-98-542959cdd2db
Received: from ESESSHC002.ericsson.se (Unknown_Domain [153.88.253.124]) by sesbmg23.ericsson.net (Symantec Mail Security) with SMTP id 3A.CF.24955.DC959245; Mon, 29 Sep 2014 15:08:29 +0200 (CEST)
Received: from ESESSMB303.ericsson.se ([169.254.3.188]) by ESESSHC002.ericsson.se ([153.88.183.24]) with mapi id 14.03.0174.001; Mon, 29 Sep 2014 15:08:28 +0200
From: Göran Selander <goran.selander@ericsson.com>
To: Likepeng <likepeng@huawei.com>, Hannes Tschofenig <hannes.tschofenig@gmx.net>, "ace@ietf.org" <ace@ietf.org>
Thread-Topic: [Ace] Next step for use case document
Thread-Index: AQHP2+Z2zMYxzyxQtE+FAIirW36spQ==
Date: Mon, 29 Sep 2014 13:08:28 +0000
Message-ID: <D04EDD20.185CB%goran.selander@ericsson.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.4.3.140616
x-originating-ip: [153.88.183.19]
Content-Type: text/plain; charset="iso-8859-1"
Content-ID: <7A9B5148E951F040B35AD8F03AF64868@ericsson.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFvrOLMWRmVeSWpSXmKPExsUyM+Jvje7ZSM0Qgx8TVCy+f+thtli68x6r xZ7DTcwOzB6LN+1n82g58pbVY8mSn0wBzFFcNimpOZllqUX6dglcGSdaPrIWdBpVNLz4w9zA +Eqji5GTQ0LARGLTvnfMELaYxIV769m6GLk4hASOMkq0L53ACOEsYZT4tGMTI0gVm4CrxIEH 75hAbBGBIok5516wdDFycAgLGEm8OSUCETaWaDi4kB3C1pPYtmsfC4jNIqAq0TzhCtgyXgEL icUTOsBqGIEWfz+1Bmwks4C4xK0n85kgDhKQWLLnPNRxohIvH/9jBbFFgWZ+mnIOqkZRov1p AyNEr57EjalT2CBsa4nOrsdQM7Ulli18DbVXUOLkzCcsExhFZyFZNwtJ+ywk7bOQtM9C0r6A kXUVo2hxanFSbrqRsV5qUWZycXF+nl5easkmRmBMHdzyW3UH4+U3jocYBTgYlXh4FfZqhAix JpYVV+YeYpTmYFES5114bl6wkEB6YklqdmpqQWpRfFFpTmrxIUYmDk6pBkYzhUly+T3OBjLX uld/q55R+WxZ9NED1+xN3wuqh7So5Kp0a4oURAl8k/8WvUNh/pRd3+6GBRzMdzrDPkcl5lvX Yf0JPrYd57I6nTZs8tHX5BNiN+xqlLY6sW+2Om/rnqOGwgHu1eKd0e8+bWhr1ylum5neeo9r b4iElOF+z/+BSWI3rW8kKrEUZyQaajEXFScCAANmyDiKAgAA
Archived-At: http://mailarchive.ietf.org/arch/msg/ace/1hfljA26Kgh9hnRljNWsPWmEr5Y
Subject: Re: [Ace] Next step for use case document
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 29 Sep 2014 13:08:35 -0000

Dear WG chairs and all,


Please find below some further suggestions for content of the use case
document. Apologies for the lengthy mail.


I propose that some use case in the draft should highlight the need for a
solution that supports secure store and forward. Here are a set of use
cases supporting this, the first one is based on interviews with people
working with utilities. The others use cases show that this is not an
isolated example. (There is no need to include all use cases in the draft.)



Utility data collection
- - -
A utility company is updating its old utility distribution network with
advanced meters and new communication systems, known as an Advanced
Metering Infrastructure (AMI).  AMI refers to a system that measures,
collects and analyzes usage, and interacts with metering devices such as
electricity meters, gas meters, heat meters, and water meters, through
various communication media either on request (on-demand) or on
pre-defined schedules.  Based on this technology, new services make it
possible for consumers to control their utility consumption and reduce
costs by supporting new tariff models from utility companies, and more
accurate and timely billing.

The technical solution is based on levels of data aggregation between
³smart meters² located at the consumer premises and the Meter Data
Management (MDM) system located at the utility company.  Two possible
intermediate levels are:

- Head-End System (HES) which is hardware and software that receives the
stream of meter data and exposes an interface to the MDM.

- Data Collection (DC) units located in a local network communicating with
a number of smart meters and with a backhaul interface communicating with
the HES, e.g. using cellular communication.

For reasons of efficiency and cost end-to-end connectivity is not always
feasible, so metering data is stored in batches in DC for some time before
being forwarded to the HES, and in turn accessed by the MDM.  The HES and
the DC units may be operated by a third party service operator on behalf
of the utility company.  One responsibility of the service operator is to
make sure that meter readings are performed and delivered to the HES.  An
example of a Service Level Agreement between the service operator and the
utility company is e.g.  "at least 95 % of the meters have readings
recorded during the last 72 hours².


Security properties

The utility company wants to verify stored and forwarded metering data
with respect to authenticity, integrity and replay.

The utility company wants to configure utility meters securely: The
devices should be able to verify that a configuration request is
authorized, authentic, integrity and replay protected.

The utility company wants to be in control of access to plain text
metering data. Other parties may be allowed access but at the discretion
of the utility company. E.g. the service operator needs access during test
or error cases, or for calibrating units on replacement. In particular, it
should be possible to confidentiality protect the metering data between
smart meter and the utility company's network.

(There are also other desirable security properties, the ambition here is
not to be exhaustive but to highlight the need for end-to-end authorised
access. )



Actually, the drive-by metering use case (section 2.5.1) may require a
similar functionality:


Drive-by metering data collection
- - -
The meters communicate with a vehicle-attached base station, which drives
by and collects meter readings. The drive-by service could potentially be
operated by a third party collecting meter readings on behalf of one or
multiple utility companies, and should not have access to plain text meter
readings, or not be able to change the readings. Also in this case it may
be cost-efficient to upload the readings from the vehicle once the car
returns to the 3rd party premises, e.g. over WLAN. This means that the
readings need to be stored and later forwarded, and should be protected
end-to-end between smart meter and Meter-Data Management system in the
respective utility company network analogously to the previous use case.


There are other examples where it may be impossible or infeasible to
support end-to-end connectivity, e.g. in networks with sleepy devices, in
which case a publish-subscribe paradigm may be more natural.  Here we pick
another application of publish-subscribe:

Information Centric Networking (ICN)
- - -
ICN is a paradigm for data access, changing focus from current
host-centric network to an information-centric network.  In a host-centric
network, the basic idea is to create secure connections to hosts of
trusted providers of data.  In an information-centric network, on the
other hand, it is acceptable that any source (cache) should be equally
usable.  This requires some mechanism for making each information item
trustworthy by itself, which can be achieved for example by signing data.
In this case a consumer of an information object could prove its
authenticity by verifying the digital signature.  Applying ICN to the IoT
setting, sensor readings could be protected and stored in arbitrary
content nodes, not necessarily only in origin servers; device
configuration updates could be protected and stored in proxies, not
necessarily only in dedicated configuration servers.

Similar security properties apply as in the previous cases.



Göran



From:  Likepeng <likepeng@huawei.com>
Date:  Wednesday 24 September 2014 09:06
To:  "ace@ietf.org" <ace@ietf.org>
Subject:  [Ace] Next step for use case document


>Thanks all for the feedbacks to the use case document:
>http://datatracker.ietf.org/doc/draft-seitz-ace-usecases/
> 
>Hannes and I went through the feedbacks in the mailing list.
>
> 
>In summary, we feel that there is no consensus to adopt the current
>version of this document.
> 
>Considering that use case document is our charter item, and this is the
>only viable candidate, our plan is to ask authors to update the draft
>according to the received feedbacks so far and we will initiate another
>call-for-adoption
> for the new version.
> 
>Also, kindly remind you to contribute your texts to the use case document.
> 
>Thanks,
> 
>Kind Regards
>Kepeng & Hannes

v2.23.0 | Report a Bug | By Email