IETF Logo Mail Archive

Re: [Ace] Adoption of Low Latency Group Communication Security Work in ACE

Somaraju Abhinav <abhinav.somaraju@tridonic.com> Tue, 26 July 2016 16:28 UTC

Return-Path: <abhinav.somaraju@tridonic.com>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AFF2612D12D for <ace@ietfa.amsl.com>; Tue, 26 Jul 2016 09:28:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=zgrp.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Dhx8ZWFMAT9N for <ace@ietfa.amsl.com>; Tue, 26 Jul 2016 09:28:08 -0700 (PDT)
Received: from EUR01-HE1-obe.outbound.protection.outlook.com (mail-he1eur01on0099.outbound.protection.outlook.com [104.47.0.99]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A866012D125 for <ace@ietf.org>; Tue, 26 Jul 2016 09:28:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zgrp.onmicrosoft.com; s=selector1-tridonic-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=Zp9/sxlm9ASqPAzgZei2Cxg6fHf9nphTK0n+Fq8x81E=; b=SemXZY0FiAt29t/KBibB9JokaeRkvaZVarQQa3TsfNw4o7BqIQp5eJldNATa4BoyHmGrgj9lQpqZRFuhd8iYG1KBnVFe1i2X/LpFnKY8oBKAv99BOSldHzNYrkpFdZBkBwAF+k9GO/mdhkdErjsCvCPsrfbb4jtD8sAnZmFuk/4=
Received: from DB6PR0601MB2198.eurprd06.prod.outlook.com (10.168.57.139) by DB6PR0601MB2197.eurprd06.prod.outlook.com (10.168.57.138) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.549.15; Tue, 26 Jul 2016 16:28:01 +0000
Received: from DB6PR0601MB2198.eurprd06.prod.outlook.com ([10.168.57.139]) by DB6PR0601MB2198.eurprd06.prod.outlook.com ([10.168.57.139]) with mapi id 15.01.0549.016; Tue, 26 Jul 2016 16:28:01 +0000
From: Somaraju Abhinav <abhinav.somaraju@tridonic.com>
To: Eliot Lear <lear@cisco.com>, Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>, "Kumar, Sandeep" <sandeep.kumar@philips.com>
Thread-Topic: [Ace] Adoption of Low Latency Group Communication Security Work in ACE
Thread-Index: AQHR51qt/n8I622G20qJJ3j/0zgcZg==
Content-Class: urn:content-classes:message
Date: Tue, 26 Jul 2016 16:28:01 +0000
Message-ID: <DB6PR0601MB2198E19E171D31AC00A9EDAAFC0E0@DB6PR0601MB2198.eurprd06.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=abhinav.somaraju@tridonic.com;
x-originating-ip: [89.144.209.237]
x-ms-office365-filtering-correlation-id: 655e895c-2a3f-43a1-7746-08d3b571d037
x-microsoft-exchange-diagnostics: 1; DB6PR0601MB2197; 6:BUGlTCMJ+Ec3G6I/Fka0ipWV2Na7Q36ZAsan2djIySleuI50Be0yGK/LYwGLgCZTS2o3HFBsAZzaSsnjg/3eGRSmbevOExvCQQ3chr4GX3LXDO8+vuZlRXzo5rcv+BLymMfnT7xhCu1BKAUe8PmdMERPTR75mTyOBW/LCAEDc7TiEKylLEpRI26cFdNtfv/YNFRaXHwy+BBMdBBGAdNiUDuzOadeEdRnjUOQxQSWaHzt06dN47x8NC+4Ujd7Qvhqzel90iTG1jeybSE3j9pWhqlMwwmIxOH+k/XIEJta7OECFBltsGMxRd9rAOURKHt5fawol0MKGN8ssG8MPl2ZIA==; 5:IJPhPK5dvYEnB5ESpKUUCre3cp/AjRLQ3tRiVgUzHQiYuT0Mmq0SPGIQAeJSq3/43AfNNE0SHw/Qtok2sPzjTpJohcsf9wm1whifBjnKJKi/WsWut6DHsTDZhIP9YjSnGwlAqon0GTwoi395cTqd8g==; 24:63dQ+9JFlauDoEiqBL1Olox8BlhGYpiu647rOdAgFewCgjxXiw6hhSjfDsoHTuExEWSkyBYSO9uIBGD72EBBtEFZb2PtKDFPRhErwsXGSMI=; 7:48LJWOCdcLjQPv3/Lhy+sHVdJOeZCZ2dLQSoOvXVMrut9OouyCzw+m/4FoYIjA2lVKQvVpFc7dYJc+jOYxf8xpd/AEPG4pDHvK9YQ3whrEDGWF3tKmHNEA/80DLxw+ZVDLzKPPXfDvHl0X31gy6Fj3rxCJQT3tlsvMBjAeDgFFgkZ5Cw71w4gWn2m+hwqAfvnxyEIWzt3DWxxIlQg8o+TX2DnXCfuP151PIxFMmLlsw1vth66yXQkiBm1ftYn+RB
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:DB6PR0601MB2197;
x-microsoft-antispam-prvs: <DB6PR0601MB2197109C099CA70274900FDAFC0E0@DB6PR0601MB2197.eurprd06.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(32856632585715)(68173958961439)(192374486261705)(95692535739014)(260087099026482);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(601004)(2401047)(8121501046)(5005006)(3002001)(10201501046)(6055026); SRVR:DB6PR0601MB2197; BCL:0; PCL:0; RULEID:; SRVR:DB6PR0601MB2197;
x-forefront-prvs: 00159D1518
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(979002)(7916002)(24454002)(199003)(377454003)(189002)(189998001)(68736007)(122556002)(74316002)(7846002)(10400500002)(81166006)(5003600100003)(5001770100001)(7696003)(81156014)(3900700001)(97736004)(9686002)(8666005)(11100500001)(5002640100001)(8936002)(15650500001)(7736002)(8676002)(3280700002)(19580395003)(19580405001)(76576001)(54356999)(33656002)(77096005)(106356001)(3846002)(87936001)(2900100001)(50986999)(105586002)(6116002)(16236675004)(66066001)(2906002)(4326007)(586003)(3660700001)(86362001)(102836003)(106116001)(5890100001)(101416001)(92566002)(35304002)(7059030)(969003)(989001)(999001)(1009001)(1019001); DIR:OUT; SFP:1102; SCL:1; SRVR:DB6PR0601MB2197; H:DB6PR0601MB2198.eurprd06.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
received-spf: None (protection.outlook.com: tridonic.com does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_DB6PR0601MB2198E19E171D31AC00A9EDAAFC0E0DB6PR0601MB2198_"
MIME-Version: 1.0
X-OriginatorOrg: tridonic.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 26 Jul 2016 16:28:01.5146 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 8b206608-a593-4ace-a4b6-ef1fc83c9169
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB6PR0601MB2197
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/ZqVayqlb8y35mBi48_2Vcx5DQ8g>
Cc: Stephen Farrell <stephen.farrell@cs.tcd.ie>, Michael StJohns <mstjohns@comcast.net>, Rene Struik <rstruik.ext@gmail.com>, "ace@ietf.org" <ace@ietf.org>
Subject: Re: [Ace] Adoption of Low Latency Group Communication Security Work in ACE
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 26 Jul 2016 16:28:10 -0000

Hi Eliot,
If you read the document, we introduce a scope in the AT-KDC and AT-R token which specifies what resources are accessible via the knowledge of the group key. The architecture ensures that the group key can only be used for authorized resources. This allows us to only use the group key to control light intensity resource and nothing else. Even on the luminaire, the group key cannot be used to access other information such as commissioning data.

Abhinav


Sent from my Windows Phone
________________________________
From: Eliot Lear<mailto:lear@cisco.com>
Sent: ‎26/‎07/‎2016 17:59
To: Kathleen Moriarty<mailto:kathleen.moriarty.ietf@gmail.com>; Kumar, Sandeep<mailto:sandeep.kumar@philips.com>
Cc: Somaraju Abhinav<mailto:abhinav.somaraju@tridonic.com>; ace@ietf.org<mailto:ace@ietf.org>; Rene Struik<mailto:rstruik.ext@gmail.com>; Michael StJohns<mailto:mstjohns@comcast.net>; Stephen Farrell<mailto:stephen.farrell@cs.tcd.ie>
Subject: Re: [Ace] Adoption of Low Latency Group Communication Security Work in ACE


Hi Kathleen,


On 7/26/16 4:52 PM, Kathleen Moriarty wrote:
What is the bigger threat model?

Lights turning on/off in large buildings could result in increased energy costs.
Lights turning on/off could result in safety issues (they could be extreme).

It's also a matter of changing colors, misappropriation of sensors, and perhaps more important: expropriation of the lighting systems to attack other systems.  Thus the concern over transitory trust, especially should these systems have multiple functions.

Eliot

________________________________________________________ The contents of this e-mail and any attachments are confidential to the intended recipient. They may not be disclosed to or used by or copied in any way by anyone other than the intended recipient. If this e-mail is received in error, please immediately notify the sender and delete the e-mail and attached documents. Please note that neither the sender nor the sender's company accept any responsibility for viruses and it is your responsibility to scan or otherwise check this e-mail and any attachments.

v2.23.0 | Report a Bug | By Email