[Ace] New doc: draft-maler-ace-oauth-uma-00
Eve Maler <eve@xmlgrrl.com> Tue, 10 March 2015 17:53 UTC
Return-Path: <eve@xmlgrrl.com>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6EAAF1A0046 for <ace@ietfa.amsl.com>; Tue, 10 Mar 2015 10:53:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.4
X-Spam-Level:
X-Spam-Status: No, score=-1.4 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FROM_DOMAIN_NOVOWEL=0.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fY7H7XAbWmw8 for <ace@ietfa.amsl.com>; Tue, 10 Mar 2015 10:53:07 -0700 (PDT)
Received: from mail.promanage-inc.com (eliasisrael.com [50.47.36.5]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 25CF61A001D for <ace@ietf.org>; Tue, 10 Mar 2015 10:53:07 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mail.promanage-inc.com (Postfix) with ESMTP id 2FBE673D30DD; Tue, 10 Mar 2015 10:53:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at promanage-inc.com
Received: from mail.promanage-inc.com ([127.0.0.1]) by localhost (greendome.promanage-inc.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EIwZVBt2Uab8; Tue, 10 Mar 2015 10:53:05 -0700 (PDT)
Received: from [192.168.168.101] (unknown [192.168.168.101]) by mail.promanage-inc.com (Postfix) with ESMTPS id 7F95673D30D3; Tue, 10 Mar 2015 10:53:05 -0700 (PDT)
From: Eve Maler <eve@xmlgrrl.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Date: Tue, 10 Mar 2015 10:53:05 -0700
To: ace@ietf.org
Message-Id: <59F1C792-B108-4DEC-8B5F-94CA8DC19BF8@xmlgrrl.com>
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2070.6\))
X-Mailer: Apple Mail (2.2070.6)
Archived-At: <http://mailarchive.ietf.org/arch/msg/ace/uzqbGY21tLxE8ncTDIk8wIf9zvw>
Subject: [Ace] New doc: draft-maler-ace-oauth-uma-00
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Mar 2015 17:53:08 -0000
Hi all, Hannes, Erik, Samuel, and I worked on a new discussion document that gives insight into the ways in which OAuth and UMA could be used towards IoT requirements for authentication and authorization: http://tools.ietf.org/html/draft-maler-ace-oauth-uma-00 Quoting the abstract: Authentication and authorization are fundamental security features used in Internet and Web applications. Providing the same level of security functionality to the Internet of Things (IoT) environment as well is a logical enhancement and reduces the risk of unauthorized access to personal data. IoT devices, however, have limitations in terms of processing power, memory, user interface, Internet connectivity, etc. Since many use cases span Web and IoT environments and the question of "Web" vs. "IoT" can in some cases be considered a continuum, it is required to find security solutions that can accommodate the capabilities and constraints of both environments without significant compromises. Thus, an approach of adapting already standardized and deployed authentication and authorization technologies is worth examining. This document describes how the Web Authorization Protocol (OAuth) in combination with User-Managed Access (UMA) can be used for an IoT environment to bring Web-scale authorization services to the IoT world. Eve Maler | cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl
- Re: [Ace] New doc: draft-maler-ace-oauth-uma-00 Olaf Bergmann
- Re: [Ace] New doc: draft-maler-ace-oauth-uma-00 Thomas Hardjono
- Re: [Ace] New doc: draft-maler-ace-oauth-uma-00 Olaf Bergmann
- Re: [Ace] New doc: draft-maler-ace-oauth-uma-00 Thomas Hardjono
- Re: [Ace] New doc: draft-maler-ace-oauth-uma-00 Eve Maler
- [Ace] New doc: draft-maler-ace-oauth-uma-00 Eve Maler