[solace] New Version Notification for draft-keoh-lwig-dtls-iot-01.txt
"Keoh, Sye Loong" <sye.loong.keoh@philips.com> Mon, 25 February 2013 16:19 UTC
Return-Path: <sye.loong.keoh@philips.com>
X-Original-To: solace@ietfa.amsl.com
Delivered-To: solace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 53EAF21F9546; Mon, 25 Feb 2013 08:19:17 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rq-0TRUFF0EZ; Mon, 25 Feb 2013 08:19:16 -0800 (PST)
Received: from va3outboundpool.messaging.microsoft.com (va3ehsobe006.messaging.microsoft.com [216.32.180.16]) by ietfa.amsl.com (Postfix) with ESMTP id 6426221F94B1; Mon, 25 Feb 2013 08:19:16 -0800 (PST)
Received: from mail248-va3-R.bigfish.com (10.7.14.248) by VA3EHSOBE011.bigfish.com (10.7.40.61) with Microsoft SMTP Server id 14.1.225.23; Mon, 25 Feb 2013 16:19:15 +0000
Received: from mail248-va3 (localhost [127.0.0.1]) by mail248-va3-R.bigfish.com (Postfix) with ESMTP id 7FC957002BB; Mon, 25 Feb 2013 16:19:15 +0000 (UTC)
X-Forefront-Antispam-Report: CIP:157.55.7.222; KIP:(null); UIP:(null); IPV:NLI; H:mail.philips.com; RD:none; EFVD:NLI
X-SpamScore: -44
X-BigFish: VPS-44(zz217bI15d6O9251J936eI542I1a09Ja65Rzz1f42h1ee6h1de0h1202h1e76h1d1ah1d2ahzz1033IL17326ah8275dhz2dh2a8h668h839h93fhd25hf0ah1288h12a5h12a9h12bdh137ah13b6h1441h1504h1537h153bh15d0h162dh1631h1758h18e1h1946h19b5h19ceh1155h)
Received: from mail248-va3 (localhost.localdomain [127.0.0.1]) by mail248-va3 (MessageSwitch) id 1361809152556960_2529; Mon, 25 Feb 2013 16:19:12 +0000 (UTC)
Received: from VA3EHSMHS029.bigfish.com (unknown [10.7.14.239]) by mail248-va3.bigfish.com (Postfix) with ESMTP id 83410C40088; Mon, 25 Feb 2013 16:19:12 +0000 (UTC)
Received: from mail.philips.com (157.55.7.222) by VA3EHSMHS029.bigfish.com (10.7.99.39) with Microsoft SMTP Server (TLS) id 14.1.225.23; Mon, 25 Feb 2013 16:19:11 +0000
Received: from 011-DB3MPN1-031.MGDPHG.emi.philips.com ([169.254.1.208]) by 011-DB3MMR1-010.MGDPHG.emi.philips.com ([10.128.28.49]) with mapi id 14.02.0328.011; Mon, 25 Feb 2013 16:19:05 +0000
From: "Keoh, Sye Loong" <sye.loong.keoh@philips.com>
To: "lwip@ietf.org" <lwip@ietf.org>, "core@ietf.org" <core@ietf.org>, "solace@ietf.org" <solace@ietf.org>
Thread-Topic: New Version Notification for draft-keoh-lwig-dtls-iot-01.txt
Thread-Index: AQHOE3LTiRFnpst2nUe7iGkOHVg9hJiKv00Q
Date: Mon, 25 Feb 2013 16:19:04 +0000
Message-ID: <EAE29B174013F643B5245BA11953A1BE22384CC5@011-DB3MPN1-031.MGDPHG.emi.philips.com>
References: <20130225161139.6943.69315.idtracker@ietfa.amsl.com>
In-Reply-To: <20130225161139.6943.69315.idtracker@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [194.171.252.104]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: philips.com
Subject: [solace] New Version Notification for draft-keoh-lwig-dtls-iot-01.txt
X-BeenThere: solace@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "\"Smart Object Lifecycle Architecture for Constrained Environments\" discussion list" <solace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/solace>, <mailto:solace-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/solace>
List-Post: <mailto:solace@ietf.org>
List-Help: <mailto:solace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/solace>, <mailto:solace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 25 Feb 2013 16:19:17 -0000
Dear all, We have submitted a new Internet draft to the LWIG WG to share our implementation experience on using DTLS for various security functionalities, i.e., network access, key management, and secure multicast communication in order to facilitate Internet of Things (IoT). Comments and feedback are very much appreciated. Many thanks Sye Loong -----Original Message----- From: internet-drafts@ietf.org [mailto:internet-drafts@ietf.org] Sent: maandag 25 februari 2013 17:12 To: Keoh, Sye Loong Cc: Kumar, Sandeep; Garcia Morchon, Oscar Subject: New Version Notification for draft-keoh-lwig-dtls-iot-01.txt A new version of I-D, draft-keoh-lwig-dtls-iot-01.txt has been successfully submitted by Sye Loong Keoh and posted to the IETF repository. Filename: draft-keoh-lwig-dtls-iot Revision: 01 Title: Securing the IP-based Internet of Things with DTLS Creation date: 2013-02-25 Group: Individual Submission Number of pages: 20 URL: http://www.ietf.org/internet-drafts/draft-keoh-lwig-dtls-iot-01.txt Status: http://datatracker.ietf.org/doc/draft-keoh-lwig-dtls-iot Htmlized: http://tools.ietf.org/html/draft-keoh-lwig-dtls-iot-01 Diff: http://www.ietf.org/rfcdiff?url2=draft-keoh-lwig-dtls-iot-01 Abstract: The IP-based Internet of Things (IoT) refers to the pervasive interaction of smart devices and people enabling new applications by means of IP protocols. Traditional IP protocols will be further complemented by 6LoWPAN and CoAP to make the IoT feasible on small devices. Security and privacy are a must for such an environment. Due to mobility, limited bandwidth, resource constraints, and new communication topologies, existing security solutions need to be adapted. We propose a security architecture for the IoT in order to provide network access control to smart devices, the management of keys and securing unicast/multicast communication. Devices are authenticated and granted network access by means of a pre-shared key (PSK) based security handshake protocol. The solution is based on Datagram Transport Layer Security (DTLS). Through the established secure channels, keying materials, operational and security parameters are distributed, enabling devices to derive session keys and group keys. The solution relies on the DTLS Record Layer for the protection of unicast and multicast data flows. We have prototyped and evaluated the security architecture. The DTLS architecture allows for easier interaction and interoperability with the Internet due to the extensive use of TLS. However, it exhibits performance issues constraining its deployment in some network topologies and hence would require further optimizations. The IETF Secretariat ________________________________ The information contained in this message may be confidential and legally protected under applicable law. The message is intended solely for the addressee(s). If you are not the intended recipient, you are hereby notified that any use, forwarding, dissemination, or reproduction of this message is strictly prohibited and may be unlawful. If you are not the intended recipient, please contact the sender by return e-mail and destroy all copies of the original message.
- [solace] New Version Notification for draft-keoh-… Keoh, Sye Loong