issuhub.com

Internet of Things Architecture

(Elliott) #1 
contained manner. This proof can also be based on simultaneously

deployed information.

During a second phase, the service client may only communicate directly with
an isolated discovery component. This includes the actions:


 Discover an IoT service directly for authorised personnel: This use case

extend the original Discover IoT-service, by applying access restrictions.

It includes:

o Present credentials: The credentials are verified and the related

privileges will be retrieved.

o Discover service based on service specification

o As mentioned above, this use case is just a place holder.

o Restrict access based on credentials: Applies the privileges of the

user to the result of the previous use case, especially removes those

services that the user is not allowed to see.

It is assumed as a pre-condition that the user is known and that the user can be
authenticated (e.g., through password or asymmetric key). Authentication only
has to be executed once for the validation period of the given assertion. These
assertions allow the user to retrieve the access credentials for further
processing during the second phase. In addition, the policies regarding the
discovery of services (with respect to privacy) are deployed at the respective
component realizing the ―retrieve credential‖ use case.


It is assumed that during the second phase, the service client as well as the
component realising the discovery service is unable to communicate with any of
the components realising the use case of the first phase.


As a post-condition of the secure discovery of an IoT Service, the user only
receives those services that he is entitled to see according to privacy
restrictions.


C.6.2.2 Interaction Diagrams


The Interaction diagram related to the use cases above are depicted below.


Interaction Diagram: Restricted Discovery


Before interacting with the IoT System, the User has to authenticate with the
Authentication component of the IoT System. The User synchronously calls the
authenticate operation of the Authentication component, providing his/her
credentials. The Authentication component verifies the credentials and provides
an Assertion that provides the basis for the interaction between the User and
the IoT System.

Free download pdf
Get our desktop app
Company
Features
Documentation
Resources
© ISSUHUB. 2024. All rights reserved.