C.6 Security
C.6.1 Functional Components
Authorization (AuthZ)
Description The authorization component is a front end for managing
policies and performing access control decisions based on
access control policies. This access control decision can be
called whenever access to a restricted resource is requested.
For example, this function is called inside the IoT service
resolution component, to check if a user is allowed to perform
a look-up on the requested resource. This is an important part
of the privacy protection mechanisms.
Additional
description
The component is described in detail in deliverable D4.2Pertaining
requirements
UNI.002, UNI.067, UNI.319, UNI407, UNI.412, UNI.502,
UNI.503, UNI.504, UNI.507, UNI.606, UNI.610, UNI.611,
UNI.619, UNI.623, UNI.626Technical use
case
C6.2Default function set
Function
name
Function description Usage
exampleAuthorize From assertion, service description and action
type, determine whether the action is authorized or
not.
C6.2.2Manage
Policies
Add, update or delete an access policyAuthentication (AuthN)
Description The Authentication component is involved in User and Service
authentication. It checks the credentials provided by a user,
and, if valid, it returns an assertion as result, which is required
to use the IoT Service Client. Upon checking the correctness
of the credentials supplied by a newly joining node, it
establishes secured contexts between this node and various
entities in its local environment.
Additional The component is described in detail in deliverable D4.2