PowerPoint Presentation - Draft-urien-hip-iot
Download
Report
Transcript PowerPoint Presentation - Draft-urien-hip-iot
1 /10
draft-urien-hip-iot-00.txt
HIP support for RFID
[email protected]
Pascal URIEN, IETF 76th, Monday November 9th Hiroshima Japan
http://www.telecom-paristech.fr
2 /10
Goal
The goal of this document is to analyze issues
raised by the deployment of the Internet Of
Things (IoT), and to propose a framework based
on an Identity Layer such as the HIP protocol
Pascal URIEN, IETF 76th, Monday November 9th Hiroshima Japan
What is IoT: Internet of Tags
Start
Tag
3 /10
EPC-Code
EPCIS
Server
Reader
Local System
URI Conversion
EPC: Electronic Product Code
ONS: Object Name Service
EPCIS: EPC Information Service
PML: Physical Markup language
Pascal URIEN, IETF 76th, Monday November 9th Hiroshima Japan
ONS Resolver
DNS Cloud
PML
Files
4 /10
What is IOT : Internet Of Object
http://www.ipso-alliance.org
Until recently, smart objects were realized with limited
communication capabilities, such as RFID tags, but the new
generation of devices has bidirectional wireless communication
and sensors that provide real-time data such as temperature,
pressure, vibrations, and energy measurement.
Smart objects can be battery-operated, but not always, and
typically have three components:
a CPU (8-, 16- or 32-bit micro-controller),
memory (a few tens of kilobytes)
and a low-power wireless communication device (from a few
kilobits/s to a few hundreds of kilobits/s).
The size is small and the price is low: a few square mm and
few dollars.
The Internet of Things: IP for Smart Objects
Pascal URIEN, IETF 76th, Monday November 9th Hiroshima Japan
5 /10
Open Issues
What is a thing?
We distinguish two classes of things
Things that are computers equipped with communication
interfaces.
Things that are not computers, but who are associated with
computers equipped with communication interfaces.
What is the identifier of a thing?
They are several proposals:
A serial number, such as an EPC code.
An IP address.
Other, for example a fix hash value, or adhoc naming
scheme.
Authentication
Is there a need/way to authenticate a thing? In other
words is it possible and needed to prove the identity
of a thing.
Pascal URIEN, IETF 76th, Monday November 9th Hiroshima Japan
6 /10
Open issues
Identity Protection
Things can be used to track people or objects, which are
identified by a set of things. Identity protection enforces
privacy by hiding things identities thanks to cryptographic
means.
Communication Protocol
A thing communicates with the Internet network by various
interfaces
Via MAC (OSI2) radio protocols, as defined by EPCGLOBAL
Thanks the IP protocol, in that case the thing is an IP node, and
is natively plugged in the Internet Cloud.
Other, for example the Host Identity Protocol
Things to Things communications
In some cases, things communicate with other things. If
identity protection is required, the associated
infrastructure is complex from a cryptographic or physical
point of view, because classical routing techniques can't be
used.
Pascal URIEN, IETF 76th, Monday November 9th Hiroshima Japan
7 /10
HIP for IoT
HIP Benefits
We suggest defining a new version of the HIP
protocol, dedicated to the Internet Of Things issues,
according to the following arguments :
Things are associated to Identifiers. IP addresses are usually
understood as locators and not identifiers. In this identitybased approach the infrastructure to which the thing is
connected belongs to the internet network, but even if the
thing comprises an IP stack, the IP address is not correlated
with the thing identity.
The actual version of HIP provides inter HIP nodes
communications thanks to ESP secure channels. This
paradigm could be re-used for things to things
communication, compatible with the IP infrastructure.
Pascal URIEN, IETF 76th, Monday November 9th Hiroshima Japan
8 /10
HIP for IoT
HIP issues for the Internet Of things
Identifiers. HIP Identifiers (HIT) rely on
cryptographic procedures, i.e. a digest of an
RSA public key. A new naming scheme SHOULD
be defined
Identity Protection. No Identity Protection is
supported. Therefore HIP nodes MAY be easily
tracked. We believe that Identity Protection
MUST be supported.
Communication Architecture. If identity
protection is supported, some trusted gateways
SHOULD be used in order to establish
communications with things.
Pascal URIEN, IETF 76th, Monday November 9th Hiroshima Japan
9 /10
Example: draft-urien-hip-tag-02.txt
HIP
HIP
SPI-I
HAT
EPC-Code
HAT
IP
IP
RFID-MAC
RFID-MAC
MAC
MAC
RFID-PHY
RFID-PHY
PHY
PHY
Tag
Reader
Pascal URIEN, IETF 76th, Monday November 9th Hiroshima Japan
Identity
Solver
SPI-R
EPC-Code
Portal
10 /10
Questions ?
Pascal URIEN, IETF 76th, Monday November 9th Hiroshima Japan