Hi Benjamin:

Seems that the SUN should be protected at L2 and the HAN would not possess the 
appropriate keys, is that right? If so the SUN and HAN would operate as 2 
different networks in ship in the night wouldn't they? 

That's how I'd expect it in the industrial space with 2 different profiles. In 
fine what we see is that the security really defines what a PAN is and the 
network boundaries.

Pascal

>-----Original Message-----
>From: [email protected] [mailto:[email protected]] On Behalf Of 
>Benjamin A. Rolfe
>Sent: lundi 13 avril 2009 17:00
>To: [email protected]
>Subject: Re: [6lowpan] [Roll] 6lowpan-ND vs. ROLL
>
>This is  very interesting and relevant question.
>In the scenario given, the utility side of the meter is likely a mesh also,
>and it needs to be isolated from the home side (we're using SUN and HAN to
>describe these two - Smart Utility Network and Home Area Network - in the
>context of 802.15.4 work).  The general desire of the utility to maintain a
>secure SUN is one reason, and the general desire of consumers to keep their
>HAN private is another (and the general 'we don't want a ninth grader with a
>laptop crashing the grid' concern may figure in, too ;-).   From either
>perspective the meter forms an "edge" from the point of view as
>entrance/egress between two logically separate networks. As pointed out,
>this is still a resource constrained device (although in some
>implementations it is has a bit more to play with than a typical thermostat
>or light dimmer).
>
>On the SUN side mesh the meter is keeping track only of it's adjacent
>neighbors; on the HAN there are likely fewer neighbors, in the home
>situation. But consider the same situation in an industrial context, where
>you have the same need for the in-prem network to be separated from the
>utility side, but the in-prem mesh might be thousands of nodes.  I would
>expect again that the meter/gateway is keeping track only of adjacent
>neighbors.   This is what we see happening now.
>
>Not sure if that helps in the discussion, so FWIW.
>-Ben
>
>
>----- Original Message -----
>From: "Richard Kelsey" <[email protected]>
>To: <[email protected]>
>Cc: <[email protected]>
>Sent: Saturday, April 11, 2009 10:48 AM
>Subject: Re: [6lowpan] [Roll] 6lowpan-ND vs. ROLL
>
>
>>   Date: Sat, 11 Apr 2009 15:21:17 +0300
>>   From: Zach Shelby <[email protected]>
>>
>>   >>> Richard Kelsey a écrit :
>>   >>>> From: Carsten Bormann <[email protected]> Date: Fri, 10 Apr 2009
>>   >>>> 19:00:42 +0200
>>   >>>>
>>   >>>> (I don't tend to think about the case where there is no Edge
>>   >>>> Router -- ...)
>>   >>>>
>>   >>>> I have a question on this, stemming from my lack of familiarity
>>   >>>> with the details of IP routing.
>>   >>>>
>>   >>>> Suppose I have a 6LowPAN/ROLL network being used for energy
>>   >>>> management in a home.  The network includes the electric meter,
>>   >>>> which has a backhaul connection back to the utility. The utility,
>>   >>>> being very protective of its backhaul network, has a firewall in
>>   >>>> the meter to keep out everything except the utility's own
>>   >>>> traffic.   Given the presence of the firewall, does it still make
>>   >>>> sense to use the meter as an Edge Router?
>>
>>   [Is an Edge Router an IP router? ... Yes.]
>>
>>   Anyways, this stuff doesn't need to be completely "typical". I mean we
>>   are not installing an F-Secure firewall on a Windows PC here. These are
>>   application-specific embedded devices most of the time. You can use an
>>   embedded Linux box with Linux firewall features to achieve a 6LoWPAN
>>   Edge Router. Of course the 6lowpan wireless interface driver and ER
>>   features need to be implemented.
>>
>> In the network I was describing, the meter has no more
>> horsepower than the other devices on the network.  It has a
>> small micro with around 4k of RAM.  It certainly isn't
>> something as powerful as an embedded Linux box.  Is it
>> unreasonable to expect it to act as an Edge Router?  If not,
>> how should its connection between the LowPAN and the utility
>> backhaul be handled?
>>                               -Richard Kelsey
>> _______________________________________________
>> 6lowpan mailing list
>> [email protected]
>> https://www.ietf.org/mailman/listinfo/6lowpan
>>
>
>_______________________________________________
>6lowpan mailing list
>[email protected]
>https://www.ietf.org/mailman/listinfo/6lowpan
_______________________________________________
6lowpan mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/6lowpan

Reply via email to