Hi Eliot, If you read the document, we introduce a scope in the AT-KDC and AT-R token which specifies what resources are accessible via the knowledge of the group key. The architecture ensures that the group key can only be used for authorized resources. This allows us to only use the group key to control light intensity resource and nothing else. Even on the luminaire, the group key cannot be used to access other information such as commissioning data.
Abhinav Sent from my Windows Phone ________________________________ From: Eliot Lear<mailto:[email protected]> Sent: 26/07/2016 17:59 To: Kathleen Moriarty<mailto:[email protected]>; Kumar, Sandeep<mailto:[email protected]> Cc: Somaraju Abhinav<mailto:[email protected]>; [email protected]<mailto:[email protected]>; Rene Struik<mailto:[email protected]>; Michael StJohns<mailto:[email protected]>; Stephen Farrell<mailto:[email protected]> Subject: Re: [Ace] Adoption of Low Latency Group Communication Security Work in ACE Hi Kathleen, On 7/26/16 4:52 PM, Kathleen Moriarty wrote: What is the bigger threat model? Lights turning on/off in large buildings could result in increased energy costs. Lights turning on/off could result in safety issues (they could be extreme). It's also a matter of changing colors, misappropriation of sensors, and perhaps more important: expropriation of the lighting systems to attack other systems. Thus the concern over transitory trust, especially should these systems have multiple functions. Eliot ________________________________________________________ The contents of this e-mail and any attachments are confidential to the intended recipient. They may not be disclosed to or used by or copied in any way by anyone other than the intended recipient. If this e-mail is received in error, please immediately notify the sender and delete the e-mail and attached documents. Please note that neither the sender nor the sender's company accept any responsibility for viruses and it is your responsibility to scan or otherwise check this e-mail and any attachments.
_______________________________________________ Ace mailing list [email protected] https://www.ietf.org/mailman/listinfo/ace
