Hi Hannes, Regarding your questions:
1. “How easy do you think would it be to port the code to some other OS? (or in other words: how tightly have you coupled it to Contiki?)” - Most of the code is called by Contiki processes, so it is not that coupled, and the cn-cbor and TinyDTLS dependencies are independent from Contiki. The code depends on two main things from Contiki: the Erbium CoAP server, and the CFS file system. The coupling with Erbium is not that strong, but wherever the code is ported, it would need a CoAP/CoAPs server on that OS, or the actual porting of a subset of Erbium (which I guess is doable, but it may be substantial work). The dependency on the CFS file system is for storing keys and tokens, and that would need to be adapted to whatever another OS offers, though this dependency is fairly contained in one module, and changes should not be that hard. 2. “Is the COSE/CWT parsing library separable from the rest? “ - Yes, it is fairly separable from the rest, other than the fact that it uses cn-cbor for cbor parsing, and TinyDTLS for AES decryption. However, at the moment it is very limited in terms of COSE parsing, only supporting the COSE wrapper and cypher suites we are actually using/supporting in our implementation. 3. “For the 300 Kb flash: does this contain the firmware update mechanism?” - No, this does not include the firmware update mechanism. Any more questions, just let me know. Thanks, Sebastian From: Hannes Tschofenig [mailto:[email protected]] Sent: Monday, January 28, 2019 10:19 AM To: Sebastian Echeverria <[email protected]> Cc: Grace A Lewis <[email protected]>; [email protected]; Dan Klinedinst <[email protected]> Subject: RE: ACE Implementation for Disadvantaged Environments Hi Sebastian, Thanks for the details. How easy do you think would it be to port the code to some other OS? (or in other words: how tightly have you coupled it to Contiki?) Is the COSE/CWT parsing library separable from the rest? For the 300 Kb flash: does this contain the firmware update mechanism? Ciao Hannes From: Sebastian Echeverria <[email protected]<mailto:[email protected]>> Sent: Montag, 28. Januar 2019 16:06 To: Hannes Tschofenig <[email protected]<mailto:[email protected]>> Cc: Grace A Lewis <[email protected]<mailto:[email protected]>>; [email protected]<mailto:[email protected]>; Dan Klinedinst <[email protected]<mailto:[email protected]>> Subject: Re: ACE Implementation for Disadvantaged Environments Hello, Here is some more information about it: - We used Contiki as the base/OS for the code. More specifically, we forked from the 6lbr project (https://github.com/cetic/6lbr), as that version already had some code for handling DTLS connections and AES encryption in it. - We are using the TI CC2538dk board as our constrained target platform. - The implementation has support for the DTLS profile, using pre-shared keys, as this was enough for our use case. - The implementation handles CWT tokens. - We modified the Erbium CoAP server in 6lbr to be able to simultaneously listen for CoAP and CoAPs connections (using TinyDTLS underneath). - The implementation uses the cn-cbor library for decoding CBOR data. - The implementation supports receiving tokens at the authz-info endpoint, and then giving access to a couple of sample resources based on the claims from the received tokens. - The implementation has some additional optional features related to our disadvantaged network environments, such as bootstrapping of the PSK credentials, and detecting revoked tokens through introspection. - The current binary is around 300 kb, which is good enough for the 512 kb flash on the TI boards, though it may be a bit too large for a class II device. We can probably make it a bit smaller. In terms of RAM, it fits in the 32 KB available on the TI boards. Best, --- Sebastian Echeverria Tactical Technologies Group (TTG) Software Engineering Institute Carnegie Mellon University From: Hannes Tschofenig <[email protected]<mailto:[email protected]>> Date: Monday, January 28, 2019 at 5:05 AM To: Grace Lewis <[email protected]<mailto:[email protected]>>, "[email protected]<mailto:[email protected]>" <[email protected]<mailto:[email protected]>> Subject: RE: ACE Implementation for Disadvantaged Environments Congrats to the work. Could you say a little bit the (constrained) resource server implementation? Ciao Hannes From: Ace <[email protected]<mailto:[email protected]>> On Behalf Of Grace A Lewis Sent: Mittwoch, 23. Januar 2019 19:12 To: [email protected]<mailto:[email protected]> Subject: [Ace] ACE Implementation for Disadvantaged Environments Hello, I just wanted to make the group aware of our ACE implementation (SEI-ACE), which includes an implementation for a resource-constrained server. Details available in this news article: https://www.sei.cmu.edu/news-events/news/article.cfm?assetid=539184 Article includes the link to our Git repo. Enjoy! - Grace Lewis ______________________________________________ Grace A. Lewis, Ph.D. Principal Researcher and TTG Initiative Lead Carnegie Mellon Software Engineering Institute Software Solutions Division (SSD) Tactical Technologies Group (TTG) 4500 Fifth Ave. #5412 Pittsburgh, PA 15213 Phone: (412) 268-5851 http://www.sei.cmu.edu/staff/glewis “A change in perspective is worth 80 IQ points” --- Alan Kay IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
_______________________________________________ Ace mailing list [email protected] https://www.ietf.org/mailman/listinfo/ace
