Hi I've query. You mentioned "the root of trust" like this
The root of trust can be an application that backs up the certificates to cloud storage and allows multiple devices to perform the on-boarding procedure. Here is my question. When executing Ownership Transfer then owner's UUID is wrote in doxm resource. Because The UUID is different per device, How can on-boarding procedure using multiple devices? How can be implements the root of trust by any chance? Best Jeonghwan Kim -----Original Message----- From: iotivity-dev-boun...@lists.iotivity.org [mailto:iotivity-dev-boun...@lists.iotivity.org] On Behalf Of Thiago Macieira Sent: Thursday, September 14, 2017 4:17 AM To: iotivity-dev@lists.iotivity.org Subject: Re: [dev] Grouping and Ownership On terça-feira, 12 de setembro de 2017 22:32:29 PDT Raveendranath Kondrakunta wrote: > Hi, > > I've couple of queries > > - New Devices are only owned by One Device(OBT). But for a typical > usecase like controlling light at home, the OBT would be a Smartphone. > All of the family members in the home should be able to control the > light with their respective Phone. How can this be achieved, the light > is only owned by one OTM This is an incorrect assumption. There is only one root of trust in your entire network and it can parcel out permissions as necessary. All devices in the network must be onboarded by the same OBT/root of trust. Since they are in the same trust domain, they can trust each other. On top of all of this, there are permissions that are initially configured by the OBT. The root of trust can be an application that backs up the certificates to cloud storage and allows multiple devices to perform the on-boarding procedure. That's out of scope for OCF and IoTivity, though. > - Essentially, the ownership of the light should be with the family, > not just with one person in the family. Let's make sure we understand "ownership" here. The OBT transfers ownership of an un-owned device to an owned one. After that, that device belongs to the OCF network. If you meant that, then you are correct. > - If I've multiple devices using IoTivity stack, do we have a builtin > support for Grouping of devices as they deem fit and any communication > patterns(one-one, one-many) within the group. How about security in this > case? Yes, that exists. There are ACLs that can be configured on each device that will allow or disallow different client applications from performing certain actions. The client applications must be onboarded by the same OBT as the devices themselves. -- Thiago Macieira - thiago.macieira (AT) intel.com Software Architect - Intel Open Source Technology Center _______________________________________________ iotivity-dev mailing list iotivity-dev@lists.iotivity.org https://lists.iotivity.org/mailman/listinfo/iotivity-dev _______________________________________________ iotivity-dev mailing list iotivity-dev@lists.iotivity.org https://lists.iotivity.org/mailman/listinfo/iotivity-dev
