Understanding provisioning

The major item still left to discuss, before we have an infrastructure where we can control ownership of the information it generates, is provisioning. Provisioning is the means to control who can access your devices, and do what with them.

The IEEE IoT Harmonization working group, which we presented in previous chapters, provides an extension to XMPP for provisioning. (This interface is based on legacy interfaces defined in XEP-0324.) The provisioning extension provides things with decision support in answering three main questions:

  • Am I allowed to accept a presence subscription request from an entity?
  • Am I allowed to be read by an entity, and if so, which data?
  • Am I allowed to be controlled by an entity, and if so, which parameters?

The provisioning extension defines the concept of a provisioning server to which all things can ask the aforementioned questions when necessary. The provisioning server in turn makes sure to ask the owner, when the owner is available, if a question arises it cannot find an answer to, based on previous responses from the owner. Before the owner can respond, the principle of data protection by default is used, and the request is automatically denied. But as soon as the owner has responded, successive questions will get the updated response.

Things are encouraged to cache responses to questions they pose. When rules are updated, the provisioning server simply asks the corresponding devices to clear their caches. This will make sure the devices ask the corresponding questions again, thus making sure the answers reflect the new rules. In production, the load on the provisioning server is proportional to the change of rules in the network, and not the size of the network.
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset