HIP Working Group P. Urien Internet Draft Telecom ParisTech Intended status: Informational October 16, 2009 Expires: April 16, 2010 HIP for IoT draft-urien-hip-iot-00.txt Status of this Memo This Internet-Draft is submitted to IETF in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/1id-abstracts.html The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html Urien Expires April 2010 [Page 1] HIP for IoT October 2009 Abstract The goal of this document is to analyze issues raised by the deployment of the Internet Of Things, and to propose a framework based on an Identity Layer such as the HIP protocol Conventions used in this document The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC-2119. Table of Contents Abstract........................................................... 2 Conventions used in this document.................................. 2 Table of Contents.................................................. 2 1 Introduction.................................................. 3 1.1 Tags and Internet Of Things................................. 3 1.2 Smart Objects and Internet of Things........................ 3 2 Open issues...................................................... 3 2.1 What is a thing?............................................ 3 2.2 What is the identifier of a thing?.......................... 4 2.3 Authentication.............................................. 4 2.4 Identity Protection......................................... 4 2.5 Communication Protocol...................................... 4 2.6 Things to Things communications............................. 4 3 HIP for the Internet Of Things................................... 4 3.1 HIP Benefits................................................ 4 3.2 HIP issues for the Internet Of things....................... 5 4 IANA Considerations.............................................. 5 5 Security Considerations.......................................... 5 6 References....................................................... 5 6.1 Normative References........................................ 5 6.2 Informative References...................................... 5 Author's Addresses................................................. 6 Full Copyright Statement........................................... 6 Urien Expires April 2010 [Page 2] HIP for IoT October 2009 1 Introduction There are currently two main definitions for the Internet Of Things (IoT): IoT dealing with tags, and IoT based on IP Smart Objects. 1.1 Tags and Internet Of Things The term Internet of Things (IoT) was invented by the MIT Auto-ID Center, in 2001, and refers to an architecture that comprises four levels, - Passive tags, such as Class-1 Generation-2 UHF RFIDs, introduced by the EPC Global consortium and operating in the 860-960 MHz range. - Readers plugged to a local (computing) system, which read the Electronic Product Code [EPC]. - A local system, offering IP connectivity, which collects information pointed by the EPC thanks to a protocol called Object Naming Service (ONS) - EPCIS (EPC Information Services) servers, which process incoming ONS requests and returns PML (Physical Markup Language) files [PML], e.g. XML documents that carry meaningful information linked to tags. 1.2 Smart Objects and Internet of Things According to [IP-IOT], the IP protocol should be used to extend the Internet Of Things to smart objects. Until recently, smart objects were realized with limited communication capabilities, such as RFID tags, but the new generation of devices has bidirectional wireless communication and sensors that provide real-time data such as temperature, pressure, vibrations, and energy measurement. Smart objects can be battery-operated, but not always and typically have three components: - a CPU (8-, 16- or 32-bit micro-controller), - memory (a few tens of kilobytes) - and a low-power wireless communication device (from a few kilobits/s to a few hundreds of kilobits/s). The size is small and the price is low: a few square mm and few dollars. 2 Open issues 2.1 What is a thing? We distinguish two classes of things 1- Things that are computers equipped with communication interfaces. 2- Things that are not computers, but who are associated with computers equipped with communication interfaces. Urien Expires April 2010 [Page 3] HIP for IoT October 2009 2.2 What is the identifier of a thing? They are several proposals: 1- A serial number, such as an EPC code. 2- An IP address. 3- Other, for example a fix hash value such HIT proposed by [HIP], or adhoc naming scheme [HIP-Naming]. 2.3 Authentication Is there a way to authenticate a thing? In other words is it possible and needed to prove the identity of a thing. This proof could establish the physical/logical integrity of a computer, or the integrity of an electronic passport. 2.4 Identity Protection Things can be used to track people or objects, which are identified by a set of things. Identity protection enforces privacy by hiding things identities thanks to cryptographic means. For example such mechanisms are described in [HIP-TAG]. 2.5 Communication Protocol A thing communicates with the Internet network by various interfaces 1- Via MAC (OSI2) radio protocols, as defined in [EPCGLOBAL] 2- Thanks the IP protocol, in that case the thing is an IP node, and is natively plugged in the Internet Cloud. 3- Other, for example the Host Identity Protocol [HIP] 2.6 Things to Things communications In some cases, things communicate with other things. If identity protection is required, the associated infrastructure is complex from a cryptographic or physical point of view, because classical routing techniques can't be used. 3 HIP for the Internet Of Things 3.1 HIP Benefits We suggest defining a new version of the HIP protocol, dedicated to the Internet Of Things issues, according to the following arguments 1- Things are associated to Identifiers. IP addresses are usually understood as locators and not identifiers. In this identity-based approach the infrastructure to which the thing is connected belongs to the internet network, but even if the thing comprises an IP stack, the IP address is not correlated with the thing identity. Urien Expires April 2010 [Page 4] HIP for IoT October 2009 2- The actual version of HIP provides inter HIP nodes communications thanks to ESP secure channels. This paradigm could be re-used for things to things communication, compatible with the IP infrastructure. 3.2 HIP issues for the Internet Of things 1- Identifiers. HIP Identifiers (HIT) rely on cryptographic procedures, i.e. a digest of an RSA public key. A new naming scheme SHOULD be defined 2- Identity Protection. No Identity Protection is supported. Therefore HIP nodes MAY be easily tracked. We believe that Identity Protection MUST be supported. 3- Communication Architecture. If identity protection is supported, some trusted gateways SHOULD be used in order to establish communications with things. 4 IANA Considerations 5 Security Considerations 6 References 6.1 Normative References [HIP] R. Moskowitz, P. Nikander, P. Jokela, T. Henderson, Host Identity Protocol, RFC 5201, April 2008 6.2 Informative References [EPC] Brock, D.L, The Electronic Product Code (EPC), A Naming Scheme for Physical Objects, MIT AUTO-ID CENTER, 2001. [PML] Brock, D.L - The Physical Markup Language, MIT AUTO-ID CENTER, 2001. [EPCGLOBAL] EPCglobal, EPC Radio Frequency Identity Protocols Class 1 1516 Generation 2 UHF RFID Protocol for Communications at 860 MHz- 960 MHz Version 1517 1.0.9, EPCglobal Standard, January 2005. [HIP-TAG] HIP support for RFID, draft-urien-hip-tag-02.txt [HIP-Naming] Naming Architecture for Object to Object Communications, draft-lee-object-naming-00.txt [IP-IOT] http://www.ipso-alliance.org Urien Expires April 2010 [Page 5] HIP for IoT October 2009 Author's Addresses Pascal Urien Telecom ParisTech 37/39 rue Dareau, 75014 Paris, France Email: Pascal.Urien@enst.fr Full Copyright Statement Copyright (c) 2009 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents in effect on the date of publication of this document (http://trustee.ietf.org/license-info). Please review these documents carefully, as they describe your rights and restrictions with respect to this document. All IETF Documents and the information contained therein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION THEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Expires April 2010 Urien Expires April 2010 [Page 6]