ETSI TS 118 132-2017 MAF and MEF Interface Specification (V2 0 2 oneM2M TS-0032 version 2 0 2 Release 2A).pdf

1、 ETSI TS 118 132 V2.0.2 (2017-11) MAF and MEF Interface Specification (oneM2M TS-0032 version 2.0.2 Release 2A) TECHNICAL SPECIFICATION ETSI ETSI TS 118 132 V2.0.2 (2017-11)2oneM2M TS-0032 version 2.0.2 Release 2AReference DTS/oneM2M-000032V2A Keywords IoT, M2M ETSI 650 Route des Lucioles F-06921 So

2、phia Antipolis Cedex - FRANCE Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16 Siret N 348 623 562 00017 - NAF 742 C Association but non lucratif enregistre la Sous-Prfecture de Grasse (06) N 7803/88 Important notice The present document can be downloaded from: http:/www.etsi.org/standards-search The

3、present document may be made available in electronic versions and/or in print. The content of any electronic and/or print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any existing or perceived difference in contents between such v

4、ersions and/or in print, the only prevailing document is the print of the Portable Document Format (PDF) version kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision or change of status. Information on th

5、e current status of this and other ETSI documents is available at https:/portal.etsi.org/TB/ETSIDeliverableStatus.aspx If you find errors in the present document, please send your comment to one of the following services: https:/portal.etsi.org/People/CommiteeSupportStaff.aspx Copyright Notification

6、 No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm except as authorized by written permission of ETSI. The content of the PDF version shall not be modified without the written authorization of ETSI. The copyright and the

7、 foregoing restriction extend to reproduction in all media. ETSI 2017. All rights reserved. DECTTM, PLUGTESTSTM, UMTSTMand the ETSI logo are trademarks of ETSI registered for the benefit of its Members. 3GPPTM and LTE are trademarks of ETSI registered for the benefit of its Members and of the 3GPP O

8、rganizational Partners. oneM2M logo is protected for the benefit of its Members. GSM and the GSM logo are trademarks registered and owned by the GSM Association. ETSI ETSI TS 118 132 V2.0.2 (2017-11)3oneM2M TS-0032 version 2.0.2 Release 2AContents Intellectual Property Rights 5g3Foreword . 5g31 Scop

9、e 6g32 References 6g32.1 Normative references . 6g32.2 Informative references 6g33 Definitions and abbreviations . 7g33.1 Definitions 7g33.2 Abbreviations . 7g34 Conventions 7g35 General Description 8g35.1 MAF Interface 8g35.1.1 Introduction. 8g35.1.2 MAF Interface Overview 9g35.2 MEF Interface 10g3

10、5.2.1 Introduction. 10g35.2.2 MEF Interface Overview 13g36 Processing and Representation of Primitives . 14g36.1 Common aspects of the MAF and MEF interface 14g36.2 MAF Interface 14g36.3 MEF Interface 15g37 Resource types definitions 15g37.1 Namespaces used for resource and data types 15g37.2 Resour

11、ce Type 15g37.3 Resource Type 16g37.4 Resource Type 16g37.5 Resource Type 17g37.6 Resource Type . 18g37.7 Resource Type . 18g38 Resource-type specific procedures and definitions 20g38.1 Resource Type 20g38.1.1 Introduction. 20g38.1.2 resource specific procedures on CRUD operations . 20g38.1.2.1 Crea

12、te 20g38.1.2.2 Retrieve . 20g38.1.2.3 Update . 21g38.1.2.4 Delete 21g38.2 Resource Type 21g38.2.1 Introduction. 21g38.2.2 resource specific procedures on CRUD operations . 22g38.2.2.1 Create 22g38.2.2.2 Retrieve . 22g38.2.2.3 Update . 22g38.2.2.4 Delete 22g38.3 Resource Type 23g38.3.1 Introduction.

13、23g38.3.2 resource specific procedures on CRUD operations 23g38.3.2.1 Create 23g38.3.2.2 Retrieve . 24g38.3.2.3 Update . 25g38.3.2.4 Delete 25g38.4 Resource Type 26g3ETSI ETSI TS 118 132 V2.0.2 (2017-11)4oneM2M TS-0032 version 2.0.2 Release 2A8.4.1 Introduction. 26g38.4.2 resource specific procedure

14、s on CRUD operations. 27g38.4.2.1 Create 27g38.4.2.2 Retrieve . 28g38.4.2.3 Update . 28g38.4.2.4 Delete 29g38.5 Resource Type . 29g38.5.1 Introduction. 29g38.5.2 resource specific procedures on CRUD operations . 30g38.5.2.1 Create 30g38.5.2.2 Retrieve . 31g38.5.2.3 Update . 32g38.5.2.4 Delete 32g38.

15、6 Resource Type . 33g38.6.1 Introduction. 33g38.6.2 resource specific procedures on CRUD operations . 33g38.6.2.1 Create 33g38.6.2.2 Retrieve . 34g38.6.2.3 Update . 34g38.6.2.4 Delete 35g39 Short Names . 35g39.1 Introduction 35g39.2 Security-specific oneM2M Resource attributes 36g39.3 Security-speci

16、fic oneM2M Resource types 36g39.4 Security-specific oneM2M Complex data type members. 36g3History 38g3ETSI ETSI TS 118 132 V2.0.2 (2017-11)5oneM2M TS-0032 version 2.0.2 Release 2AIntellectual Property Rights Essential patents IPRs essential or potentially essential to the present document may have b

17、een declared to ETSI. The information pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-members, and can be found in ETSI SR 000 314: “Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in respect of ETSI standards

18、“, which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web server (https:/ipr.etsi.org/). Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee can be given as to the existence of other IPRs not refere

19、nced in ETSI SR 000 314 (or the updates on the ETSI Web server) which are, or may be, or may become, essential to the present document. Trademarks The present document may include trademarks and/or tradenames which are asserted and/or registered by their owners. ETSI claims no ownership of these exc

20、ept for any which are indicated as being the property of ETSI, and conveys no right to use or reproduce any trademark and/or tradename. Mention of those trademarks in the present document does not constitute an endorsement by ETSI of products, services or organizations associated with those trademar

21、ks. Foreword This Technical Specification (TS) has been produced by ETSI Partnership Project oneM2M (oneM2M). ETSI ETSI TS 118 132 V2.0.2 (2017-11)6oneM2M TS-0032 version 2.0.2 Release 2A1 Scope The present document specifies communication between the M2M Authentication Function (MAF) and MAF client

22、s on the reference point Mmaf and between the M2M Enrolment Function (MEF) and MEF clients on the reference point Mmef. 2 References 2.1 Normative references References are either specific (identified by date of publication and/or edition number or version number) or non-specific. For specific refer

23、ences, only the cited version applies. For non-specific references, the latest version of the referenced document (including any amendments) applies. Referenced documents which are not found to be publicly available in the expected location might be found at https:/docbox.etsi.org/Reference/. NOTE:

24、While any hyperlinks included in this clause were valid at the time of publication, ETSI cannot guarantee their long term validity. The following referenced documents are necessary for the application of the present document. 1 ETSI TS 118 101: “oneM2M; Functional Architecture (oneM2M TS-0001)“. 2 E

25、TSI TS 118 103: “oneM2M; Security solutions (oneM2M TS-0003)“. 3 ETSI TS 118 104: “oneM2M; Service Layer Core Protocol Specification (oneM2M TS-0004)“. 4 ETSI TS 118 108: “oneM2M; CoAP Protocol Binding (oneM2M TS-0008)“. 5 ETSI TS 118 109: “oneM2M; HTTP Protocol Binding (oneM2M TS-0009)“. 6 ETSI TS

26、118 110: “oneM2M; MQTT Protocol Binding (oneM2M TS-0010)“. 7 ETSI TS 118 111: “oneM2M; Common Terminology (oneM2M TS-0011)“. 8 ETSI TS 118 120: “oneM2M; WebSocket Protocol Binding (oneM2M TS-0020)“. 9 ETSI TS 118 122: “oneM2M; Field Device Configuration (oneM2M TS-0022)“. 2.2 Informative references

27、References are either specific (identified by date of publication and/or edition number or version number) or non-specific. For specific references, only the cited version applies. For non-specific references, the latest version of the referenced document (including any amendments) applies. NOTE: Wh

28、ile any hyperlinks included in this clause were valid at the time of publication, ETSI cannot guarantee their long term validity. The following referenced documents are not necessary for the application of the present document but they assist the user with regard to a particular subject area. i.1 on

29、eM2M Drafting Rules. NOTE: Available at http:/www.onem2m.org/images/files/oneM2M-Drafting-Rules.pdf. ETSI ETSI TS 118 132 V2.0.2 (2017-11)7oneM2M TS-0032 version 2.0.2 Release 2A3 Definitions and abbreviations 3.1 Definitions For the purposes of the present document, the terms and definitions given

30、in ETSI TS 118 111 7, ETSI TS 118 103 2 and the following apply: MAF Client: functionality for performing MAF procedures on behalf of an associated CSE or AE, or on behalf of CSE or AE(s) present on an associated Node MAF interface: communication interface between a MAF and a MAF Client identified b

31、y reference point Mmaf MEF Client: functionality for performing MEF procedures on behalf of an associated CSE or AE, or on behalf of CSE or AE(s) present on an associated Node, or an associated MAF MEF interface: communication interface between a MEF and a MEF Client identified by reference point Mm

32、ef 3.2 Abbreviations For the purposes of the present document, the abbreviations given in ETSI TS 118 111 7, ETSI TS 118 103 2 and the following apply: ADN Application Dedicated Node AE Application Entity AE-ID Application Entity Identifier API Application Programming Interface ASN Application Servi

33、ce Node BBF Broadband Forum CDT Common Data Types CRUD Create, Retrieve, Update, Delete (operation) CSE Common Services Entity CSE-ID Common Services Entity Identifier DM Device Management DTLS Datagram Transport Layer Security FQDN Fully Qualified Domain Name HTTP Hypertext Transfer Protocol IN Inf

34、rastructure Node MAF M2M Authentication Function MEF M2M Enrolment Function MN Middle Node MQTT Message Queue Telemetry Transport MTE M2M Trust Enabler NP Not Present RSPF Remote Security Provisioning Framework RO Read-Only RW Read-Write SEC SecuritySP Service Provider SP-ID Service Provider Identif

35、ier SUID Security Usage Identifier TLS Transport Layer Security WO Write-Only XML eXtensible Markup Language 4 Conventions The key words “Shall“, “Shall not“, “May“, “Need not“, “Should“, “Should not“ in the present document are to be interpreted as described in the oneM2M Drafting Rules i.1. ETSI E

36、TSI TS 118 132 V2.0.2 (2017-11)8oneM2M TS-0032 version 2.0.2 Release 2A5 General Description 5.1 MAF Interface 5.1.1 Introduction The MAF Interface is a simple variant of the Mcc/Mca reference points specifying the interaction of MAF Clients with a M2M Authentication Function (MAF), acting on behalf

37、 of an administrating stakeholder such as an M2M SP or third party M2M Trust Enabler (MTE). The present document does not specify the operation and management of the MAF required to support these procedures. A MAF Client interacts with the MAF on behalf of a Node (ADN, ASN, IN or MN), or a CSE or an

38、 AE. Figure 5.1.1-1 defines the reference point Mmaf between MAF clients and a MAF. Figure 5.1.1-1: Reference Architecture for MAF The administrating stakeholder authorizes the MAFs services to MAF clients, and oversees authorizing the distribution of symmetric keys. A MAF may provide its services o

39、n behalf of multiple administrating stakeholders. A MAF Client may be associated with multiple administrating stakeholders, each administrating the use of the MAF within a different scope. NOTE 1: The administrating stakeholder could be an M2M SP administrating the registration and distribution of c

40、redentials used for SAEFs and ESPrim within the M2M SPs Domain. NOTE 2: The administrating stakeholder could be an MTE administrating the registration and distribution of credentials for ESPrim and ESData to MAF Clients belonging to a particular Application Service Provider, where the MAF Clients co

41、uld be distributed over multiple M2M SP domains. ETSI ETSI TS 118 132 V2.0.2 (2017-11)9oneM2M TS-0032 version 2.0.2 Release 2AThe present document has no impact on the specifications in ETSI TS 118 101 1 and ETSI TS 118 104 3. However, the MAF Interface uses much of the specification in ETSI TS 118

42、104 3 and in particular allows use of the HTTP binding in ETSI TS 118 108 4, the CoAP binding in ETSI TS 118 109 5 and the WebSocket binding in ETSI TS 118 120 8. NOTE 3: The MQTT binding in ETSI TS 118 110 6 is not suitable for the MAF Interface, because the MAF Interface assumes a TLS or DTLS conn

43、ection from the MAF Client to the MAF - which is not possible using the MQTT binding. The MAF Interface incorporates the following concepts from the Mcc/Mca reference points: The concept of operations acting on resources. The resource addressing from Mcc/Mca is used. The universal attributes and som

44、e common attributes of resources. The MAF Interface differs from Mcc/Mca in the following ways: The MAF Client can only communicate directly with the MAF - there are no transited CSEs. Only Blocking Mode communication method is supported. None of the resource types applicable on Mcc/Mca are used: -

45、Access control decisions use simple access control list for Retrieve access, and resources are not used for resources hosted by the MAF. A consequence of this is that the accessControlPolicyIDs attributes are not needed in the resources hosted by the MAF. - The resource and NOTIFY operations are not

46、 supported. - There is no AE registration or CSE registration, but a similar process where a MAF Client creates a (MAF Client registration record) resource on the MAF. - There are no announced resources. The hierarchy of resources hosted by a MAF shall be as follows: resource type is the structural

47、root for all the resources that are residing on a MAF. This resource is implicitly created by the MAF and uses the fixed resource name “maf“ and contains following child resources: - resource. It confirms the MAF Clients registration to an administrating stakeholder, and can contain configuration in

48、formation to be returned to the MAF Client. - resources. It is created by the MAF Client, and contains symmetric keys for retrieval by another MAF Client. 5.1.2 MAF Interface Overview This MAF Interface overview is based on the specification in clause 6 of ETSI TS 118 104 3. Identifiers such as M2M-

49、SP-ID, AE-ID and CSE-ID as defined in clause 6.2.3 of ETSI TS 118 104 3 also apply to the MAF Interface. M2M Trust Enablers (MTEs) are identified using an M2M-SP-ID. Resources are addressed as specified in clause 6.2.4 in ETSI TS 118 104 3. Common data types applicable to the MAF Interface are inherited from clause 6.3 of ETSI TS 118 104 3. Tables 5.1.2-1 and 5.1.2-2 list the request and response primitive parameters inherited from clauses 6.4.1 and 6.4.2 in ETSI TS 118 104 3, respectively; the data