draft-ietf-ace-usecases-08.txt		draft-ietf-ace-usecases-09.txt
	skipping to change at page 1, line 16		skipping to change at page 1, line 16
	Expires: April 9, 2016 Universitaet Bremen TZI		Expires: April 9, 2016 Universitaet Bremen TZI
	G. Selander		G. Selander
	Ericsson		Ericsson
	M. Mani		M. Mani
	Itron		Itron
	S. Kumar		S. Kumar
	Philips Research		Philips Research
	October 07, 2015		October 07, 2015
	ACE use cases		ACE use cases
	draft-ietf-ace-usecases-08		draft-ietf-ace-usecases-09
	Abstract		Abstract
	Constrained devices are nodes with limited processing power, storage		Constrained devices are nodes with limited processing power, storage
	space and transmission capacities. These devices in many cases do		space and transmission capacities. These devices in many cases do
	not provide user interfaces and are often intended to interact		not provide user interfaces and are often intended to interact
	without human intervention.		without human intervention.
	This document includes a collection of representative use cases for		This document includes a collection of representative use cases for
	authentication and authorization in constrained environments. These		authentication and authorization in constrained environments. These
	skipping to change at page 26, line 47		skipping to change at page 26, line 47
	3.4. Proxies		3.4. Proxies
	In some cases, the traffic between endpoints might go through		In some cases, the traffic between endpoints might go through
	intermediary nodes (e.g. proxies, gateways). This might affect the		intermediary nodes (e.g. proxies, gateways). This might affect the
	function or the security model of authentication and access control		function or the security model of authentication and access control
	protocols e.g. end-to-end security between endpoints with DTLS might		protocols e.g. end-to-end security between endpoints with DTLS might
	not be possible (see Section 2.5).		not be possible (see Section 2.5).
	4. Privacy Considerations		4. Privacy Considerations
	Many of the devices that are in focus of this document register data		The constrained devices in focus of this document collect data from
	from the physical world (sensors) or affect processes in the physical		the physical world via sensors or affect their surrounding via
	world (actuators), which may involve data or processes belonging to		actuators. The collected and processed data often can be associated
	individuals. To make matters worse the sensor data may be recorded		with individuals. Since sensor data may be collected and distributed
	continuously thus allowing to gather significant information about an		on a regular interval a significant amount of information about an
	individual subject through the sensor readings. Therefore privacy		individual can be collected and used as input to learning algorithms
	protection is especially important, and Authentication and Access		as part of big data analysis and used in an automated decision making
	control are important tools for this, since they make it possible to		process.
	control who gets access to private data.
	Privacy protection can also be weighted in when evaluating the need
	for end-to-end confidentiality, since otherwise intermediary nodes
	will learn the content of potentially sensitive messages sent between
	endpoints and thereby threaten the privacy of the individual that may
	be subject of this data.
	In some cases, even the possession of a certain type of device can be		Offering privacy protection for individuals is important to guarantee
	confidential, e.g. individuals might not want to others to know that		that only authorized entities are allowed to access collected data
	they are wearing a certain medical device (see Section 2.3).		and to trigger actions, to obtain consent prior to the sharing of
			data, and to deal with other privacy-related threats outlined in RFC
			6973.
	The personal health monitoring use case (see Section 2.3) indicates		RFC 6973 was written as guidance for engineers designing technical
	the need for secure audit logs which impose specific requirements on		solutions. For a short description about the deployment-related
	a solution.		aspects of privacy and further references relevant for the Internet
	Auditing is not in the scope of ACE. However, if an authorization		of Things sector please read Section 7 of RFC 7452.
	solution provides means for audit logs, it must consider the impact
	of logged data for the privacy of all parties involved. Suitable
	measures for protecting and purging the logs must be taken during
	operation, maintenance and decommissioning of the device.
	5. Acknowledgments		5. Acknowledgments
	The authors would like to thank Olaf Bergmann, Sumit Singhal, John		The authors would like to thank Olaf Bergmann, Sumit Singhal, John
	Mattson, Mohit Sethi, Carsten Bormann, Martin Murillo, Corinna		Mattson, Mohit Sethi, Carsten Bormann, Martin Murillo, Corinna
	Schmitt, Hannes Tschofenig, Erik Wahlstroem, Andreas Baeckman, Samuel		Schmitt, Hannes Tschofenig, Erik Wahlstroem, Andreas Baeckman, Samuel
	Erdtman, Steve Moore, Thomas Hardjono, Kepeng Li, Jim Schaad,		Erdtman, Steve Moore, Thomas Hardjono, Kepeng Li, Jim Schaad,
	Prashant Jhingran, Kathleen Moriarty, and Sean Turner for reviewing		Prashant Jhingran, Kathleen Moriarty, and Sean Turner for reviewing
	and/or contributing to the document. Also, thanks to Markus Becker,		and/or contributing to the document. Also, thanks to Markus Becker,
	Thomas Poetsch and Koojana Kuladinithi for their input on the		Thomas Poetsch and Koojana Kuladinithi for their input on the
End of changes. 4 change blocks.
	27 lines changed or deleted		18 lines changed or added
This html diff was produced by rfcdiff 1.42. The latest version is available from http://tools.ietf.org/tools/rfcdiff/