Skip to main content


Eclipse Community Forums
Forum Search:

Search      Help    Register    Login    Home
Home » Eclipse Projects » OM2M » OM2M and security mechanism
OM2M and security mechanism [message #1693225] Wed, 22 April 2015 13:28 Go to next message
Sabrina anirbas is currently offline Sabrina anirbasFriend
Messages: 45
Registered: April 2015
Member
Hello,

How does OM2M ensure security?
via TLS-PSK protocol?

Thanks in advance.
Re: OM2M and security mechanism [message #1693246 is a reply to message #1693225] Wed, 22 April 2015 15:51 Go to previous messageGo to next message
Mahdi Ben Alaya is currently offline Mahdi Ben AlayaFriend
Messages: 229
Registered: November 2013
Senior Member
Hello Sabrina,

The current release of OM2M ensure security using certificates and keys using SSL/TLS.
Since we are using the Jetty server, SSL/TLS can be activated by configuring the Jetty ServerConnector.
You can check this link for more detail: http://eclipse.org/jetty/documentation/current/configuring-ssl.html

Regarding TLS-PSK protocol, we implemented it internally, however we did not succeed to include the code as open source do third library intellectual properties issues.
Please tell me if you are aware of any open source implementation of TLS-PSK compatible with the EPL licence.

You are welcome,
Mahdi
Re: OM2M and security mechanism [message #1697839 is a reply to message #1693246] Mon, 08 June 2015 19:38 Go to previous messageGo to next message
Marie-Josee Blais is currently offline Marie-Josee BlaisFriend
Messages: 2
Registered: June 2015
Junior Member
Hello,

I need to setup an https connection for om2m.

From Mahdi's post this seems possible but I can't seem to figure out where I should add that configuration.

I have checked out the link on configuring Jetty for https but I do not see how I can use this when Jetty is used as an embedded plugin.

I also checked the list of configurable variables in the config.ini (nscl and gsl) as well as om2m.product which seems to give an exhaustive list of all that can be configured but I do not see anything related to https.

If someone could provide me with more information or just another link/example I would be very grateful.
Re: OM2M and security mechanism [message #1698602 is a reply to message #1697839] Tue, 16 June 2015 15:29 Go to previous messageGo to next message
Mahdi Ben Alaya is currently offline Mahdi Ben AlayaFriend
Messages: 229
Registered: November 2013
Senior Member
Hello,

You must add the following parameters to the config.ini file to configure jetty for TLS:

org.eclipse.equinox.http.jetty.https.enabled=true
org.eclipse.equinox.http.jetty.https.port=443
org.eclipse.equinox.http.jetty.ssl.password=password
org.eclipse.equinox.http.jetty.ssl.keypassword=password
org.eclipse.equinox.http.jetty.ssl.keystore=home directory/.keystore
org.eclipse.equinox.http.jetty.ssl.protocol=SSL_TLS

Don't forget to generate your certificate using keytool and add it into your keystore as explained by the first tutorial.

You can check this post for more informations: https://www.eclipse.org/forums/index.php/m/80337/?srch=jetty.ssl.keystore#msg_80337
And also this one: http://www-01.ibm.com/support/knowledgecenter/SST55W_4.3.0/liaca/liacasslconfig.html

Hope this can help,
Mahdi

[Updated on: Thu, 18 June 2015 13:08]

Report message to a moderator

Re: OM2M and security mechanism [message #1698865 is a reply to message #1698602] Thu, 18 June 2015 13:06 Go to previous messageGo to next message
Marie-Josee Blais is currently offline Marie-Josee BlaisFriend
Messages: 2
Registered: June 2015
Junior Member
Thank you, that's exactly what I needed.
Re: OM2M and security mechanism [message #1709379 is a reply to message #1693225] Mon, 28 September 2015 06:48 Go to previous messageGo to next message
Andrew Cloete is currently offline Andrew CloeteFriend
Messages: 18
Registered: February 2015
Junior Member
Hallo all,

I am also interested to know if the OM2M platform supports DTSL security on the CoAP port? If not, then how ought security be implemented over CoAP, since I would like my constrained cellular devices to use CoAP over UDP in order to lower data costs and network load.

Regards
Andrew


Re: OM2M and security mechanism [message #1709853 is a reply to message #1709379] Thu, 01 October 2015 13:54 Go to previous message
Francois AissaouiFriend
Messages: 38
Registered: April 2015
Member
Hello Andrew,

Our implementation of the CoAP binding is based on the Californium project (also an Eclipse project at https://eclipse.org/californium/).

I do not think the basic implementation supports the DTSL security but the sub-project Scandium does. (hosted at https://github.com/eclipse/californium.scandium).
Feel free to change the CoAP binding to integrate this part to your code.

Hope this can help, regards
François
Previous Topic:Arduino calls REST API occurring error
Next Topic:How to change Database username and password?
Goto Forum:
  


Current Time: Mon Jun 01 14:28:44 GMT 2020

Powered by FUDForum. Page generated in 0.05875 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 3.0.2.
Copyright ©2001-2010 FUDforum Bulletin Board Software

Back to the top