Jeff,
If you look at EZ Pass it is still the case that their transponders
(credentials) cannot be federated with SunPass (FL) or FastTrak (CA), etc.
so there is way to go for device interoperability even though you do have
open road payments (you don't really need those booths) and users still
can't apply the transponder to other vehicle, e.g. parking use cases.
Chipped trucks (digital tachymeters) are an example of tighter binding of
identifier to device along the lines of a device LOA. ZipCar is another
good use case for credential (lower assurance than the smart card in the
tachymeter, it's low symmetric key). These are use case where you have
people (plural and large numbers) identity, identifiers, attributes (owner,
driver among others), and the devices (ditto many) and network (roads). So
yes in some cases the things built with technology from decades ago are
simple.
That notwithstanding there are a wide range of intelligent vehicle
activities underway global to leverage the vehicle and device tech. In
order to do this a wide range of challenges and questions but at the same
time consider navigation and route guidance advances in the last decade,
it's the to point where the hard part is take over from the driver. Talk
about delegated control. Nothing simple here. I think there is good ground
here (see below outing my bias). And at this point might we think there are
no bad use cases yet.
Cheers,
Sal
PS, used to Chair the oxymoron of the Intelligent Transportation Society of
Massachusetts 15 years ago and spent some time putting sensors and data
acquisition systems including RFID and video in transport including some of
the above. There are a lot of different options look at this today.
From: dg-idot-bounces@kantarainitiative.org
[mailto:dg-idot-bounces@kantarainitiative.org] On Behalf Of j stollman
Sent: Monday, August 19, 2013 8:24 AM
To: Ingo.Friese@telekom.de
Cc: dg-idot@kantarainitiative.org
Subject: Re: [DG-IDoT] IDoT use-case collection "rental car mobility"
scenario by Ingo
I am confused about the value of Ingo's care use case.
There is a current solution to this problem in use in the US. It is called
EZ-Pass. A user attaches an RFID tag to his vehicle. Interrogators located
at toll booths along toll roads and bridges interrogate devices as they pass
by and debit the account. There are separate lanes at the toll station for
cars without EZ-Pass. (They also take a photograph of the car and driver to
catch those who pass through the EZ-Pass toll gate without the RFID tag and
to avoid repudiation of charges by those who have EZ-Pass but later deny
such charges.) Different service providers (in this case state toll road
commission) sign up for the service and agree to use the RFID protocol of
the EZ-Pass provider.
This is not really an IoT solution. It is a bit clumsy because it requires
an additional device versus leveraging identity capabilities built in to the
car. But I would imagine that if the auto industry standardized on an
identity technology, the problem is simple. Berlin Parking would merely use
the comms protocol established by the auto makers to identify the vehicle.
They would then look up the vehicle in their database to see if it is one of
their direct parking clients. If not, they would then proceed to perform a
lookup in the database for Green&Blue Cars. If they find the car listed,
they let it through. If not, the gate stays down until they proffer some
alternative method of payment, e.g., pushing a button to obtain a
time-stamped ticket of their entry time. Berlin Parking might also take a
photograph to avoid later repudiation.
The point is that I am not sure that Auth'n is more than a simple vehicle
identity and Auth'z a simple database lookup. The complexity comes only
from waiting for a comms standard to emerge.
Am I missing something?
Thank you.
Jeff
On Mon, Aug 19, 2013 at 4:41 AM,
From the identity point of view we have several aspects here:
Bob is crossing domains of different companies. All these companies may have chosen different solutions, protocols and address and authentication schemes to manage their items. Addressing/Discovery The gate of "Berlin Parking" has to communicate with Bob's car. At least in order to recognize "ok this car has a special contract so it's good to go". For communication we need communication endpoints/addresses for the gate and for the car. The endpoint for the gate could be: 10.0.0.78.88.9876.berlincenter.berlinparking.de (mixed address.public & "Berlin Parking" specific address URL) The endpoint for the car is in fact an IMEI (International Mobile Station Equipment Identity) of a mobile build in GSM unit e.g. #490154203237518#. Other rental car companies use the car-id taken from the CAN-BUS System (widely used system in car industry). Both companies have their special address scheme. How to address items across different domains, namespaces and formats? (Extensible Resource Identifier OASIS XRI might be an approach..needs further discussion) Authentication Bob is able to load the battery of his car or he can get gasoline without direct payment. It is really important that only cars of "Green&blue car" company get their fuel or energy without extra payment. So the car has to authenticate itself against the energy station. How to provide authentication without Bob's interaction? May be its possible to find a special solution for "Green&blue car" but what if tomorrow other rental car companies want to join? Is there something like a general authentication scheme for things? Authorization "Green&blue car" is only allowed for gas up to a certain amount of money. How to authorize things? (OAuth for Things?...) Policies The rental car company "Green&blue car" is allowed to check the status, location and certain statistics at any time. "Berlin Green Energy" is allowed to check the location of Bobs car in order to direct him to the nearest Energy station. There has to be a policy management deciding who is allowed for what? I have the feeling we need an authorization framework here. (kind of UMA/OAuth thing?) _______________________________________________ DG-IDoT mailing list DG-IDoT@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/dg-idot _______________________________________________ DG-IDoT mailing list DG-IDoT@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/dg-idot -- Jeff Stollman stollman.j@gmail.com 1 202.683.8699 Truth never triumphs - its opponents just die out. Science advances one funeral at a time. Max Planck