User Tools

Site Tools


steps_for_enabling_security_in_iotivity_applications

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
steps_for_enabling_security_in_iotivity_applications [2017/03/20 09:23]
saurabh sharma [3. Secure Virtual Resource (SVR) database]
steps_for_enabling_security_in_iotivity_applications [2017/04/06 20:19] (current)
Nathan Heldt-Sheller
Line 18: Line 18:
 See more [[faq_s| here]] See more [[faq_s| here]]
  
-NB: If you compile iotivity with the SECURED=1 flag, even resources for which OC_SECURE is not specified will be subject to access control as explained below. This is due to a [[https://jira.iotivity.org/​browse/​IOT-920|bug]].+NB: If you compile iotivity with the SECURED=1 flag, even resources for which OC_SECURE is not specified will be subject to access control as explained below. This is the intended behavioraccess for any resource must be explicitly granted via the Access Control List (ACL) ​Without an ACL entry granting access, requests will be denied by default.
  
  
-==== 3. Secure ​Virtual Resource (SVR) database ====+==== 3. Security ​Virtual Resource (SVR) database ====
  
-Configuration data such as access control lists(ACL's), PSK credentials,​ device certificates,​ device ID etc are stored and managed by Iotivity stack in SVR database in CBOR format. An Iotivity application can provide this data to Iotivity stack by invoking //​OCRegisterPersistentStorageHandler()//​ API at startup. OCPersistentStorage structure is used to register "​fopen,​ fread, fwrite, fclose, unlink"​ functions.+Configuration data such as Access Control List (ACL), PSK credentials,​ device certificates,​ device ID etc are stored and managed by Iotivity stack in SVR database in CBOR format. An Iotivity application can provide this data to Iotivity stack by invoking //​OCRegisterPersistentStorageHandler()//​ API at startup. OCPersistentStorage structure is used to register "​fopen,​ fread, fwrite, fclose, unlink"​ functions.
 e.g In file resource/​csdk/​stack/​samples/​linux/​secure/​ocserverbasicops.cpp,​ the functions server_fopen is registered which opens application specific dat file. Likewise fread, fwrite, fclose, unlink can also be implemented specific to the application. e.g In file resource/​csdk/​stack/​samples/​linux/​secure/​ocserverbasicops.cpp,​ the functions server_fopen is registered which opens application specific dat file. Likewise fread, fwrite, fclose, unlink can also be implemented specific to the application.
  
steps_for_enabling_security_in_iotivity_applications.txt ยท Last modified: 2017/04/06 20:19 by Nathan Heldt-Sheller