Skip to content

9.4 Access Management

9.4.0 Introduction

Once a request has performed an Access Decision by the IN-CSE to allow the request, the IN-CSE shall select the appropriate ACS along with elements the ACS would need to implement access management within the ACS. These would include the Identity of the subject (oneM2M Originator) of the request which is needed in scenarios where the original issuer of the request is needed to be known - this could be done by correlating principals (e.g. Roles, Accounts) used by the IN-CSE and ACS.

9.4.1 Access Management Requirements

  • The ACS shall be capable of providing a mechanism for the IN-CSE to discover the Access Management elements used to authorize and authenticate access to resources controlled by the ACS.
  • The IN-CSE shall be capable of correlating Access Management elements provided by the ACS to Access Management elements used by the IN-CSE.
  • The IN-CSE shall be capable of providing secured storage of Access Management elements within the INCSE.