7.1 <mgmtObj> Resource type specializations
7.1.1 Introduction
The present clause specifies <mgmtObj> resource specializations used to configure AEs or CSEs on ADN or ASN/MN nodes in the Field Domain in order to establish M2M Service Layer operation.
Table 7.1.1-1 shows a summary of <mgmtObj> resource specializations defined in the present document.
Table 7.1.1-1: Summary of defined <mgmtObj> resources
| mgmtObj | mgmtDefinition | Intended use | Note |
|---|---|---|---|
| Registration | 1020 | Service Layer Configuration information needed to register an AE or CSE with a Registrar CSE. | This is M2M Service Provider dependent. |
| dataCollection | 1021 | Application Configuration information needed to establish collection of data within the AE and transmit the data to the Hosting CSE using <container> and <contentInstance> resource types. | This is M2M Application dependent. |
| authenticationProfile | 1022 | Security information needed to establish mutually-authenticated secure communications. | |
| myCertFileCred | 1023 | Configuring a file containing a certificate and associated information. | |
| trustAnchorCred | 1024 | Identifies a trust anchor certificate and provides a URL from which the certificate can be retrieved. The trust anchor certificate can be used to validate a certificate which the Managed Entity uses to authenticate another entity. | |
| MAFClientRegCfg | 1025 | Instructions for performing the MAF Client Registration procedure with a MAF. Links to an Authentication Profile instance. | |
| MEFClientRegCfg | 1026 | Instructions for performing the MEF Client Registration procedure with a MEF. Links to an Authentication Profile instance. | |
| OAuth2Authentication | 1027 | To store access token and refresh token used in OAuth2 security protocol. | |
| wificlient | 1028 | To store configuration of Wi-Fi® connection on the client device. | |
| credentials | 1029 | To store credentials on the client device. | |
| SIM | 1030 | To store configuration of Subscriber Identification Module (SIM) | |
| mobileNetwork | 1031 | To store information about the currently connected mobile network. |
7.1.2 Resource [registration]
This specialization of <mgmtObj> is used to convey the service layer configuration information needed to register an AE or CSE with a Registrar CSE.
The [registration] resource shall contain the child resource specified in table 7.1.2-1.
Table 7.1.2-1: Child resources of [registration] resource
| Child Resources of [registration] | Child Resource Type | Multiplicity | Description |
|---|---|---|---|
| [variable] | <subscription> | 0..n | See clause 9.6.8 of oneM2M TS-0001 [2] |
The [registration] resource shall contain the attributes specified in table 7.1.2-2.
Table 7.1.2-2: Attributes of [registration] resource
| Attributes of [registration] |
Multiplicity |
RW/ RO/ WO |
Description |
|---|---|---|---|
| resourceType | 1 | RO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| resourceID | 1 | RO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| resourceName | 1 | WO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| parentID | 1 | RO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| expirationTime | 1 | RW | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| accessControlPolicyIDs | 0..1 (L) | RW | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| creationTime | 1 | RO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| lastModifiedTime | 1 | RO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| labels | 0..1(L) | RW | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| mgmtDefinition | 1 | WO | See clause 9.6.15 of oneM2M TS-0001 [2]. This attribute shall have the fixed value 1020 ("registration"). |
| objectIDs | 0..1 (L) | WO | See clause 9.6.15 of oneM2M TS-0001 [2]. |
| objectPaths | 0..1 (L) | WO | See clause 9.6.15 of oneM2M TS-0001 [2]. |
| description | 0..1 | RW | See clause 9.6.15 of oneM2M TS-0001 [2]. |
| originatorID |
0..1 |
RW |
CSE-ID of the CSE hosted on the ASN/MN or the AE-ID of an AE hosted on an ASN/MN or ADN node. If the setting is for a CSE, then this attribute shall be present. |
| pointOfAccess |
0..1(L) |
RW |
The point of access URI of the Registrar CSE. It represents the list of physical address used by AE/CSEs to connect to registrar CSE. EXAMPLE: http://172.25.0.10:8080/xyz coap://m2m.sp.com:5683 mqtt://172.25.0.10:1883 ws://10.222.254.26:80 See note. |
| CSEBase | 0..1 | RW | The resource identifier of the <CSEBase> resource representing Registrar CSE. |
| CSE-ID | 0..1 | RW | The CSE identifier of Registrar CSEin SP-relative CSE-ID format. |
| appID | 0..1 | RW | The App-ID of an AE. This attribute shall only be present when this resource is used for the registration of an AE. |
| externalID |
0..1 |
RW |
The M2M-Ext-ID of the ASN/MN CSE. This attribute can be present when the originatorID is a CSE-ID and the CSE uses the dynamic registration defined in clause 7.1.10 Trigger Recipient Identifier of oneM2M TS-0001 [2]. |
| Trigger-Recipient-ID |
0..1 |
RW |
The Trigger-Recipient-ID of the ASN/MN CSE. This attribute can be present when the originatorID is a CSE-ID and the CSE uses the dynamic registration defined in clause 7.1.10 Trigger Recipient Identifier of oneM2M TS-0001 [2]. |
| mgmtLink |
0..1 |
RW |
A link to a <mgmtObj> resource instance containing the information for establishing a security association with the Registrar CSE. |
| M2M-Sub-ID | 0..1 | WO | The identifier assigned by the M2M Service Provider for the M2M Service Subscription of the registree. |
| NOTE: Protocol binding is determined from the protocol schema in this URI. | |||
7.1.3 Resource [dataCollection]
This specialization of <mgmtObj> is used to convey the application configuration information needed by an AE to collect data and then transmit the data to a Hosting CSE.
The [dataCollection] resource shall contain the child resource specified in table 7.1.3-1.
Table 7.1.3-1: Child resources of [dataCollection] resource
| Child Resources of [dataCollection] | Child Resource Type | Multiplicity | Description |
|---|---|---|---|
| [variable] | <subscription> | 0..n | See clause 9.6.8 of oneM2M TS-0001 [2] |
The [dataCollection] resource shall contain the attributes specified in table 7.1.3-2.
Table 7.1.3-2: Attributes of [dataCollection] resource
| Attributes of [dataCollection] |
Multiplicity |
RW/ RO/ WO |
Description |
|---|---|---|---|
| resourceType | 1 | RO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| resourceID | 1 | RO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| resourceName | 1 | WO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| parentID | 1 | RO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| expirationTime | 1 | RW | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| accessControlPolicyIDs | 0..1 (L) | RW | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| creationTime | 1 | RO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| lastModifiedTime | 1 | RO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| labels | 0..1(L) | RW | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| mgmtDefinition | 1 | WO | See clause 9.6.15 of oneM2M TS-0001 [2]. This attribute shall have the fixed value 1021 ("dataCollection"). |
| objectIDs | 0..1 (L) | WO | See clause 9.6.15 of oneM2M TS-0001 [2]. |
| objectPaths | 0..1 (L) | WO | See clause 9.6.15 of oneM2M TS-0001 [2]. |
| description | 0..1 | RW | See clause 9.6.15 of oneM2M TS-0001 [2]. |
| containerPath | 1 | RW | The URI of the <container> resource in the hosting CSE that stores the data transmitted by the device. |
| reportingSchedule | 0..1 | RW | The frequency interval, in seconds, used to transmit the data to the Hosting CSE. |
| measurementSchedule | 0..1 | RW | The frequency interval, in seconds, that the device will use to collect or measure the data. |
| mgmtLink |
0..1 |
RW |
A link to a <mgmtObj> resource instance containing the information for establishing End-to-End Security of Primitives (ESPrim) between AE and hosting CSE. ESPrim is specified in oneM2M TS-0003 [3]. |
| NOTE: The present specification does not support configuration for End-to-End Security of Data (ESData) specified in oneM2M TS-0003 [3]. | |||
7.1.4 Resource [authenticationProfile]
The [authenticationProfile] specialization of the <mgmtObj> is used to convey the configuration information regarding establishing mutually-authenticated secure communications. The security principal using this configuration information can be a CSE or AE or the Managed ADN/ASN/MN acting as security principal on behalf of AEs on the Node.
An [authenticationProfile] instance identifies a security framework, TLS cipher suites, and credentials to be used. The applicable security framework is identified by the SUID attribute. The interpretation of SUID is specified in table 7.1.43.
Note
1: The present document does not support using [authenticationProfile] for identifying ESData credentials.
The [authenticationProfile] resource does not include any credentials, but either identifies credentials which are stored locally on the Managed Entity or identifies an M2M Authentication Function (MAF) which is to be used to facilitate establishing symmetric keys. The intended security principal on the Managed Entity is the security principal which can use either all the credentials identified by the [authenticationProfile] resource, or (in the case that a MAF is identified) all of the credentials required for mutual authentication with the MAF.
Note
2: The other security principal can be any of the following: CSE; AE; a Node terminating the security protocol on behalf of AE on Node; and an M2M Authentication Function (MAF).
The [authenticationProfile] resource shall contain the child resource specified in table 7.1.4-1.
Table 7.1.4-1: Child resources of [authenticationProfile] resource
| Child Resources of [authenticationProfile] | Child Resource Type | Multiplicity | Description |
|---|---|---|---|
| [variable] | <subscription> | 0..n | See clause 9.6.8 of oneM2M TS-0001 [2] |
The [authenticationProfile] resource shall contain the attributes specified in table 7.1.4-2.
Table 7.1.4-2: Attributes of [authenticationProfile] resource
| Attributes of [authenticationProfile] |
Multiplicity | RW/ RO/ WO |
Description |
|---|---|---|---|
| resourceType | 1 | RO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| resourceID | 1 | RO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| resourceName | 1 | WO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| parentID | 1 | RO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| expirationTime | 1 | RW | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| accessControlPolicyIDs | 0..1 (L) | RW | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| creationTime | 1 | RO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| lastModifiedTime | 1 | RO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| labels | 0..1(L) | RW | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| mgmtDefinition | 1 | WO | See clause 9.6.15 of oneM2M TS-0001 [2]. This attribute shall have the fixed value 1022 ("authenticationProfile"). |
| objectIDs | 0..1 (L) | WO | See clause 9.6.15 of oneM2M TS-0001 [2]. |
| objectPaths | 0..1 (L) | WO | See clause 9.6.15 of oneM2M TS-0001 [2]. |
| description | 0..1 | RW | See clause 9.6.15 of oneM2M TS-0001 [2]. |
| SUID | 1 | WO | Describes how the authentication profile is to be used. Further details about interpretation of each SUID are specified in table 7.1.4-3 of the present document. |
| TLSCiphersuites | 0..1(L) | RW | If the security framework identified by SUID uses TLS, then this attributes provides a list of allowed TLS cipher suites. |
| symmKeyID | 0..1 | WO | Present when a symmetric key is to be used for mutual authentication. Identifier for a symmetric key already stored locally on the Managed Entity, or to be provisioned to the Managed Entity. |
| symmKeyValue | 0..1 | WO | Optionally present when a symmetric key is to be used for mutual authentication. Contains the value of the symmetric key to be used for mutual authentication. |
| MAFKeyRegLabels | 0..1(L) | WO | Optionally present when a MAF is to be used to facilitate establishing a symmetric key for mutual authentication. Provides the content of the labels parameter in the MAF Key Registration request; see table 8.8.2.7-1, oneM2M TS0003 [3]. |
| MAFKeyRegDuration | 0..1 | WO | Present when a MAF is to be used to facilitate establishing one or more symmetric keys for mutual authentication. Provides the maximum duration for which an established symmetric key may be used. |
| mycertFingerprint | 0..1 | WO | Present when certificate-based authentication is to be used. Provides a hash value for identifying the certificate to be used by the intended security principal on the Managed Entity to authenticate itself to other security principals. |
| rawPubKeyID | 0..1 | WO | Present when certificate-based authentication is to be used and the other security principal will authenticate itself with a Raw Public Key Certificate. |
| M2M-Sub-ID | 0..1 | WO | The identifier assigned by the M2M Service Provider for the M2M Service Subscription of the registree. |
| mgmtLink | 0..1(L) | RW | Present when MAF is to be used to facilitate establishing one or more symmetric keys for mutual authentication or certificate-based authentication is to be used. In the former case, the list contains one reference to a [MAFClientRegCfg] resource. In the latter case, the list contains one or more references pointing to [trustAnchorCred] resources. |
Table 7.1.4-3: SUID which are currently supported in the [authenticationProfile] resource, along with reference to the authentication procedure in oneM2M TS-0003 [3] and mapping to symmetric key
| Value |
Interpretation (see note) |
Authentication Procedure in oneM2M TS-0003 [3] |
Derived Symmetric Key |
DTLS/TLS Notes |
|---|---|---|---|---|
| 10 | A pre-provisioned symmetric key intended to be shared with a MEF | 8.3.2.1 | Kpm | See TLS-PSK Profile in clause 10.2.2 of oneM2M TS-0003 [3] |
| 11 | A pre-provisioned symmetric key intended to be shared with a MAF | 8.8.2.2 | Km | |
| 12 | A pre-provisioned symmetric key intended for use in a Security Associated Establishment Framework (SAEF) | 8.2.2.1 | Kpsa | |
| 13 | A pre-provisioned symmetric key intended for use in End-to-End Security of Primitives (ESPrim) | 8.4.2 | pairwiseESPrimKey | DTLS/TLS is not used |
| 21 |
A symmetric key, provisioned via a Remote Security Provisioning Framework (RSPF), and intended to be shared with a MAF |
RSPF: 8.3.1.2 MAF: 8.8.2.2, 8.8.3.1 |
Km |
See TLS-PSK Profile in clause 10.2.2 of oneM2M TS-0003 [3] |
| 22 |
A symmetric key, provisioned via a RSPF, and intended for use in a SAEF |
RSPF: 8.3.1.2 SAEF: 8.2.2.1, 9.1.1.1 |
Kpsa |
|
| 23 |
A symmetric key, provisioned via a RSPF, and intended for use in ESPrim |
RSPF: 8.3.1.2 ESPrim: 8.4.2 |
pairwiseESPrimKey |
DTLS/TLS is not used |
| 32 |
A MAF-distributed symmetric key intended for use in a SAEF |
MAF: 8.8.2.7, 8.8.3.3 SAEF: 8.2.2.3, 9.1.1.1 |
Kpsa |
See TLS-PSK Profile in clause 10.2.2 of oneM2M TS-0003 [3] |
| 33 |
A MAF-distributed symmetric key intended for use in ESPrim |
MAF: 8.8.2.7, 8.8.3.3 ESPrim: 8.4.2 |
pairwiseESPrimKey |
|
| 40 | A certificate intended to be shared with a MEF | 8.3.2.2 | NP | See certificate-based TLS profile in clause 10.2.3 of oneM2M TS0003 [3] |
| 41 | A certificate intended to be shared with a MAF | 8.8.2.2 | NP | |
| 42 | A certificate intended for use in a Security Associated Establishment Framework (SAEF) | 8.2.2.2 | NP | |
| 43 |
A certificate intended for use in End-to-End Security Certificate-based Key Establishment (ESCertKE) to establish a pairwiseESPrimKey for End-to-End Security of Primitives (ESPrim) |
ESCertKE: 8.7 ESPrim: 8.4.2 |
NP |
For ESCertKE, see certificate-based TLS profile in clause 10.2.3 of oneM2M TS0003 [3]. For ESPrim, DTLS/TLS is not used |
| NOTE: The interpretation is copied from definition of m2m:suid in oneM2M TS-0004 [4]. The oneM2M TS-0004 [4] description takes precedence. | ||||
The Managed Entity shall allow only TLS cipher suites identified in TLSCiphersuites in the TLS Handshakes for a [authenticationProfile] instance. The final column of table 7.1.4-3 provides references to clauses in oneM2M TS0003 [3] specifying the TLS Profiles to be used with the SUID values. The TLSCiphersuite attribute shall be present only when the value of SUID identifies a security framework that uses TLS or DTLS.
If the value of SUID is 10, 11, 12, 21, 22 or 23, then the symmKeyID attribute shall be present. The symmKeyID provides the symmetric key identifier for a symmetric key which shall be retrieved from local storage on the Managed Entity for use in the TLS Handshake. The symmetric key value may be configured in the symmKeyValue . Otherwise, the symmetric key, and associated symmetric key identifier, may be provisioned to the Managed Entity before or after the [authenticationProfile] is configured. Pre-provisioning or Remote Security Provisioning Frameworks (RSPFs), specified in oneM2M TS-0003 [3], should be used whenever possible to establish symmetric keys. Special care is recommended to ensure the confidentiality and integrity of the credentials when using the symmKeyValue to configure symmetric keys.
If the value of SUID is 32 or 33, then the MAFKeyRegDuration attribute shall be present, the MAFKeyRegLabels attribute may be present, and a [MAFClientRegCfg] specialization shall be configured as a child of the [authenticationProfile] resource. These attributes provide the configuration controlling how the Managed Entity shall interact with a MAF to establish the symmetric key subsequently used for mutual authentication. The fqdn attribute of the [MAFClientRegCfg] specialization identifies the MAF.
- If the Managed Entity has not already performed MAF Client Registration procedure with the identified MAF, then the MAF shall perform MAF Client Registration procedure in clause 8.8.2.3 of oneM2M TS0003 [3] using the information in the [MAFClientRegCfg] specialization of the <mgmtObj> specified in clause 7.1.7 of the present document.
- The Managed Entity shall perform the MAF Key Registration Procedure in clause 8.8.2.7 of oneM2M TS0003 [3] with the identified MAF, with the parameters of table 8.8.2.7-1 of oneM2M TS-0003 [3] set as follows:
- The MAF-FQDN parameter shall be set to the value of the fqdn attribute in the [MAFClientRegCfg] specialization which is the child of the [authenticationProfile] resource.
- The expirationTime Parameter shall be set to the time obtained by adding the MAFKeyRegDuration attribute to the present time.
- If MAFKeyRegLabels attribute is present in the [authenticationProfile] resource, then the labels parameter shall be set to the value of the MAFKeyRegLabels attribute. Otherwise, the labels parameter shall not be present.
- The SUID parameter shall be set to the SUID attribute.
- The targetIDs parameter shall be set to the CSE-ID in the [registration] or [dataCollection] resource.
If the value of SUID is 40, 41, 42, or 43, then the mycertFingerprint attribute shall be present, and either the rawPubKeyID attribute shall be present or one or more [trustAnchorCred] specializations shall be configured as children of the [authenticationProfile] resource. The Managed Entity shall use the certificate matching mycertFingerprint to authenticate itself. The hash value portion of mycertFingerprint shall be computed over the X.509 ASN.1 DER encoded certificate:
- If the rawPubKeyID attribute is present, then the Managed Entity shall compare this value against the public key identifier (similar to a certificate fingerprint) generated from the raw public key certificate presented by the other entity, as specified in clause 10.1.2 of oneM2M TS-0003 [3]. If the rawPubKeyID attribute is present, the Managed Entity shall ignore [trustAnchorCred] resource(s) configured as children of the [authenticationProfile] .
- If the rawPubKeyID attribute is not present, then the Managed Entity shall use the one or more [trustAnchorCred] resource instance(s) configured as children of the [authenticationProfile] resource instance to retrieve Certificate Authority certificates to be used by the Managed Entity as a trust anchor certificate (also known as a "root CA certificate" or "trust root certificate") when validating the certificate chains provided by other entities. The Managed Entity shall allow the TLS handshake only if the other entity provides a certificate chaining to one of these trust anchors, using the process specified in clause 8.1.2.2 in oneM2M TS-0003 [3].
[authenticationProfile] resources are expected to be protected by a secure environment on the Managed Entity, in order to preserve integrity of the attributes. Optimal protection is provided when the integrity protection of the management protocol message is verified in the secure environment.
7.1.5 Resource [myCertFileCred]
This <mgmtObj> specialization is used to configure a certificate or certificate chain which the Managed Entity knows the private key.
The [myCertFileCred] resource shall contain the child resource specified in table 7.1.5-1.
Table 7.1.5-1: Child resources of [myCertFileCred] resource
| Child Resources of [myCertFileCred] | Child Resource Type | Multiplicity | Description |
|---|---|---|---|
| [variable] | <subscription> | 0..n | See clause 9.6.8 of oneM2M TS-0001 [2] |
The [myCertFileCred] resource shall contain the attributes specified in table 7.1.5-2.
Table 7.1.5-2: Attributes of [myCertFileCred] resource
| Attributes of [myCertFileCred] |
Multiplicity | RW/ RO/ WO |
Description |
|---|---|---|---|
| resourceType | 1 | RO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| resourceID | 1 | RO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| resourceName | 1 | WO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| parentID | 1 | RO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| expirationTime | 1 | RW | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| accessControlPolicyIDs | 0..1 (L) | RW | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| creationTime | 1 | RO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| lastModifiedTime | 1 | RO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| labels | 0..1(L) | RW | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| mgmtDefinition | 1 | WO | See clause 9.6.15 of oneM2M TS-0001 [2]. This attribute shall have the fixed value 1023 ("myCertFileCred"). |
| objectIDs | 0..1 (L) | WO | See clause 9.6.15 of oneM2M TS-0001 [2]. |
| objectPaths | 0..1 (L) | WO | See clause 9.6.15 of oneM2M TS-0001 [2]. |
| description | 0..1 | RW | See clause 9.6.15 of oneM2M TS-0001 [2]. |
| SUIDs | 1 (L) | RW | Identifies the security framework(s) which may use this credential. |
| myCertFileFormat | 1 | WO | Media Type of myCertFileContent attribute. Default is "application/pkcs7-mime". |
| myCertFileContent | 1 | WO | Certificate or certificate chain. Default media-type is "application/pkcs7-mime". |
The SUIDs attribute lists the Security Usage Identifiers (SUIDs) of the security frameworks which shall be allowed using this credential for establishing mutually-authenticated secure communication. Any SUID which is not in this list shall be prevented from using this credential for establishing mutually-authenticated secure communication. The SUID values allowed in this attribute are listed in table 7.1.5-3. See table 7.1.4-3 for references to the corresponding authentication procedure in oneM2M TS-0003 [3] and DTLS/TLS notes.
Table 7.1.5-3: SUID which are currently supported in the [myCertFileCred] resource
| Value | Interpretation (see note) |
|---|---|
| 40 | A certificate intended to be shared with a MEF |
| 41 | A certificate intended to be shared with a MAF |
| 42 | A certificate intended for use in a Security Associated Establishment Framework (SAEF) |
| 43 | A certificate intended for use in End-to-End Security Certificate-based Key Establishment (ESCertKE) to establish a pairwiseESPrimKey for End-to-End Security of Primitives (ESPrim) |
| NOTE: The interpretation is copied from the definition of m2m:suid in oneM2M TS-0004 <a href="#_ref_4">[4]</a>. The oneM2M TS-0004 <a href="#_ref_4">[4]</a> description takes precedence. | |
The Certificate issuer should verify that the corresponding private key is known to the Managed Entity. The present specification does not provide a mechanism for such verification.
Note
In many scenarios, if the device management session takes place over a TLS connection in which the Managed Entity is authenticated using an existing certificate (e.g. a manufacturer certificate), then it would be acceptable to issue a certificate with SubjectPublicKeyInfo copied from the existing certificate.
Managed Entities shall support the default certificate-related media type.
If the mycertFingerprint attribute in an [authenticationProfile] resource matches the certificate in a [myCertFileCred] resource, then the authentication protocol based on that [authenticationProfile] shall provide the certificate or certificate chain in the myCertFileContent , and shall use the corresponding private key to authenticate the Managed Entity.
[myCertFileCred] instances are expected to be protected by a secure environment on the Managed Entity, in order to preserve confidentiality and integrity of the attributes. Optimal protection is provided when the decryption and integrity verification of the management protocol message occurs in the secure environment.
7.1.6 Resource [trustAnchorCred]
The [trustAnchorCred] <mgmtObj> specialization is read by AEs or CSEs on ADN or ASN/MN nodes in the Field Domain. A [trustAnchorCred] is configured as a child or children of [authenticationProfile] resources by means of a mgmtLink. A security principal acting on a [authenticationProfile] uses the information in the associated [trustAnchorCred] resources to identify a trust anchor certificate for validation of certificates.
The [trustAnchorCred] resource shall contain the child resource specified in table 7.1.6-1.
Table 7.1.6-1: Child resources of [trustAnchorCred] resource
| Child Resources of [trustAnchorCred] | Child Resource Type | Multiplicity | Description |
|---|---|---|---|
| [variable] | <subscription> | 0..n | See clause 9.6.8 of oneM2M TS-0001 [2] |
The [trustAnchorCred] resource shall contain the attributes specified in table 7.1.6-2.
Table 7.1.6-2: Attributes of [trustAnchorCred] resource
| Attributes of [trustAnchorCred] |
Multiplicity | RW/ RO/ WO |
Description |
|---|---|---|---|
| resourceType | 1 | RO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| resourceID | 1 | RO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| resourceName | 1 | WO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| parentID | 1 | RO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| expirationTime | 1 | RW | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| accessControlPolicyIDs | 0..1 (L) | RW | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| creationTime | 1 | RO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| lastModifiedTime | 1 | RO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| Labels | 0..1(L) | RW | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| mgmtDefinition | 1 | WO | See clause 9.6.15 of oneM2M TS-0001 [2]. This attribute shall have the fixed value 1024 ("trustAnchorCred"). |
| objectIDs | 0..1 (L) | WO | See clause 9.6.15 of oneM2M TS-0001 [2]. |
| objectPaths | 0..1 (L) | WO | See clause 9.6.15 of oneM2M TS-0001 [2]. |
| Description | 0..1 | RW | See clause 9.6.15 of oneM2M TS-0001 [2]. |
| certFingerprint | 1 | WO | Provides a hash value for identifying a certificate authority certificate to be used for validating certificates presented by other entities. |
| URI | 1 | RW | A URI from which the trust anchor certificate may be retrieved. |
The certFingerprint attribute of the [trustAnchorCred] resource identifies a Certificate Authority certificate to be used by the Managed Entity as a trust anchor when validating the certificate chains provided by other entities. The hash value portion of the certFingerprint attribute shall be computed over the X.509 ASN.1 DER encoded certificate using the SHA-256 hash algorithm defined in FIPS PUB 180-4 [10]. The certFingerprint attribute shall be represented in the named information (ni) URI format defined in IETF RFC 6920 [7], see tables 7.2.6.1-2 and 7.3.2-1. Where the CA Certificate identified in a [trustAnchorCred] resource is not already in local storage, then the Managed Entity shall retrieve the certificate using the URI attribute in the [trustAnchorCred] resources.
[trustAnchorCred] resources are expected to be protected by a secure environment on the Managed Entity, in order to preserve integrity of the attributes. Optimal protection is provided when the integrity protection of the management protocol message is verified in the secure environment.
7.1.7 Resource [MAFClientRegCfg]
This <mgmtObj> specialization is used to convey instructions regarding the MAF Client Registration procedure (clause 8.8.2.3 of oneM2M TS-0003 [3]).
The [MAFClientRegCfg] resource shall contain the child resource specified in table 7.1.7-1.
Table 7.1.7-1: Child resources of [MAFClientRegCfg] resource
| Child Resources of [MAFClientRegCfg] | Child Resource Type | Multiplicity | Description |
|---|---|---|---|
| [variable] | <subscription> | 0..n | See clause 9.6.8 of oneM2M TS-0001 [2] |
The [MAFClientRegCfg] resource shall contain the attributes specified in table 7.1.7-2.
Table 7.1.7-2: Attributes of [MAFClientRegCfg] resource
| Attributes of [MAFClientRegCfg] |
Multiplicity | RW/ RO/ WO |
Description |
|---|---|---|---|
| resourceType | 1 | RO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| resourceID | 1 | RO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| resourceName | 1 | WO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| parentID | 1 | RO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| expirationTime | 1 | RW | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| accessControlPolicyIDs | 0..1 (L) | RW | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| creationTime | 1 | RO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| lastModifiedTime | 1 | RO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| labels | 0..1(L) | RW | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| mgmtDefinition | 1 | WO | See clause 9.6.15 of oneM2M TS-0001 [2]. This attribute shall have the fixed value 1025 ("MAFClientRegCfg"). |
| objectIDs | 0..1 (L) | WO | See clause 9.6.15 of oneM2M TS-0001 [2]. |
| objectPaths | 0..1 (L) | WO | See clause 9.6.15 of oneM2M TS-0001 [2]. |
| description | 0..1 | RW | See clause 9.6.15 of oneM2M TS-0001 [2]. |
| fqdn | 1 | WO | See clause 8.8.3.2 of oneM2M TS-0003 [3] |
| adminFQDN | 1 | WO | See clause 8.8.3.2 of oneM2M TS-0003 [3] |
| httpPort | 0..1 | WO | See clause 8.8.3.2 of oneM2M TS-0003 [3] |
| coapPort | 0..1 | WO | See clause 8.8.3.2 of oneM2M TS-0003 [3] |
| websocketPort | 0..1 | WO | See clause 8.8.3.2 of oneM2M TS-0003 [3] |
| mgmtLink | 1 | RW | A link to a [authenticationProfile] resource containing the parameters for the MAF Client to establish mutuallyauthenticated secure communications with the MAF. |
The MAF Client shall perform the MAF Client Registration Procedure specified in clause 8.8.2.3 of oneM2M TS0003 [3], using the linked authentication profile for mutual authentication of the MAF Client and MAF.
The MOs configured to the Managed Entity via [MAFClientRegCfg] resources are expected to be protected by a secure environment on the Managed Entity, in order to preserve integrity of the attributes. Optimal protection is provided when the integrity protection of the management protocol message is verified in the secure environment.
7.1.8 Resource [MEFClientRegCfg]
This <mgmtObj> specialization is used to convey instructions regarding the MEF Client Registration procedure (clause 8.3.5.2.3 of oneM2M TS-0003 [3]).
The [MEFClientRegCfg] resource shall contain the child resource specified in table 7.1.8-1.
Table 7.1.8-1: Child resources of [MEFClientRegCfg] resource
| Child Resources of [MEFClientRegCfg] | Child Resource Type | Multiplicity | Description |
|---|---|---|---|
| [variable] | <subscription> | 0..n | See clause 9.6.8 of oneM2M TS-0001 [2] |
The [MEFClientRegCfg] resource shall contain the attributes specified in table 7.1.8-2.
Table 7.1.8-2: Attributes of [MEFClientRegCfg] resource
| Attributes of [MEFClientRegCfg] |
Multiplicity | RW/ RO/ WO |
Description |
|---|---|---|---|
| resourceType | 1 | RO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| resourceID | 1 | RO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| resourceName | 1 | WO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| parentID | 1 | RO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| expirationTime | 1 | RW | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| accessControlPolicyIDs | 0..1 (L) | RW | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| creationTime | 1 | RO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| lastModifiedTime | 1 | RO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| Labels | 0..1(L) | RW | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| mgmtDefinition | 1 | WO | See clause 9.6.15 of oneM2M TS-0001 [2]. This attribute shall have the fixed value 1026 ("MEFClientRegCfg"). |
| objectIDs | 0..1 (L) | WO | See clause 9.6.15 of oneM2M TS-0001 [2]. |
| objectPaths | 0..1 (L) | WO | See clause 9.6.15 of oneM2M TS-0001 [2]. |
| Description | 0..1 | RW | See clause 9.6.15 of oneM2M TS-0001 [2]. |
| Fqdn | 1 | WO | See clause 8.3.7 of oneM2M TS-0003 [3] |
| adminFQDN | 1 | WO | See clause 8.3.7 of oneM2M TS-0003 [3] |
| httpPort | 0..1 | WO | See clause 8.3.7 of oneM2M TS-0003 [3] |
| coapPort | 0..1 | WO | See clause 8.3.7 of oneM2M TS-0003 [3] |
| websocketPort | 0..1 | WO | See clause 8.3.7 of oneM2M TS-0003 [3] |
| mgmtLink | 1 | RW | A link to a [authenticationProfile] resource containing the parameters for the MEF Client to establish mutually-authenticated secure communications with the MEF. |
The MEF Client shall perform the MEF Client Registration Procedure specified in clause 8.8.2.3 of oneM2M TS0003 [3], using the linked authentication profile for mutual authentication of the MEF Client and MEF.
The MOs configured to the Managed Entity via [MEFClientRegCfg] resources are expected to be protected by a secure environment on the Managed Entity, in order to preserve integrity of the attributes. Optimal protection is provided when the integrity protection of the management protocol message is verified in the secure environment.
7.1.9 Resource [OAuth2Authentication]
This specialization of <mgmtObj> is used to store access token and refresh token used in OAuth2 security protocol
The [OAuth2Authentication] resource shall contain the child resources specified in table 7.1.9-1.
Table 7.1.9-1: Child resources of [OAuth2Authentication] resource
| Child Resources of [OAuth2Authentication] | Child Resource Type | Multiplicity | Description |
|---|---|---|---|
| [variable] | <subscription> | 0..n | See clause 9.6.8 of oneM2M TS-0001 [2] |
The [OAuth2Authentication] resource shall contain the attributes specified in table 7.1.9-2.
Table 7.1.9-2: Attributes of [OAuth2Authentication] resource
| Attributes of [OAuth2Authentication] |
Multiplicity | RW/ RO/ WO |
Description |
|---|---|---|---|
| resourceType | 1 | RO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| resourceID | 1 | RO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| resourceName | 1 | WO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| parentID | 1 | RO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| expirationTime | 1 | RW | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| accessControlPolicyIDs | 0..1 (L) | RW | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| creationTime | 1 | RO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| lastModifiedTime | 1 | RO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| labels | 0..1(L) | RW | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| mgmtDefinition | 1 | WO | See clause 9.6.15 of oneM2M TS-0001 [2]. This attribute shall have fixed value "OAuthAuthentication". |
| objectIDs | 0..1 (L) | WO | See clause 9.6.15 of oneM2M TS-0001 [2]. |
| objectPaths | 0..1 (L) | WO | See clause 9.6.15 of oneM2M TS-0001 [2]. |
| description | 0..1 | RW | See clause 9.6.15 of oneM2M TS-0001 [2]. |
| accessToken | 1 | RW | Indicates OAuth2 access token. |
| refreshToken | 1 | RW | Indicates OAuth2 refresh token. |
7.1.10 Resource [wifiClient]
This specialization of <mgmtObj> is used to store configuration of Wi-Fi® connection on the client device.
The [wifiClient] resource shall contain the child resources specified in table 7.1.10-1.
Table 7.1.10-1: Child resources of [wifiClient] resource
| Child Resources of [wifiClient] | Child Resource Type | Multiplicity | Description |
|---|---|---|---|
| [variable] | <subscription> | 0..n | See clause 9.6.8 of oneM2M TS-0001 [2] |
The [wifiClient] resource shall contain the attributes specified in table 7.1.10-2.
Table 7.1.10-2: Attributes of [wifiClient] resource
| Attributes of [wifiClient] |
Multiplicity** | RW/ RO/ WO |
Description |
|---|---|---|---|
| resourceType | 1 | RO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| resourceID | 1 | RO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| resourceName | 1 | WO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| parentID | 1 | RO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| expirationTime | 1 | RW | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| accessControlPolicyIDs | 0..1 (L) | RW | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| creationTime | 1 | RO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| lastModifiedTime | 1 | RO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| labels | 0..1(L) | RW | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| mgmtDefinition | 1 | WO | See clause 9.6.15 of oneM2M TS-0001 [2]. This attribute shall have the fixed value 1027(wifiClient). |
| objectIDs | 0..1 (L) | WO | See clause 9.6.15 of oneM2M TS-0001 [2]. |
| objectPaths | 0..1 (L) | WO | See clause 9.6.15 of oneM2M TS-0001 [2]. |
| description | 0..1 | RW | See clause 9.6.15 of oneM2M TS-0001 [2]. |
| ssid | 1 | RW | Indicates ssid of Wi-Fi® network. This attribute is a specialization of [objectAttribute] attribute. |
| credentials | 0..1 | RW | Indicates encryption type and credentials used to authenticate connection. This attribute is a specialization of [objectAttribute] attribute. |
| macAddress | 0..1 | RW | Indicates MAC address of network's access point. This attribute is a specialization of [objectAttribute] attribute. |
| channel | 0..1 | RO | Indicates Wi-Fi® channel. This attribute is a specialization of [objectAttribute] attribute. |
| connectionStatus | 0..1 | RW | Indicates current status of the connection. This attribute is a specialization of [objectAttribute] attribute. |
| scan | 1 | RW | The action that allows to scan the environment to find available Wi-Fi® networks. The action is triggered by assigning value "TRUE" to this attribute. This attribute is a specialization of [objectAttribute] attribute. This action will provide all the available ssids in scanResult . |
| scanResult | 1 | RW | Indicates list of networks detected by the device. This attribute is a specialization of [objectAttribute] attribute. |
| update | 1 | RW | The action is to trigger the device to update its Wi-Fi® configuration based on the provided values (e.g. ssid, credentials, etc.).The action is triggered by assigning value "TRUE" to this attribute. This attribute is a specialization of [objectAttribute] attribute. |
| updateStatus | 1 | RW | Indicates status of update operation. This attribute is a specialization of [objectAttribute] attribute. |
| toggleRadioStatus | 0..1 | RW | The action that allows to turn on and turn off the Wi-Fi® subsystem on Wi-Fi® client device according to present radioStatus attribute value. The action is triggered by assigning value "TRUE" to this attribute. This attribute is a specialization of [objectAttribute] attribute. This action will switch radioStatus . |
| radioStatus | 0..1 | RW | Indicates whether the Wi-Fi® sub-system on Wi-Fi® client device is turned on or turned off. This attribute is a specialization of [objectAttribute] attribute. |
7.1.11 Resource [credentials]
This specialization of <mgmtObj> is used to store credentials on the client device.
The [credentials] resource shall contain the child resources specified in table 7.1.11-1.
Table 7.1.11-1: Child resources of [credentials] resource
| Child Resources of [credentials] | Child Resource Type | Multiplicity | Description |
|---|---|---|---|
| [variable] | <subscription> | 0..n | See clause 9.6.8 of oneM2M TS-0001 [2] |
The [credentials] resource shall contain the attributes specified in table 7.1.11.-2
Table 7.1.11-2: Attributes of [credentials] resource
| Attributes of [credentials] |
Multiplicity | RW/ RO/ WO |
Description |
|---|---|---|---|
| resourceType | 1 | RO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| resourceID | 1 | RO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| resourceName | 1 | WO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| parentID | 1 | RO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| expirationTime | 1 | RW | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| accessControlPolicyIDs | 0..1 (L) | RW | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| creationTime | 1 | RO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| lastModifiedTime | 1 | RO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| labels | 0..1(L) | RW | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| mgmtDefinition | 1 | WO | See clause 9.6.15 of oneM2M TS-0001 [2].. This attribute shall have the fixed value 1029(credentials). |
| objectIDs | 0..1 (L) | WO | See clause 9.6.15 of oneM2M TS-0001 [2]. |
| objectPaths | 0..1 (L) | WO | See clause 9.6.15 of oneM2M TS-0001 [2]. |
| description | 0..1 | RW | See clause 9.6.15 of oneM2M TS-0001 [2]. |
| purpose | 0..1 | RW | Indicates the intended use of this credentials set. |
| credentialID | 0..1 | RW | Indicates a username or credential ID for authentication. |
| credentialSecret | 0..1 | RW | Indicates a password or credential secret for authentication. |
| credentialToken | 0..1 | RW | Indicates a token for authentication. |
7.1.12 Resource [SIM]
This specialization of <mgmtObj> is used to store configuration of Subscriber Identification Module (SIM) and status information. This information is meant to configure devices, e.g. to activate or deactivate SIM on a device, as well as provide information about used and deployed SIM identify to other entities.
The terms "SIM" and "Subscriber Identity Module" are used in this resource to refer to the physical/logical platform hosting the application handling authentication of the related subscriber onto a 3GPP network.
The [SIM] resource shall contain the child resources specified in table 7.1.12-1.
Table 7.1.12-1: Child resources of [SIM] resource
| Child Resources of [SIM] | Child Resource Type | Multiplicity | Description |
|---|---|---|---|
| [variable] | <subscription> | 0..n | See clause 9.6.8 of oneM2M TS-0001 [2] |
The [SIM] resource shall contain the attributes specified in table 7.1.12-2.
Table 7.1.12-2: Attributes of [SIM] resource
| Attributes of [SIM] |
Multiplicity | RW/ RO/ WO |
Description |
|---|---|---|---|
| resourceType | 1 | RO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| resourceID | 1 | RO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| resourceName | 1 | WO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| parentID | 1 | RO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| expirationTime | 1 | RW | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| accessControlPolicyIDs | 0..1 (L) | RW | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| creationTime | 1 | RO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| lastModifiedTime | 1 | RO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| labels | 0..1(L) | RW | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| mgmtDefinition | 1 | WO | See clause 9.6.15 of oneM2M TS-0001 [2].. This attribute shall have the fixed value 1030 (SIM). |
| objectIDs | 0..1 (L) | WO | See clause 9.6.15 of oneM2M TS-0001 [2]. |
| objectPaths | 0..1 (L) | WO | See clause 9.6.15 of oneM2M TS-0001 [2]. |
| description | 0..1 | RW | See clause 9.6.15 of oneM2M TS-0001 [2]. |
| imsi | 0..1 | RW | The international mobile subscriber identity (IMSI) that is associated with the SIM. |
| iccid | 1 | RW | The physical/logical platform for each SIM is uniquely identified by its integrated circuit card identifier (ICCID) as specified in ETSI TS 102 221_._ It is also used to identify eSIM profiles. |
| simStatus | 0..1 | RW | The activation status of the SIM in the device. |
| simType | 0..1 | RW | The type of the SIM. |
| serviceProviderName | 0..1 | RW | The Service Provider Name (SPN) of a SIM. |
7.1.13 Resource [mobileNetwork]
This specialization of <mgmtObj> is used to store information about the currently connected mobile network. This information can be derived from the network, but also be provided by an OSS (Operation Support System), or be provided by a device.
The [mobileNetwork] resource shall contain the child resources specified in table 7.1.13-1.
Table 7.1.13-1: Child resources of [mobileNetwork] resource
| Child Resources of [mobileNetwork] | Child Resource Type | Multiplicity | Description |
|---|---|---|---|
| [variable] | <subscription> | 0..n | See clause 9.6.8 of oneM2M TS-0001 [2] |
The [mobileNetwork] resource shall contain the attributes specified in table 7.1.13-2. The specialisation attributes are derived from and map to the LwM2M Object #4 "Connectivity Monitoring" definition [11].
Table 7.1.13-2: Attributes of [mobileNetwork] resource
| Attributes of [mobileNetwork] |
Multiplicity | RW/ RO/ WO |
Description |
|---|---|---|---|
| resourceType | 1 | RO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| resourceID | 1 | RO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| resourceName | 1 | WO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| parentID | 1 | RO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| expirationTime | 1 | RW | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| accessControlPolicyIDs | 0..1 (L) | RW | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| creationTime | 1 | RO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| lastModifiedTime | 1 | RO | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| labels | 0..1(L) | RW | See clause 9.6.1.3 of oneM2M TS-0001 [2]. |
| mgmtDefinition | 1 | WO | See clause 9.6.15 of oneM2M TS-0001 [2].. This attribute shall have the fixed value 1031 (mobileNetwork). |
| objectIDs | 0..1 (L) | WO | See clause 9.6.15 of oneM2M TS-0001 [2]. |
| objectPaths | 0..1 (L) | WO | See clause 9.6.15 of oneM2M TS-0001 [2]. |
| description | 0..1 | RW | See clause 9.6.15 of oneM2M TS-0001 [2]. |
| cellularNetworkBearer | 0..1 | RW | Indicates the cellular network bearer used for the current cellular communication session. |
| radioSignalStrength | 0..1 | RW | Indicates the average value of the received signal strength indication used in the current cellular network bearer. For the following network bearers the signal strength parameters indicated below are represented by this resource: GSM: RSSI UMTS: RSCP LTE: RSRP NB-IoT: NRSRP |
| linkQuality | 0..1 | RW | This attribute contains received link quality e.g. LQI for IEEE 802.15.4 (range 0...255), RxQual Downlink for GSM (range 0...7, see 3GPP 44.018 [12]), RSRQ for LTE, (see 3GPP 36.214 [13]), NRSRQ for NB-IoT (see [13]). |
| ipAddresses | 0..1(L) | RW | The IP addresses assigned to the connectivity interface. (e.g. IPv4, IPv6, etc.) |
| routerIPAddresses | 0..1(L) | RW | The IP address of the next-hop IP router, on each of the interfaces specified in resource 4 (IP Addresses). |
| apn | 0..1 | RW | Access Point Name of the cellular network. |
| cellID | 0..1 | RW | Serving Cell ID of a cellular Network. |
| smnc | 0..1 | RW | Serving Mobile Network Code of a cellular network. As specified in 3GPP 23.003 [14]. |
| smcc | 0..1 | RW | Serving Mobile Country Code of a cellular network. As specified in 3GPP 23.003 [14]. |
| lac | 0..1 | RW | Location Area Code for a Cellular Network. As specified in 3GPP 23.003 [14] and in 3GPP 24.008 [15]. |
| coverageEnhancementLevel | 0..1 | RW | Indicates the Coverage Enhancement Level of the UE in the serving cell. The Coverage Enhancement levels are defined and specified in 3GPP 36.331 [16] and 36.213 [17]. |