International expert organization DEKRA has become the only authorized testing laboratory in Europe for the Open Connectivity Foundation (OCF). The OCF focuses on the development of a standard specification and certification program to address the challenges of the Internet of Things. Devices bearing the ‘OCF Certified’ logo have passed rigorous interoperability certification requirements…. [Read More]
Search Results for: upnp+/wp-content/uploads/2016/03/OCF-UPnP-Certification-Testing-and-Licensing-Application.pdf
Open Connectivity Foundation authorizes DEKRA as first European testing laboratory
The Thread Group and Open Connectivity Foundation Create Liaison Agreement to Increase Application Connectivity and Choice in Connected Home
Collaboration will help Thread Group and Open Connectivity Foundation members easily design and build products that leverage both technologies
SAN RAMON, Calif. – July 27, 2016 – Today the Thread Group and the Open Connectivity Foundation (OCF) announced that the two alliances will work together in their mission to advance the adoption of connected home products. The Thread Group and OCF share many member companies who will benefit from this liaison agreement, and both groups are committed to driving improved cross-application interoperability and device connectivity in the connected home.
Terms of Use
TERMS AND CONDITIONS OF USE FOR OPENCONNECTIVITY.ORG
These Terms and Conditions of Use (“Agreement”) govern the use of Open Connectivity Foundation, Inc.’s (“OCF”) website at http://openconnectivity.org/ (“Site”) by you (“You” or “User”). YOUR USE OF THIS SITE INDICATES THAT YOU ACCEPT THIS AGREEMENT AND AGREE TO ALL OF ITS TERMS. YOU AGREE THAT YOUR USE OF THE SITE IS CONDITIONED ON YOUR ACCEPTANCE, WITHOUT MODIFICATION, OF THIS AGREEMENT. IF YOU DO NOT ACCEPT THE TERMS IN THIS AGREEMENT THEN YOU DO NOT HAVE ANY RIGHT TO USE THIS SITE AND YOU SHOULD EXIT THIS SITE AND NOT USE THE SITE. YOU SHOULD DOWNLOAD AND PRINT THIS AGREEMENT FOR YOUR RECORDS.
By visiting this Site, You agree to the following:
1. Access and Conditions of Use
1.1 User’s right to use this Site is subject to compliance with all terms in this Agreement. Within this Site, OCF provides User with access to a variety of resources including, but not limited to, membership information, press releases and other general information about OCF ("Resources"). Your use of these Resources is subject to the terms of this Agreement.
1.2 As conditions to User’s use of this Site, You agree that You will not:
(a) Modify, copy, distribute, transmit, display, perform, reproduce, publish, broadcast, license, create derivative works from, transfer or sell any information, software, products or services obtained from the Site;
(b) Use the Site for any unlawful purpose;
(c) Use any of the Resources in a manner that could damage, disable, overburden or impair any OCF Server (as defined herein) or the networks connected to any OCF Server. The “OCF Server” means the computer software and/or hardware that serves the Site to users across the Internet, and which hosts the pages, scripts, programs, and multimedia files and serves them using a protocol designed to send files to users;
(d) Attempt to gain unauthorized access to any of the Resources or OCF Server through hacking, password mining or other unauthorized means;
(e) Obtain or attempt to obtain any materials or information not intentionally made available through the Resources;
(f) Use any robot, spider, other automatic device or manual process to monitor, deep link with or copy the Site's web pages or any of the Site's content; and
(g) Upload files, other than as provided by the Resources, that contain viruses, Trojan horses, worms, time bombs, cancelbots, corrupted files or any other similar software or programs that may damage the operation of the Site or another computer.
1.3 User shall be responsible for obtaining and maintaining any equipment or ancillary services needed to connect to or access the Site, including, without limitation, Internet connections, modems, hardware, software, and long distance or local telephone service.
2. User Registration, User IDs and Passwords
If any of the Resources require You to register on this Site, You must complete the registration by providing current, complete and accurate information as prompted by the registration form. You may also receive a user ID and password. You are entirely responsible for protecting and maintaining the confidentiality of your user ID and password as well as all activities that occur under your account. You agree to immediately notify OCF of any unauthorized use of your account. OCF will not be liable for any loss that You may incur as a result of an unauthorized use of your user ID or password. However, You could be held liable for losses incurred by OCF due to an improper use of your user ID or password. You may not use any other person or entity's user ID or password at any time.
3. Copyrights and Other IP Rights; Reservation of Rights.
3.1 OCF’s policy is to respect the copyright and intellectual property rights of others. OCF has the right to (i) terminate a User’s use of this Site if User infringes upon the copyright or intellectual property rights of others, and (ii) remove any content from the Site that, in OCF’s opinion, may infringe the copyright or other intellectual property rights of any third party.
3.2 This Agreement shall not be interpreted to transfer any rights in any intellectual property from OCF to User other than the limited right to use the Site as set forth herein.
4. Submissions. You agree that any information, feedback, questions, comments and related materials that you provide to OCF in connection with your use of this Site ("Submissions") are provided to OCF on a non-confidential and non-proprietary basis. OCF shall have no obligations to You of any kind with respect to any Submissions and shall be free to reproduce, use, disclose and/or distribute any Submissions for any purpose whatsoever, without limitation.
5. Privacy Policy and Other Policies Governing this Site. OCF’s Privacy Policy and any other terms and conditions of use that govern this Site as may be more fully set forth on the Site are hereby incorporated into this Agreement by this reference and User agrees to comply with the same at all times.
6. Links to Third Party Sites. As a convenience, the Site may provide links to other web sites that are not owned or controlled by OCF (“Third Party Websites”). OCF does not control Third Party Websites and is not responsible for the content in Third Party Websites or in any links contained in a Third Party Website or for any changes or updates to any of these sites. Any link from this Site to a Third Party Website does not constitute or imply any endorsement or recommendation by OCF. Your visit to any Third Party Website is subject to the terms and conditions of that Third Party Website and User should refer to each Third Party Website’s specific terms.
7. No Warranty. THE SITE, THE RESOURCES AND THE MATERIALS IN THE SITE ARE PROVIDED ON AN "AS IS" BASIS WITHOUT REPRESENTATIONS OR WARRANTIES OF ANY KIND, EITHER EXPRESS OR IMPLIED. OCF DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON-INFRINGEMENT. OCF DOES NOT REPRESENT OR WARRANT THAT THE RESOURCES OR MATERIALS IN THIS SITE, INCLUDING WITHOUT LIMITATION ANY INFORMATION ABOUT OCF PROVIDED BY THIRD PARTIES, ARE ACCURATE, COMPLETE, RELIABLE, CURRENT OR ERROR-FREE. OCF DOES NOT REPRESENT OR WARRANT THAT THIS SITE OR ITS OCF SERVER(S) ARE FREE OF VIRUSES OR OTHER HARMFUL COMPONENTS. OCF does not guarantee continuous, uninterrupted or secure access to its Resources, and operation of the Site may be interfered with by numerous factors outside of the control of OCF, including, but not limited to, telecommunications network disruptions.
8. Limit of Liability. IN NO EVENT SHALL OCF BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER FROM THE LOSS OF USE, DATA OR PROFITS, WHETHER IN CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION. This Site may contain information which is targeted to a wide range of audiences and could contain details or information otherwise not accessible or valid in your country. Please be aware that OCF does not take any responsibility for accessing such information which may not comply with any legal requirements, processes, regulations, registrations or usage requirements in your country.
9. Changes to this Agreement. Once User begins to use this Site, OCF may modify this Agreement at any time and from time to time and User will thereafter be bound by the version of this Agreement that is in effect at the time User visits this Site. Any use of this Site by User thereafter shall be deemed to constitute acceptance by User of the amendments.
10.Termination. In addition to any other rights, OCF reserves the right, without notice and in its sole discretion, to terminate your use of this Site and to block or prevent further access to and use of this Site by You.
11. Governing Law. The Agreement will be construed and controlled by, and any dispute arising from the terms of this Agreement shall be governed by, the laws of the State of Delaware.
12. Entire Agreement, Severability; Non-Waiver. This Agreement, along with the Privacy Policy and any other policies governing this Site as referenced in Section 5 of this Agreement, constitutes the entire agreement between the parties with respect to the subject matter hereof.If any provision of this Agreement is deemed unlawful, void or for any reason unenforceable, then that provision shall be deemed severable from this Agreement and shall not affect the validity and the enforceability of the remaining provisions. The failure of OCF to insist upon or enforce strict performance of any of these provisions or to exercise any rights or remedies under this Agreement will not be construed as a wavier or relinquishment to any extent of OCF's right to assert or rely upon any such provisions, rights or remedies in that or any other instance; rather the same will be and remain in full force and effect.
Copyright Notice.
Copyright © 2016-2018 Open Connectivity Foundation, Inc. All rights reserved.
Questions and Contact Information. If You have questions about the terms of this Agreement, please send an email to the Site Administrator at: [email protected]
OCF Secure IP Device Framework: Standing on the Four Legs of Secure and Interoperable IoT
Security and interoperability are cornerstones of the OCF Secure IP Device Framework, which offers a standardized solution to ensure interoperable, reliable, and secure IoT connectivity. To create a genuine smart home or smart building environment, a secure and interoperable IoT is crucial, because devices must interoperate together securely, regardless of vendors, network types, or ecosystems. End users of standardized IoT devices benefit because their data is secure and their products seamlessly communicate with one another, while manufacturers benefit from consumer confidence that devices will interoperate securely. OCF technology is bringing us one step closer to achieving a truly secure and interoperable IoT – and with OCF Certified devices already on the market, OCF has proven to be a mature technology supported by some of the largest technology companies in the world.
In a recent white paper, we outlined “the four legs of secure interoperable IoT” and how the OCF Secure IP Device Framework offers best-in-class security using the latest technologies and proven standards. Read on to learn how OCF provides a holistic IoT solution with the four legs – specification, certification, implementation, and cloud innovation – together with a security-first approach.
OCF Secure IP Device Framework
OCF Secure IP Device Framework
The OCF Secure IP Device Framework is an infrastructure that enables secure IP communication for vertical defined applications.
The OCF Secure IP Device Framework enables device discovery, onboarding and application-layer security, for Device-to-Device and Device-to-Cloud IoT device connectivity. As an ISO/IEC adopted standard, this framework is internationally agreed upon by experts and is compliant with most of the known IoT security requirement baselines.
The Secure IP Device Framework utilizes the majority of the OCF standard used in the smart home, however, it strips away the data models, allowing it to be vertical-agnostic. The open source implementation is easily accessible and can be accessed on the OCF GitHub.
What are the benefits of the Secure IP Device Framework?
Because the OCF Secure IP Device Framework is vertical-agnostic, it allows for secure IP-based communication. You can carry the data that you require in the format that you require, making the framework ideal for applying to a variety of verticals with particular use cases.
With the open API implementation, IoTivity, developers can easily build their application, take existing bus protocol applications and map their data models on top of the device framework. This open API is compliant to the OCF standards and implementations can be verified using the OCF Certification Program.
Discovery and Security
The Secure IP Device Framework provides device discovery and security on the network, meaning it can interrogate a network, discover devices, discover the resources that those devices may have, and securely onboard them. For example, the Secure IP Device Framework can onboard a light bulb with an off facility, dimming facility and certain type of RGB capability, and control it using the most secure methods available for internet protocol (IP) connectivity.
Utilizing the onboarding tool, the Secure IP Device Framework enables devices to communicate with each other in the secure domain, and only devices onboarded in the secure domain are allowed to talk to each other. Defined Access Control Lists give granular control of who is allowed to interact with which part of the functionality on the device. The access control mechanisms are based per resource (URL) and Methods that are allowed on the resource. For example, a guest would be allowed to read the current temperature of the thermostat but not allowed to change the set point of the thermostat.
Compile Your Compliance
Using the Secure IP Device Framework ensures that your IoT products and solutions will be secure by design. OCF has done the legwork to map the OCF specifications to key industry and government IoT security baselines around the world. This means you can “compile your compliance” to IoT security baselines, as the OCF specifications have already met all or most of the security requirements in standards such as NIST 8529, CAC2 Conveners, ENISA IoTSec, UK IoT Requirements and ETSI IoT Baseline Requirements.
To learn more about OCF security, visit our security webpage.
Communication Mechanisms Covered by the Secure IP Device Framework
The three device connectivity methods the Secure IP Device Framework supports are:
- Device-to-Device communication
- Device-to-Cloud communication
- Cloud-to-Cloud communication (OCF Universal Cloud Interface)
Through Device-to-Device connectivity, the Secure IP Device framework enables secure communication between OCF devices across a protocol network such as Wi-Fi, Ethernet or Thread. This method also allows for bridges and proxies so you can connect an OCF device via a bridge to a non-IP-based protocol such as Zigbee or Bluetooth, or even via a proxy to a non-OCF transport such as MQTT.
With Device-to-Cloud communication, you can connect through a cloud between two OCF devices, which allows you to control a device in a different building or even in a different part of the world.
Finally, the Secure IP Device Framework enables Cloud-to-Cloud communication using the OCF Universal Cloud Interface (UCI), which standardizes connectivity between different manufacturers’ cloud servers. This helps facilitate cloud partnerships for manufacturers, reduces the need for manufacturers to develop custom APIs and improves the end-user experience.
OCF Secure IP Device Framework on the (Embedded) device
The Secure IP Device Framework has:
- A small footprint of code, for embedded devices and RTOS's
- Small payloads, e.g. communication packages
- Best in class security (including PKI), by using the latest technologies
- A base of widely accepted internet technologies, based on IETF RFCs
- A minimal required set of features
- A huge set of optional features that are already available for a vendor to use
- A design that allows vendors to concentrate on device function, not on the communication and security aspects
- An ISO/IEC content format, hence it is upgradable
- Payloads that can be defined using any (existing) content type:
- For example: CBOR, JSON, XML
- CoAP, allowing the same communication paradigms as used on top of HTTP, but then with smaller communication packages
- The OCF Secure IP Framework architecture is RESTful, but the application is not limited to that paradigm
OCF Specifications included in the OCF Secure IP Device Framework
The following OCF specifications are agnostic of the function of the device (e.g. vertical-agnostic). The Secure IP Device Framework includes all of the following:
- Secure IP Device Framework
- Core Optional Framework (optional, depends on deployment scenario)
- Easy Setup (optional, depends on deployment scenario)
- Security
- Bridging (optional, the architecture only, depends on deployment scenario)
- Onboarding Tool
- Device to Cloud Services (optional, depending on deployment scenario)
- Cloud Security (optional, of course required when doing cloud)
- OCF Cloud API for Cloud Services (optional, depending on deployment scenario)