projects / platform / upstream / iotivity.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: aaf6516) | patch
[IOT-1441] Update DevOwner access policy to remove implicit access in RFPROV.
authorNathan Heldt-Sheller <nathan.heldt-sheller@intel.com>
Tue, 11 Oct 2016 20:23:01 +0000 (13:23 -0700)
committerRandeep Singh <randeep.s@samsung.com>
Wed, 12 Oct 2016 08:03:39 +0000 (08:03 +0000)
commit7958457e535a8a0d15f2a201109b137ba9bc6cf6
treeb4ffe417ce9ac432140d545a890aebab7ffce70dtree | snapshot
parentaaf6516a73fe7cc600f6956dae91b4023f91f9decommit | diff
[IOT-1441] Update DevOwner access policy to remove implicit access in RFPROV.

With this patch, the DevOwner now will only be able to access SVRs during
RFOTM or RESET states, unless of course there is an ACE installed allowing
explicit access to the DevOwner.

This behavior change is required by the Security Test Matrix v7, published
by the Security WG.

Patch 2: updated with JIRA ticket #

Patch 3: fixed logic bug found by Kevin

Patch 4: corrected commitmsg

Change-Id: I267c9eb78682bc810b7b2399f6606b8379d6e718
Signed-off-by: Nathan Heldt-Sheller <nathan.heldt-sheller@intel.com>
Reviewed-on: https://gerrit.iotivity.org/gerrit/13117
Reviewed-by: Kevin Kane <kkane@microsoft.com>
Reviewed-by: Greg Zaverucha <gregz@microsoft.com>
Tested-by: jenkins-iotivity <jenkins-iotivity@opendaylight.org>
Reviewed-by: Randeep Singh <randeep.s@samsung.com>
resource/csdk/security/include/internal/doxmresource.h diff | blob | history
resource/csdk/security/src/doxmresource.c diff | blob | history
resource/csdk/security/src/policyengine.c diff | blob | history
Domain: Network & Connectivity / IoT Connectivity;