Method for establishing resource access authorization in M2M communication

摘要

A method for establishing a resource access authorization in M2M communication is provided. When an entity including a terminal, a gateway and an end user as client in a first M2M service provider domain attempts to access resource located in terminal or gateway in second M2M service provider domain, the method includes receiving client credential allocated from M2M Authentication Server (MAS1) in first M2M service provider domain by performing client registration to Network Service Capabilities Layer (NSCL1) in first M2M service provider domain by client, requesting an authorization to access resource to resource owner through NSCL (NSCL2) in second M2M service provider domain based on information about Universal Resource Identifier (URI) of resource by client, verifying client through MAS1 by the resource owner, authorizing client to access the resource by the resource owner, and issuing access token to the client by MAS (MAS2) in second M2M service provider domain.

主权项

1. A method for establishing an authorization to access resource in Machine-to-Machine (M2M) communication, when entity selected from a terminal, a gateway and an end user as a client in an M2M service provider domain attempts to access resource located in a service layer of an M2M server for providing an M2M service in the same M2M service provider domain, the method comprising:
receiving by the client a client credential allocated from an authentication server for providing an authentication service which is required in the M2M service provider domain by performing a client registration to the service layer by the client; requesting by the client an authorization to access the resource to a resource owner of the resource based on information about a Resource_URI of the resource; verifying, by the resource owner, the client through the authentication server; granting, by the resource owner, the authentication server the authorization for the client to access the resource; issuing an access token to the client by the authentication server; and accessing, by a processor of the client, the resource based on the issued access token.