当前位置:首页 > 报告详情

DMTF授权规范简介.pdf

上传人: 明**** 编号:1011600 2025-12-21 12页 525.24KB

1、SPDM Authorization(Intro and Update)Raghu Krishnamurthy,NVIDIAScott Phuong,MicrosoftDisclaimerThe information in this presentation represents a snapshot of work in progress within the DMTF SPDM WG.This information is subject to change without notice.The standard specifications remain the normative r

2、eference for all information.For additional information,see the DMTF website.This information is a summary of the information that will appear in the specifications.See the specifications for further details.2AuthorizationDefinition:Determining if the requesting entity has the appropriate privileges

3、 to perform protected actions.If yes,to allow them to perform those protected actions.Scope:Provide a general mechanism for any use case(e.g.,SPDM,PLDM,other present and future PMCI WG use cases,alliance partners,industry)to perform authorization.Examples:PLDM FW Update,Type 2 and/or Type 6SPDM Set

4、Certs(and other future“set”commands).Expected publication Q4 2025AssumptionsThis presentation makes the following assumptionsThe endpoints in discussion communicate using SPDM(DSP0274)and SPDM Secured Messages(DSP0277)Communication can use any transport that supports the above commandsTo bootstrap A

5、uthorization,there needs to be a provisioning step for initial credentialDefinition of Policy profiles is out of scope for the Authorization specificationHigh Level Architectural ComponentsAuthorization FlowUse SPDM Sessions between Requester/Responder pair(simplifies supported options,baseline secu

6、rity)Specify how to authorize generic messagesCredential and Policy ManagementTypes of CredentialsAsymmetric Key Pair(Focus of initial release)Credential and Credential PolicyStandardize provisioning of credentials and associating them with their authorization policyAuthorization policy itself shoul

word格式文档无特别注明外均可编辑修改,预览文件经过压缩,下载原文更清晰!
三个皮匠报告文库所有资源均是客户上传分享,仅供网友学习交流,未经上传用户书面授权,请勿作商用。
根据报告的内容,全文主要内容概括如下: - **SPDM Authorization 规范**:这是一个正在开发中的规范,旨在为各种用例提供通用的授权机制,包括SPDM、PLDM等。 - **预期发布时间**:预计2025年第四季度发布。 - **核心组件**: - 授权流程:使用SPDM会话进行请求者/响应者之间的通信。 - 凭证和策略管理:包括不同类型的凭证(如非对称密钥对)和凭证策略。 - 授权流程:包括用户特定授权流程(USAP)和设备端点授权流程(SEAP)。 - **凭证配置**:DSP0289定义了8个持久的凭证槽位,支持在受信任环境中配置。 - **参与方式**:鼓励参与DMTF授权规范的开发,提供反馈,并开发设备级别的授权用例。
揭秘未来安全机制?" 如何简化设备授权流程?" 你的设备准备好了吗?"
客服
商务合作
小程序
服务号
折叠