Skip to content

Strong Device Identity

Jump to bottom
Smith Kennedy edited this page May 3, 2024 · 5 revisions

Use Cases

USE CASE 1: Robustly validate the provenance of a device (printer, etc.) discovered on a LAN

Positive Case

Vicky goes to work, sits down at an available hot desk, and connects her laptop to the office LAN Wi-Fi network. She switches windows to a presentation she's working on, and clicks "File" >>> "Print", and looks at the available printers. Her laptop's print system discovers an IPP print service, validates that it is hosted on a physical printer with a known provenance and is in a healthy state, and offers that printer as a selection with a badge indicating that it is verified safe.

Negative Case

Rafa

USE CASE 2: Establish trust with printer discovered on LAN

Vicky chooses the printer from USE CASE 1 and clicks "Print". Since the laptop has validated that the printer is a printer and is healthy, it can categorize this printer as a more trustworthy printer than other printers that lack this facility that may, for instance, provision themselves with a self-signed certificate, and therefore will be accepted only via the weaker TOFU trust model.

USE CASE 3: Correlate / validate identity of a printer discovered on the LAN with printer found via some other listing service (e.g., LDAP, cloud print server, Wi-Fi Direct, etc.)

Positive Case

The printer Vicky is using is also discoverable over Wi-Fi Direct. An identifying value provided by the printer over the LAN is also available via Wi-Fi Direct, so the laptop is able to robustly identify that a discovery listing for LAN and a discovery listing for Wi-Fi Direct are in fact the same device. The laptop lists the printer only once.

Negative Case

A malicious third party device advertises itself as a printer via Wi-Fi Direct. It identifies itself using the "printer-uuid" value queried via IPP on the LAN. The laptop uses "printer-uuid" to search for a match on Wi-Fi Direct, and believes it has found a match, not recognizing that if the job is sent over Wi-Fi Direct, it will pass through the malicious third party device.

USE CASE 4: Validate that the software running on a device has not been tampered with by a third party malicious actor, using a Client connected to the device via a LAN

TBD

Requirements

These are the requirements that satisfy the above use cases

  1. Device Identification a. Incorruptible - it lives in a hardened read-only location and is immutable b. Verifiable -

  2. Device Health Assessment

  3. ???

Technology Candidates

TBD

The IPP Sample Software implements IPP Everywhere™, IPP 3D, and many other IPP standards and extensions.

Clone this wiki locally