ETSI TS 102 690 V2.1.1 (2013-10)

Technical Specification
Machine-to-Machine communications (M2M);
Functional architecture
2 ETSI TS 102 690 V2.1.1 (2013-10)

Reference
RTS/M2M-00002ed211
Keywords
architecture, functional, M2M
ETSI
650 Route des Lucioles
F-06921 Sophia Antipolis Cedex - FRANCE

Tel.: +33 4 92 94 42 00  Fax: +33 4 93 65 47 16

Siret N° 348 623 562 00017 - NAF 742 C
Association à but non lucratif enregistrée à la
Sous-Préfecture de Grasse (06) N° 7803/88

Important notice
Individual copies of the present document can be downloaded from:
http://www.etsi.org
The present document may be made available in more than one electronic version or in print. In any case of existing or
perceived difference in contents between such versions, the reference version is the Portable Document Format (PDF).
In case of dispute, the reference shall be the printing on ETSI printers of the PDF version kept on a specific network drive
within ETSI Secretariat.
Users of the present document should be aware that the document may be subject to revision or change of status.
Information on the current status of this and other ETSI documents is available at
http://portal.etsi.org/tb/status/status.asp
If you find errors in the present document, please send your comment to one of the following services:
http://portal.etsi.org/chaircor/ETSI_support.asp
Copyright Notification
No part may be reproduced except as authorized by written permission.
The copyright and the foregoing restriction extend to reproduction in all media.

© European Telecommunications Standards Institute 2013.
All rights reserved.
TM TM TM
DECT , PLUGTESTS , UMTS and the ETSI logo are Trade Marks of ETSI registered for the benefit of its Members.
TM
3GPP and LTE™ are Trade Marks of ETSI registered for the benefit of its Members and
of the 3GPP Organizational Partners.
GSM® and the GSM logo are Trade Marks registered and owned by the GSM Association.
ETSI
3 ETSI TS 102 690 V2.1.1 (2013-10)
Contents
Intellectual Property Rights . 12
Foreword . 12
1 Scope . 13
1.1 Document structure . 13
2 References . 14
2.1 Normative references . 14
2.2 Informative references . 16
3 Definitions, symbols and abbreviations . 17
3.1 Definitions . 17
3.2 Symbols . 17
3.3 Abbreviations . 17
4 High level architecture . 17
5 Functional architecture . 19
5.1 Framework . 20
5.1.1 Functions and reference points . 20
5.1.1.1 Functions of Service Capability Layers . 22
5.1.2 High level flow of events . 22
6 Reference points . 25
6.1 Overview . 25
6.2 mIa. 27
6.3 dIa . 27
6.4 mId . 27
6.5 mIm . 28
7 M2M Identification and addressing . 28
7.1 Introduction . 28
7.2 M2M Identification . 29
7.2.1 M2M Identifiers . 29
7.2.1.1 Application Identifier . 29
7.2.1.2 M2M Node Identifier . 29
7.2.1.3 SCL Identifier . 29
7.2.1.4 M2M Service Connection Identifier . 29
7.2.1.5 M2M Service Provider Identifier . 29
7.2.1.6 MSBF Identifier . 29
7.2.1.7 M2M Subscription Identifier . 29
7.2.2 M2M Identifiers lifecycle and characteristics . 30
7.3 M2M Application Addressing . 33
7.3.1 Introduction. 33
7.3.2 Application Reachability . 33
7.3.2.1 M2M Communication Point of Contact (M2M PoC) . 33
7.3.2.2 Principles guiding Locating Applications . 34
7.3.2.3 Usage of M2M PoC by the M2M System . 34
7.3.2.3.1 M2M PoC related to M2M SCLs associated with a Fixed Network . 34
7.3.2.3.2 M2M PoC related to M2M SCLs associated with Mobile Networks . 34
7.3.2.3.3 M2M PoC to M2M SCLs associated with multiple access networks . 35
7.3.2.4 Reachability of a applications registered to NSCL . 35
7.4 Service Discovery Across Multiple M2M Domains . 35
7.5 NSCL to NSCL Communication Principles . 35
7.5.1 Look-up Based Approach without NSCL to NSCL Registration . 35
7.5.1.1 Public Domain Names and SCLs . 36
7.5.1.2 High-Level Communication Principles . 36
7.5.1.3 Filtering . 37
ETSI
4 ETSI TS 102 690 V2.1.1 (2013-10)
8 M2M Security, M2M Service Bootstrap, Service Provisioning and M2M Service Connection
procedures . 37
8.1 Introduction . 37
8.2 M2M Security Framework . 37
8.2.1 Overview . 37
8.2.2 Key hierarchy and realization . 38
8.2.2.1 Description of M2M keys . 38
8.2.2.2 M2M Root Key Provisioning . 39
8.2.2.3 Secured Environment Domains . 40
8.2.3 M2M Node Security Functionalities . 40
8.2.3.1 Network M2M Node Security Functionalities . 40
8.2.3.2 Device/Gateway M2M Node Common Security Functionalities . 41
8.2.3.3 Gateway M2M Node Specific Security Functionalities . 42
8.2.4 M2M Device/Gateway Integrity Validation (Optional) . 42
8.2.4.1 Integrity Validation Functional Description . 42
8.2.4.2 Integrity Validation prior to M2M Service Bootstrap (Optional) . 42
8.2.5 Secured Environment Domain administration . 44
8.3 M2M Service Bootstrap procedures . 44
8.3.1 Introduction. 44
8.3.2 Access Network Assisted M2M Service Bootstrap procedures . 44
8.3.2.1 GBA based M2M Service Bootstrap procedure . 44
8.3.2.2 EAP-based Bootstrap Procedure using SIM/AKA-based Credentials . 46
8.3.2.3 Bootstrap Procedure Utilizing EAP-based Network Access Authentication . 46
8.3.3 Access Network Independent M2M Service Bootstrap procedures . 47
8.3.3.1 M2M Service Bootstrap required properties . 48
8.3.3.2 M2M Service Bootstrap Authentication and Transport Options . 48
8.3.3.3 Description of EAP over PANA as the M2M Service Bootstrap Transport . 48
8.3.3.3.1 EAP-IBAKE over PANA . 50
8.3.3.3.2 EAP-TLS over EAP/PANA. 54
8.3.3.4 TLS over TCP . 55
8.3.3.4.1 Detailed procedures . 55
8.3.3.5 Common Aspects of TLS/Certificates-Based M2M Service Bootstrap procedures . 57
8.3.3.5.1 Overview . 57
8.3.3.5.2 Bootstrapping credentials when Using Device Certificates . 57
8.3.3.5.3 Architecture . 57
8.3.3.5.4 MSBF Certificate Status Verification Methods . 59
8.4 M2M Service Connection procedures . 60
8.4.1 Overview . 60
8.4.2 M2M Service Connection procedure based on EAP / PANA . 61
8.4.3 M2M Service Connection procedure based on TLS-PSK . 62
8.4.3.1 Overview . 62
8.4.3.2 High Level Call Flow . 62
8.4.4 M2M Service Connection procedure based on GBA . 64
8.5 mId Security . 66
9 M2M Resource Management and Procedures . 66
9.1 Introduction . 66
9.1.1 Usage of resources in a RESTful architecture . 66
9.1.2 Definitions . 68
9.2 Resource structure . 68
9.2.1 Types of resources to be used in a SCL . 68
9.2.1.1 SclBase Resource . 69
9.2.1.2 SCL Resource . 69
9.2.1.3 Application Resource . 69
9.2.1.4 AccessRight Resource . 69
9.2.1.5 Container Resource . 69
9.2.1.6 LocationContainer Resource . 69
9.2.1.7 Group Reso urce . 69
9.2.1.8 Subscription Resource . 70
9.2.1.9 M2MPoC Resource . 70
9.2.1.10 MgmtObj Resource . 70
9.2.1.11 MgmtCmd Resource . 70
ETSI
5 ETSI TS 102 690 V2.1.1 (2013-10)
9.2.1.12 AttachedDevices Resource . 70
9.2.1.13 AttachedDevice Resource . 70
9.2.1.14 Announced Resource . 71
9.2.1.15 NotificationChannel Resource . 71
9.2.1.16 Discovery Resource . 71
9.2.1.17 Collection Resource . 71
9.2.2 Common attributes . 71
9.2.3 Tree structure modelling relationship of different resource types . 73
9.2.3.1 Overview . 73
9.2.3.2 Resource . 73
9.2.3.3 Resource scls . 76
9.2.3.4 Resource . 77
9.2.3.5 Resource applications. 82
9.2.3.6 Resource . 83
9.2.3.7 Resource . 85
9.2.3.8 Resource accessRights . 86
9.2.3.9 Resource . 87
9.2.3.10 Resource . 88
9.2.3.11 Resource containers . 89
9.2.3.12 Resource . 91
9.2.3.13 Resource . 91
9.2.3.14 Resource . 92
9.2.3.15 Resource . 94
9.2.3.16 Resource contentInstances . 95
9.2.3.17 Resource . 96
9.2.3.18 Resource groups . 97
9.2.3.19 Resource . 98
9.2.3.20 Resource . 99
9.2.3.21 Resource membersContent . 100
9.2.3.22 Resource subscriptions . 100
9.2.3.23 Resource . 101
9.2.3.24 Resource m2mPocs . 102
9.2.3.25 Resource . 103
9.2.3.26 Resource mgmtObjs . 104
9.2.3.27 Resource . 105
9.2.3.28 Resource . 108
9.2.3.29 Resource . 108
9.2.3.30 Resource execInstances . 110
9.2.3.31 Resource . 110
9.2.3.32 Resource attachedDevices . 111
9.2.3.33 Resource . 112
9.2.3.34 Resource notificationChannels . 113
9.2.3.35 Resource . 114
9.2.3.36 Resource discovery . 114
9.2.3.37 Resource subcontainers . 115
9.2.3.38 Resource sclAnncs . 116
9.2.3.39 Resource . 116
9.3 Interface Procedures . 118
9.3.1 General concept and procedures . 118
9.3.1.1 General responses . 118
9.3.1.2 General mechanisms . 118
9.3.1.3 Accessing resources in SCLs . 118
9.3.1.4 Client-2-server and server-2-server communication . 121
9.3.1.5 Aggregation of requests to access remotely hosted resources by store-and-forward handling . 126
9.3.1.5.1 General principle of store-and-forward handling for accessing remotely hosted resources . 126
9.3.1.5.2 Request issuer indicates no TRPDT and no RCAT . 127
9.3.1.5.3 Request issuer indicates TRPDT only . 127
9.3.1.5.4 Request issuer indicates RCAT only . 127
9.3.1.5.5 Request issuer indicates a combination of TRPDT and RCAT . 128
9.3.1.5.6 Policies governing SAF handling . 128
9.3.1.6 Scheduled polling requests and notifications . 131
9.3.2 Procedure description . 132
ETSI
6 ETSI TS 102 690 V2.1.1 (2013-10)
9.3.2.1 General . 132
9.3.2.2 Logical sequence of procedures . 132
9.3.2.3 Resource name allocation . 132
9.3.2.4 Discovery of . 133
9.3.2.5 SCL collection management . 133
9.3.2.5.1 Introduction . 133
9.3.2.5.2 Retrieve scls . 133
9.3.2.5.3 Update scls . 133
9.3.2.5.4 Subscribe/Un-Subscribe to scls . 133
9.3.2.6 SCL management . 133
9.3.2.6.1 Introduction . 133
9.3.2.6.2 Create (Register SCL) . 133
9.3.2.6.3 Retrieve . 139
9.3.2.6.4 Update . 140
9.3.2.6.5 Delete (De-Register SCL) . 141
9.3.2.6.6 Subscribe/Un-Subscribe to . 142
9.3.2.7 Applications collection management . 142
9.3.2.7.1 Introduction . 142
9.3.2.7.2 Retrieve applications . 142
9.3.2.7.3 Update applications . 142
9.3.2.7.4 Subscribe/Un-Subscribe to applications . 142
9.3.2.8 Application management . 142
9.3.2.8.1 Introduction . 142
9.3.2.8.2 Create (Register Application) . 142
9.3.2.8.3 Retrieve . 144
9.3.2.8.4 Update . 144
9.3.2.8.5 Delete (De-register Application) . 145
9.3.2.8.6 Subscribe/Un-Subscribe to . 146
9.3.2.8.7 Create (Announce/de-announce an ) . 146
9.3.2.9 accessRights collection management . 146
9.3.2.9.1 Introduction . 146
9.3.2.9.2 Retrieve accessRights . 147
9.3.2.9.3 Update accessRights . 147
9.3.2.9.4 Subscribe/Un-Subscribe accessRights . 147
9.3.2.10 Access Right management . 147
9.3.2.10.1 Introduction . 147
9.3.2.10.2 Create . 147
9.3.2.10.3 Retrieve . 148
9.3.2.10.4 Update . 149
9.3.2.10.5 Delete . 150
9.3.2.10.6 Subscribe/Un-subscribe to . 151
9.3.2.10.7 Create (Announce/de-announce an ) . 151
9.3.2.11 Container Collection management . 151
9.3.2.11.1 Introduction . 151
9.3.2.11.2 Retrieve containers . 152
9.3.2.11.3 Update containers . 152
9.3.2.11.4 Subscribe/un-subscribe to containers . 152
9.3.2.12 Container management . 152
9.3.2.12.1 Introduction . 152
9.3.2.12.2 Create . 152
9.3.2.12.3 Retrieve . 154
9.3.2.12.4 Update . 155
9.3.2.12.5 Delete . 156
9.3.2.12.6 Subscribe/Unsubscribe to . 157
9.3.2.12.7 Create (Announce/De-announce a ) . 157
9.3.2.13 Location Container management . 157
9.3.2.13.1 Introduction . 157
9.3.2.13.2 Create . 158
9.3.2.13.3 Retrieve . 158
9.3.2.13.4 Update . 158
9.3.2.13.5 Delete . 158
9.3.2.13.6 Subscribe/Un-subscribe to . 158
ETSI
7 ETSI TS 102 690 V2.1.1 (2013-10)
9.3.2.13.7 Create (Announce/De-announce a ) . 158
9.3.2.14 Content Instances collection management . 159
9.3.2.14.1 Introduction . 159
9.3.2.14.2 Retrieve instances in contentInstances . 159
9.3.2.14.3 Retrieve meta-data from contentInstances . 160
9.3.2.14.4 Retrieve instances from contentInstances of of type "application
generated" matching filter criteria . 161
9.3.2.14.5 Retrieve meta-data of instances in a of type "application generated"
matching filter criteria . 161
9.3.2.14.6 Retrieve instances from contentInstances of of type "location server
based" . 161
9.3.2.14.7 Retrieve meta-data from of matching of type
"server generated" matching filter criteria . 163
9.3.2.14.8 Subscribe/Unsubscribe to a contentInstances in a . 163
9.3.2.14.9 Subscribe/Unsubscribe to contentInstances in a . 163
9.3.2.15 Content Instance management . 163
9.3.2.15.1 Introduction . 163
9.3.2.15.2 Create in a . 163
9.3.2.15.3 Create in a . 164
9.3.2.15.4 Retrieve from a . 165
9.3.2.15.5 Retrieve from a . 165
9.3.2.15.6 Delete . 165
9.3.2.16 Group collection management . 166
9.3.2.16.1 Introduction . 166
9.3.2.16.2 Retrieve groups . 166
9.3.2.16.3 Update groups . 166
9.3.2.16.4 Subscribe/Un-Subscribe groups . 166
9.3.2.17 Group management . 167
9.3.2.17.1 Introduction . 167
9.3.2.17.2 Create . 167
9.3.2.17.3 Retrieve . 168
9.3.2.17.4 Update . 168
9.3.2.17.5 Delete . 169
9.3.2.17.6 Subscribe/Un-subscribe to . 170
9.3.2.17.7 Create (Announce/de-announce a ) . 170
9.3.2.17.8 Verify group membership . 170
9.3.2.17.9 Add/Delete a specific member to/from a group . 171
9.3.2.17.10 Retrieve all members . 171
9.3.2.17.11 Delete all members . 171
9.3.2.17.12 Create membersContent . 171
9.3.2.17.13 Retrieve membersContent . 174
9.3.2.17.14 Update membersContent . 174
9.3.2.17.15 Delete membersContent . 175
9.3.2.17.16 Subscribe/Un-Subscribe membersContent . 176
9.3.2.17.17 Aggregate the notifications from subscribed membersContent . 176
9.3.2.18 Subscriptions collection management . 178
9.3.2.1
...