ISO/IEC 14543-5-8:2017

ISO/IEC 14543-5-8
Edition 1.0 2017-08
INTERNATIONAL
STANDARD
colour
inside
Information technology – Home electronic system (HES) architecture –
Part 5-8: Intelligent grouping and resource sharing for HES Class 2 and
Class 3 – Remote access core protocol

All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form
or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from
either IEC or IEC's member National Committee in the country of the requester. If you have any questions about IEC
copyright or have an enquiry about obtaining additional rights to this publication, please contact the address below or
your local IEC member National Committee for further information.

IEC Central Office Tel.: +41 22 919 02 11
3, rue de Varembé info@iec.ch
CH-1211 Geneva 20 www.iec.ch
Switzerland
About the IEC
The International Electrotechnical Commission (IEC) is the leading global organization that prepares and publishes
International Standards for all electrical, electronic and related technologies.

About IEC publications
The technical content of IEC publications is kept under constant review by the IEC. Please make sure that you have the
latest edition, a corrigendum or an amendment might have been published.

IEC publications search - webstore.iec.ch/advsearchform Electropedia - www.electropedia.org
The advanced search enables to find IEC publications by a The world's leading online dictionary on electrotechnology,
variety of criteria (reference number, text, technical containing more than 22 000 terminological entries in English
committee,…). It also gives information on projects, replaced and French, with equivalent terms in 16 additional languages.
and withdrawn publications. Also known as the International Electrotechnical Vocabulary

(IEV) online.
IEC Just Published - webstore.iec.ch/justpublished
Stay up to date on all new IEC publications. Just Published IEC Glossary - std.iec.ch/glossary
details all new publications released. Available online and 67 000 electrotechnical terminology entries in English and
once a month by email. French extracted from the Terms and definitions clause of
IEC publications issued between 2002 and 2015. Some
IEC Customer Service Centre - webstore.iec.ch/csc entries have been collected from earlier publications of IEC
If you wish to give us your feedback on this publication or TC 37, 77, 86 and CISPR.

need further assistance, please contact the Customer Service

Centre: sales@iec.ch.
ISO/IEC 14543-5-8
Edition 1.0 2017-08
INTERNATIONAL
STANDARD
colour
inside
Information technology – Home electronic system (HES) architecture –

Part 5-8: Intelligent grouping and resource sharing for HES Class 2 and

Class 3 – Remote access core protocol

INTERNATIONAL
ELECTROTECHNICAL
COMMISSION
ICS 35.240.67 ISBN 978-2-8322-4693-1

– 2 – ISO/IEC 14543-5-8:2017 © IEC 2017
CONTENTS
FOREWORD . 4
INTRODUCTION . 5
1 Scope . 7
2 Normative references . 7
3 Terms, definitions and abbreviated terms . 8
3.1 Terms and definitions . 8
3.2 Abbreviated terms . 10
4 Conformance . 11
5 IGRS RA overview . 11
6 IGRS RA service functional flow . 11
7 Registration management . 13
7.1 User or device registration flow . 13
7.2 User registration management . 14
7.3 Device registration management . 14
7.4 Registration response status code . 15
8 Login . 15
8.1 User or device login flow . 15
8.2 User connection . 16
8.3 Messages for user connection ID binding . 16
8.4 Device connection. 17
8.5 Messages for device connection ID binding . 17
9 Device access rights configuration . 18
9.1 Overview. 18
9.2 Messages for device access rights configuration request . 18
9.3 Messages for device access rights configuration response . 19
10 User and device relationship management. 20
10.1 Overview. 20
10.2 Relationship management mechanism . 23
10.3 Relationship establishment . 24
10.3.1 Messages for relationship establishment request . 24
10.3.2 Relationship establishment request procedure for IRSP . 24
10.3.3 Target accepts or rejects relationship establishment request . 25
10.3.4 IRSP processes relationship establishment acceptance message from
target . 26
10.4 Releasing relationship . 27
10.5 Device verification code management . 28
10.5.1 Device verification code management initiated by IGRS RA user . 28
10.5.2 Device verification code management initiated by IGRS RA device . 29
11 Message exchange . 30
11.1 Overview. 30
11.2 User or device ↔ User or device message exchange that needs response . 30
11.3 User or device ↔ User or device message exchange that does not need
response . 31
11.4 User or device ↔ IRSP message exchange . 32
11.5 IGRS RA server pushes message to user or device . 32
11.6 IGRS RA NAT traversal . 33

11.7 Message exchange mode . 34
11.7.1 Overview . 34
11.7.2 Message exchange of “point-to-point” and “point-to- multiple-point” . 35
11.7.3 Message exchange of “instant transmission” and “offline storage” . 35
12 Logout . 35
13 User and device discovery and online status management . 36
14 Security . 38
Bibliography . 39

Figure 1 – Typical flow of IGRS RA service . 12
Figure 2 – IGRS RA user or device registration flow . 13
Figure 3 – IGRS RA User or Device Login Flow . 16
Figure 4 – Flow of relationship establishment request which needs approval from
target . 20
Figure 5 – Flow of relationship establishment request which does not need approval
from target . 20
Figure 6 – IGRS RA Relationships . 22
Figure 7 – Flow of relationship releasing . 27
Figure 8 – Flow of message exchange between user or device and user or device that
needs response . 30
Figure 9 – Flow of message exchange between user or device and user or device that
does not need response . 31
Figure 10 – Flow of message exchange between user or device and IRSP . 32
Figure 11 – IRSP pushes message to user or device . 33
Figure 12 – IGRS RA NAT traversal mechanism . 34
Figure 13 – Point-to-point message exchange in IGRS RA system . 35
Figure 14 – IGRS RA user or device offline flow . 36
Figure 15 – User and device discovery mechanisms in IGRS RA system . 37
Figure 16 – Non-uniqueness of user addressing . 38

Table 1 – Registration response status code and the contents in the registration
response messages . 15
Table 2 – Rules of IRSP processing target relationship establishment acceptance
response messages . 26

– 4 – ISO/IEC 14543-5-8:2017 © IEC 2017
INFORMATION TECHNOLOGY –
HOME ELECTRONIC SYSTEM (HES) ARCHITECTURE –

Part 5-8: Intelligent grouping and resource sharing for HES Class 2
and Class 3 – Remote access core protocol
FOREWORD
1) ISO (the International Organization for Standardization) and IEC (the International Electrotechnical Commission)
form the specialized system for worldwide standardization. National bodies that are members of ISO or IEC
participate in the development of International Standards through technical committees established by the
respective organization to deal with particular fields of technical activity. ISO and IEC technical committees
collaborate in fields of mutual interest. Other international organizations, governmental and non-governmental, in
liaison with ISO and IEC, also take part in the work. In the field of information technology, ISO and IEC have
established a joint technical committee, ISO/IEC JTC 1.
2) The formal decisions or agreements of IEC and ISO on technical matters express, as nearly as possible, an
international consensus of opinion on the relevant subjects since each technical committee has representation
from all interested IEC National Committees and ISO member bodies.
3) IEC, ISO and ISO/IEC publications have the form of recommendations for international use and are accepted
by IEC National Committees and ISO member bodies in that sense. While all reasonable efforts are made to
ensure that the technical content of IEC, ISO and ISO/IEC publications is accurate, IEC or ISO cannot be held
responsible for the way in which they are used or for any misinterpretation by any end user.
4) In order to promote international uniformity, IEC National Committees and ISO member bodies undertake to
apply IEC, ISO and ISO/IEC publications transparently to the maximum extent possible in their national and
regional publications. Any divergence between any ISO, IEC or ISO/IEC publication and the corresponding
national or regional publication should be clearly indicated in the latter.
5) ISO and IEC do not provide any attestation of conformity. Independent certification bodies provide conformity
assessment services and, in some areas, access to IEC marks of conformity. ISO or IEC are not responsible
for any services carried out by independent certification bodies.
6) All users should ensure that they have the latest edition of this publication.
7) No liability shall attach to IEC or ISO or its directors, employees, servants or agents including individual experts
and members of their technical committees and IEC National Committees or ISO member bodies for any
personal injury, property damage or other damage of any nature whatsoever, whether direct or indirect, or for
costs (including legal fees) and expenses arising out of the publication of, use of, or reliance upon, this ISO/IEC
publication or any other IEC, ISO or ISO/IEC publications.
8) Attention is drawn to the normative references cited in this publication. Use of the referenced publications is
indispensable for the correct application of this publication.
9) Attention is drawn to the possibility that some of the elements of this ISO/IEC publication may be the subject of
patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent rights.
International Standard ISO/IEC 14543-5-8 was prepared by subcommittee 25: Interconnection
of information technology equipment, of ISO/IEC joint technical committee 1: Information
technology.
The list of all currently available parts of the ISO/IEC 14543 series, under the general title
Information technology – Home electronic system (HES) architecture, can be found on the
IEC and ISO websites.
This International Standard has been approved by vote of the member bodies, and the voting
results may be obtained from the address given on the second title page.
This publication has been drafted in accordance with the ISO/IEC Directives, Part 2.
A bilingual version of this publication may be issued at a later date.
IMPORTANT – The 'colour inside' logo on the cover page of this publication indicates
that it contains colours which are considered to be useful for the correct
understanding of its contents. Users should therefore print this document using a
colour printer.
INTRODUCTION
The ISO/IEC 14543-5 series of standards specifies the services and protocol of the
application layer for Intelligent Grouping and Resource Sharing (IGRS) devices and services
in the Home Electronic System. Some parts reference Classes 1, 2 and 3, which are HES
designations specified in the HES architecture standard, ISO/IEC 14543-2-1.
The ISO/IEC 14543-5 series includes the following parts.
– Part 5-1: Core protocol
• Specifies the TCP/IP protocol stack as the basis and the HTTP protocol as the
message-exchange framework among devices.
• Specifies a series of device and service interaction/invocation standards, including
device and service discovery protocol, device and service description, service
invocation, security mechanisms, etc.
• Specifies core protocols for a type of home network that supports streaming media and
other high-speed data transports within a home.
– Parts 5-2#: Application profile
• Based on the IGRS core protocol.
• Specifies a device and service interaction mechanism, as well as application interfaces
used in IGRS basic applications.
• Multiple application profiles are specified, including:
– Part 5-21: AV profile
– Part 5-22: File profile
– Part 5-3: Basic application
• Includes an IGRS basic application list.
• Specifies a basic application framework.
• Specifies operation details (device grouping, service description template, etc.),
function definitions and service invocation interfaces.
– Part 5-4: Device validation
• Defines a standard method to validate an IGRS-compliant device.
– Part 5-5: Device type
• Specifies IGRS device types used in IGRS applications.
– Part 5-6: Service type
• Specifies basic service types used in IGRS applications.
– Part 5-7: Remote access system architecture
• Specifies the architecture and framework for the remote access of IGRS devices and
services in the Home Electronic System. The remote access communications protocol
and application profiles are specified in the following parts of ISO/IEC 14543-5:
– ISO/IEC 14543-5-8: Remote access core protocol
– ISO/IEC 14543-5-9: Remote access service platform
– ISO/IEC 14543-5-101: Remote AV access profile
– ISO/IEC 14543-5-102: Remote universal management profile
– ISO/IEC 14543-5-11: Remote user interface
– ISO/IEC 14543-5-12: Remote access test and verification
• The relationships among these parts are specified in Part 5-7.

– 6 – ISO/IEC 14543-5-8:2017 © IEC 2017
– Part 5-8: Remote access core protocol
• Provides detailed system components, system function modules, basic concepts of
IGRS remote access elements and their relationships, message exchange mechanisms
and security related specifications.
• Specifies interfaces between IGRS Remote Access (RA) client and service platforms.
Defines co-operative procedures among IGRS RA clients.
– Part 5-9: Remote access service platform
• Specifies the IGRS RA service platform (IRSP) architectures and interfaces among
servers in the service platforms.
• Based on Part 5-8: Remote access core protocol.
– Parts 5-10#: Remote access application profiles
• Defines a device and service interaction mechanism for various applications.
• Based on Part 5-8: Remote access core protocol.
• Two profiles are under development:
– Part 5-101: Remote AV access profile. This part defines the common requirements
for IGRS RA AV users and devices in IGRS networks.
– Part 5-102: Remote universal management profile. This part specifies a
mechanism for integrating devices with both relatively high and low processing
capabilities into IGRS networks. It also specifies universal remote device discovery
and a management framework.
• Additional application profiles will be specified in the future.
– Part 5-11: Remote user interface
• Specifies adaptive user interface generation and remote device control mechanisms
suitable for different remote access applications and devices.
– Part 5-12: Remote access test and verification
• Defines a standard method to test and verify IGRS-RA compliant device and service
interfaces.
___________
Under preparation. Stage at the time of publication: ISO/IEC DIS 14543-5-101:2017.
Under preparation. Stage at the time of publication: ISO/IEC CD 14543-5-102:2016.
Under preparation. Stage at the time of publication: ISO/IEC DIS 14543-5-11:2017.
Under preparation. Stage at the time of publication: ISO/IEC DIS 14543-5-12:2017.

INFORMATION TECHNOLOGY –
HOME ELECTRONIC SYSTEM (HES) ARCHITECTURE –

Part 5-8: Intelligent grouping and resource sharing for HES
Class 2 and Class 3 – Remote access core protocol

1 Scope
This part of ISO/IEC 14543-5 specifies the core protocol of IGRS user and device remote
access, including intelligent grouping and resource sharing. The protocol features are:
a) IGRS RA user and IGRS RA device concepts and relationship management mechanisms,
b) user and device remote discovery and online and offline status management mechanisms,
c) user and device remote access message formats and message exchanging flows, and
d) remote data and service distribution and sharing mechanisms.
This document is applicable to remote access of an IGRS sub-network (called an IGRS
subnet) for resource sharing and service collaboration among home and/or remote computers,
consumer electronics and communication devices.
2 Normative references
The following documents are referred to in the text in such a way that some or all of their
content constitutes requirements of this document. For dated references, only the edition
cited applies. For undated references, the latest edition of the referenced document (including
any amendments) applies.
ISO/IEC 14543-5-9, Information technology – Home electronic system (HES) architecture –
Part 5-9: Intelligent grouping and resource sharing for HES Class 2 and Class 3 – Remote
access service platform
ISO/IEC 9594-8 | Recommendation ITU-T X.509, Information technology – Open Systems
Interconnection – The Directory: Public-key and attribute certificate frameworks
IETF RFC 2616, Hypertext Transfer Protocol – HTTP/1.1
IETF RFC 2818, HTTP over TLS
IETF RFC 4422, Simple Authentication and Security Layer (SASL)
IETF RFC 5246, The Transport Layer Security (TLS) Protocol – Version 1.2
IETF RFC 6120, Extensible Messaging and Presence Protocol (XMPP): Core
IETF RFC 6121, Extensible Messaging and Presence Protocol (XMPP): Instant Messaging
and Presence
IETF RFC 7622, Extensible Messaging and Presence Protocol (XMPP): Address Format

– 8 – ISO/IEC 14543-5-8:2017 © IEC 2017
3 Terms, definitions and abbreviated terms
3.1 Terms and definitions
For the purposes of this document, the following terms and definitions apply.
3.1.1
binding
relationship established between a user and a device, which represents an own/owned
relationship between the user and the device
Note 1 to entry: The user and device with binding relationship are shown in each other’s roster. One user can
bind multiple devices, and one device can be bound by multiple users.
3.1.2
buddy
relationship established between two users, which represents that the two users trust each
other
Note 1 to entry: Two users with buddy relationship are shown in each other’s roster.
3.1.3
connection ID
instance identification that identifies the connection between “user and IRSP” and “device and
IRSP”
3.1.4
contact group
set of multiple contacts where each has the same attribute
3.1.5
device connection
network connection established between an IGRS RA device and the IRSP
Note 1 to entry: Only one device connection can be maintained at any time. Multiple devices of one user can
connect to the IRSP simultaneously.
3.1.6
device connection ID
identification that represents an instance of a connection between an IGRS RA device and the
IRSP
EXAMPLE If the device ID is“#igrsdevice@igrs.com” and the connection ID is “home”, the device connection ID is
“#igrsdevice@igrs.com/home”.
Note 1 to entry: A device connection ID is unique. The IRSP tests and guarantees the uniqueness of the device
connection ID.
Note 2 to entry: A device connection ID consists of a device ID and a connection ID. A “/” is used to separate
these two IDs.
3.1.7
device ID
unique identification of an IGRS RA device
EXAMPLE If the local part of a device ID is “#igrsdevice” and the domain name part of the user ID is “igrs.com”,
the device ID is “#igrsdevice@igrs.com”.
Note 1 to entry: A device ID consists of a local part and a domain name part. A “@” is used to separate the two
parts. Each device ID starts with a “#”.

3.1.8
device verification code
string used to examine if the user has the authority to bind a device
Note 1 to entry: For a device without a user interface, the device verification code is used to bind a device to a
user. The device owner guarantees the safety of the device verification code.
3.1.9
IGRS RA device
physical device that is accessible to the IGRS RA user in the IGRS RA system
Note 1 to entry: A binding relationship can be established between an IGRS RA device and an IGRS RA user.
A sibling relationship can be established between two IGRS RA devices.
3.1.10
IGRS RA server
instantiation of a service provider that may be included in an IRSP
Note 1 to entry: An IGRS RA server is deployed on the Internet. It maintains relationships among IGRS RA user
and IGRS devices. It also provides re-transmission of collaborative messages. The IGRS RA user and IGRS device
can start a data connection to the IRSP and supports interconnections using the data connection and re-
transmission functions of the IRSP.
3.1.11
IGRS RA service platform
IRSP
collection of multiple IGRS RA servers that are deployed on the Internet to maintain the
relationships among IGRS RA user and IGRS RA device and to exchange collaborative
messages
Note 1 to entry: IGRS RA user and device can establish connections to the IRSP, can send collaborative
messages over these connections and can exchange messages in the servers of the IRSP.
3.1.12
IGRS RA user
entity that uses the IGRS RA devices and application services
Note 1 to entry: Generally, an IGRS RA user is a human being. Each IGRS RA user should have a unique user ID
(identification). A bundle relationship can be established between one IGRS RA user and another. A binding
relationship can be established between one IGRS RA user and one IGRS device.
3.1.13
interested connection
connection that logged onto the IRSP using a user ID and requested the roster of that user
3.1.14
roster
list that stores all users and devices by which this specific user or device is permitted access
Note 1 to entry: A roster is managed by the IRSP. Each user or device has one and only one roster on the IRSP.
3.1.15
roster item
item in the roster
3.1.16
service ID
identification of a service
– 10 – ISO/IEC 14543-5-8:2017 © IEC 2017
3.1.17
sibling
relationship established between two or more devices, which represents that these devices
have a binding relationship with the same user, or these devices belong to the same user
Note 1 to entry: Devices with sibling relationship are shown in each other’s roster.
3.1.18
user connection
network connection established between an IGRS RA user and the IRSP
Note 1 to entry: Multiple user connections can be maintained simultaneously for one user.
3.1.19
user connection ID
identification that represents an instance of a connection between an IGRS RA user and the
IRSP
EXAMPLE If the user ID is “igrsuser@igrs.com” and the connection ID is “office”, the user connection ID is
“igrsuser@igrs.com/office”.
Note 1 to entry: A user connection ID is unique. The IRSP tests and guarantees the uniqueness of a user
connection ID.
Note 2 to entry: A user connection ID consists of a user ID and a connection ID. A “/” is used to separate the two
IDs.
Note 3 to entry: The connection ID is set by the user when logging in.
3.1.20
user ID
unique identification of an IGRS RA user
EXAMPLE If the local part of a user ID is “igrsuser” and the domain name part of the user ID is “igrs.com”, the
user ID is “igrsuser@igrs.com”.
Note 1 to entry: A user ID consists of a local part and a domain name part. A “@” is used to separate the two
parts.
3.2 Abbreviated terms
AS autonomous system
HTTP hypertext transfer protocol
ID identification
IGRS intelligent grouping and resource sharing
IRSP IGRS RA service platform
NAT network address translation
RA remote access
SASL simple authentication and security layer
TLS transport layer security
TCP/IP transmission control protocol/Internet protocol
UI user interface
XMPP extensible messaging and presence protocol

4 Conformance
A system that conforms to this document shall be implemented according to Clauses 5
through 14, where the service flow and message exchange mechanism in each functional
block shall conform to Clauses 6 through 12. The user and device discovery and online status
management shall conform to Clause 13 and the security mechanism in IGRS RA system
shall conform to Clause 14.
5 IGRS RA overview
The IGRS RA core protocol extends the IGRS application scenarios from the home and office
to the mobile and remote access situations. The applications scope is extended from the LAN
area to the Internet for both fixed and mobile devices.
Each IGRS RA user or device shall have a unique user ID or device ID. One user or device
can establish relationships with other users or devices. Based on these relationships, one
user or device can obtain and exchange the online/offline status, changing messages, etc.
from the other relevant users or devices.
This document is based on the concepts of IGRS RA user and IGRS RA device. The contents
include:
a) IGRS RA user and IGRS RA device concepts and relationship management mechanisms;
b) user and device remote discovery and online and offline status management mechanisms;
c) user and device remote access message formats and message exchanging flows, and
d) remote data and service distribution and sharing mechanisms.
This document is the core protocol of IGRS RA based on IETF RFC 6120 and IETF RFC 6121.
Three types of interactive relationships can be established and maintained:
1) Binding: relationship between user and device. Binding shows the user ownership of the
devices.
2) Sibling: relationship between device and device. When two devices are bound with the
same user, these two devices are in a sibling relationship with each other.
3) Buddy: relationship between user and user. Buddy means a trusting relationship.
The detailed relationship definitions and management mechanisms are specified in Clause 10.
6 IGRS RA service functional flow
The IGRS RA request/response messages shall conform to the request/response model of
HTTP/1.1 (see IETF RFC 2616). A typical service flow of IGRS RA service is shown in
Figure 1.
– 12 – ISO/IEC 14543-5-8:2017 © IEC 2017

Service Initialization
Is the
Yes
user or device
registered?
No
User or device registration
User or device logging into the
IRSt
The user or device
gets online here
Is a
No
relationship requested to be
established?
Yes
Relationship establishment
Is device
No
access rights configuration
required?
Yes
Device access rights
configuration
Message exchanging
Do the
No
relationships need to be
released?
Yes
Relationship releasing
User or device logging out
The user or device
gets offline here
Service
termination
IEC
Figure 1 – Typical flow of IGRS RA service

a) Service initialization
User or device service protocol initializes.
b) User or device registration
If this is the first time the user or device is using IGRS service and the user or device has
never registered onto the IRSP, he or it shall register onto the IRSP using his or its ID.
The detailed registration specifications are shown in Clause 7.
c) User or device logins
The user or device shall use a registered user ID or device ID to log into the IRSP to
utilize IGRS RA functions. After successfully logging into the IRSP, the user or device is
online.
d) Establishing relationships
A relationship shall be established between user–device, user–user or device–device in
order to exchange messages properly.
e) Device access rights configuration
Device owner may selectively grant different device access rights to other users by device
access right configuration to reduce user authentication times required. By using this
device access rights configuration, the other users can still access the devices even if the
device owner is not online. The detailed specifications are shown in Clause 10.
f) Exchanging messages
Functions and services can exchange messages between user–device, user–user or
device–device that have established relationships.
g) Releasing relationships
Relationships between user–device, user–user or device–device can be released.
h) User or device logouts
The user or device shall send logout messages to the IRSP prior to exiting the service.
After successfully logging out from the IRSP, the user or device is offline. When the user
or device loses Internet connection, it is considered as offline too.
i) Service termination
The user or device shall terminate service as the final step.
7 Registration management
7.1 User or device registration flow
After the service is initialized, the user or device shall register onto the IRSP. The user or
device registration flow is shown in Figure 2.

IGRS RA User or Device IRSP
Initialisation Service Init
Registration Request
Registration
Registration Response
IEC
Figure 2 – IGRS RA user or device registration flow

– 14 – ISO/IEC 14543-5-8:2017 © IEC 2017
The user or device shall send a registration request message to the IRSP. The IRSP shall
send a registration response messages to the user or device according to the registration
results.
User registration and device registration are two independent procedures.
7.2 User registration management
The IGRS RA user shall send a registration request message as in Message 1.
Message 1 – User registration request message
http(s)://Domain Name of the Account Server/register.xml?name=local part of the User
ID&password=Password&domain=Domain Name of the Message Server

NOTE 1 Italics indicate where content is to be inserted; all other text in message definitions is fixed in this
document.
NOTE 2 All contents in the message definition are mandatory in this document
The functionalities and the relative information of the Account Server and the Message Server
are specified in Clause 7 of ISO/IEC 14543-5-9:2017.
Additional segments may be required in addition to the above message.
The IRSP shall send a registration response message to the IGRS user when it receives the
registration request message from an IGRS user. The “http” response status code and the
contents of the registration response messages are seen in 7.4.
The specification of user ID is specified in IETF RFC 7622. Additional specifications in IGRS
RA system are given as the following.
a) Each IGRS user has one unique user ID, the first character of the user ID shall not be “#”.
b) When the user sets the local part of his/her user ID, the IRSP shall verify if this part is
exclusive.
c) The IRSP may provide additional user registration interface in addition to the user
registration interfaces based on HTTP.
7.3 Device registration management
The IGRS device shall send a registration request message as in Message 2.
Message 2 – Device registration request message
http(s)://Domain Name of the Account Server/register.xml?name=device ID & password=
Password&domain=Domain Name of the Message Service&verifycode=device verification
code&type=device type&vendor=device vendor&model=device model

where the “verifycode”, “type”, “vendor” and “model” are optional parameters. More
information can be requested in addition to the above information.
The functions and the relative information of the Account Server and the Message Service are
specified in ISO/IEC 14543-5-9.

The service platform shall return a registration response message when it receives a
registration request message from the device. The http response status code and contents in
the registration response messages are specified in Table 1.
The format of device ID is specified in IETF RFC 7622. Additional specifications in the IGRS
RA system are as follows:
a) Each device ID starts with “#”.
b) Each IGRS RA device shall have a unique local part of the device ID. This local part of the
device ID is set by the device manufacturers. The IRSP is responsible for checking the
uniqueness of the local part of the device ID. When the service platform finds that the
local part of the device ID of a new online device already exists, this device shall be
treated as the exact same device as the old one (with the same local part in the device ID).
c) In addition to the HTTP based device registration interface, IRSP can provide additional
device registration interfaces.
7.4 Registration response status code
The registration response status code sent by the service platform to the registration request
user or device is shown in Table 1.
Table 1 – Registration response status code and the contents in the
registration response messages
Status code Result Message content
200 Success
400 Parameter error
400
bad request

421 ID already exists
421
id existed

500 Internal server error
500
server internal error

In Table 1, “Result” is not sent, but “Status code” and “Message content” shall be sent.
When the “Status code” is 200, the “Message content” shall be empty.
8 Login
8.1 User or device login flow
After registering to the IRSP successfully, the user or device shall login to the IRSP each time
it has Internet access. The flow of user or device logging into the IRSP is given as in Figure 3.

– 16 – ISO/IEC 14543-5-8:2017 © IEC 2017

IGRS RA User or Device IRSP
Login Request
Login
Login Response
IEC
Figure 3 – IGRS RA User or Device Login Flow
The user or device sends a login request message to the IRSP and the IRSP returns a login
result response message to the user or device.
8.2 User connection
The establishment, maintenance and termination of an IGRS RA user connection shall follow
the Client-to-Server communication interactive flow specified in IETF RFC 6120. The user
connection shall follow the TLS protocol specified in Clause 5 of IETF RFC 6120.
In addition, an IGRS RA user connection shall also follow the SASL protocol as specified in
Clause 6 of IETF RFC 6120 to implement the authentication process.
8.3 Messages for user connection ID binding
After completing the SASL authentication negotiation, the user connection shall follow the
flows specified in Clause 7 of IETF RFC 6120 to implement resource binding.
As one user may be logged in from multiple locations using the same user ID, during the user
connection ID binding process, the client shall provide the corresponding connection IDs to
represent the locations of the user connection. The connection IDs shall contain relevant user
descriptions in order to distinguish the different login instances of this one user.
Whenever an IGRS RA device initiates a user connection, the IGRS RA user should use the
model number or some characteristics of the device that this user is connected to as the
connection ID of this user connection. That is, the user shall send a user connection ID
binding request message shown in Message 3 to the IRSP during the user connection ID
binding process as specified in Clause 7 of IETF RFC 6120.
Message 3 – User connection ID binding request message


Model number or some characteristics of the device which this
user is connected to


The IRSP shall return the user connection ID binding response message as in Message 4.

Message 4 – User connection ID binding response message
If successful:


User connection ID


If failed:





8.4 Device connection
The establishment, maintenance and termination of IGRS RA device connection shall follow
the Client-to-Server communication interactive flow specified in IETF RFC 6120. The device
connection shall follow the TLS protocol specified in Clause 5 of IETF RFC 6120.
In addition, an IGRS RA device connection shall also follow the SASL protocol specified in
Clause 6 of IETF RFC 6120 to implement the authentication process.
8.5 Messages for device connection ID binding
After the SASL authentication negotiation, the device connection shall follow the flows
specified in Clause 7 of IETF RFC 6120 to implement ID binding. The device connection ID
may be provided by the device or the IRSP.
The connection ID of a device connection ID binding is to the local part of the device ID. Only
one device ID instance shall be found online at any given time. A new connection shall
replace the old one if exactly the same device ID logs in again and creates an ID binding.
The device ID binding progress is described in Clause 7 of IETF RFC 6120. The device shall
send Message 5 to the IRSP.
Message 5 – Device connection ID binding request message


Local part of the device ID


The IRSP shall return device connection resource binding response messages as in
Message 6.
– 18 – ISO/IEC 14543-5-8:2017 © IEC 2017
Message 6 – Device connection ID binding response message
If successful:


Device connection ID


If failed:





9 Device access rights configuration
9.1 Overview
The purpose of device access rights configuration is to allow the device owner to grant
selected device access rights to other users and to reduce the user authentication times
required. By acquiring certain device access rights, the permitted users can still use the
device even when the device owner is offline.
The device
...