Access Control

The SCEF application provides support for multi-tenancy of SCS. This is achieved by Access Control Logic (ACL).

ACL ensures UE (IOT devices) belonging to one SCS are not accessed by another SCS.

ACL performs this functionality on HTTP requests:

• Validate SCS: If SCS is not pre-configured in SCEF, it returns a 401 Unauthorized error. If SCS is configured, but the feature (requested in message ) is not enabled for SCS, then it returns a 401 Unauthorized error or it displays “Validate SCS accessibility to UE.”
• Validate SCS accessibility to UE: Extract UE-Identifier from message and validate if SCS is allowed to access the UE for the specific requested feature, if not, then it returns a 401 Unauthorized error or it allows the message for further processing.