The Z-Wave Alliance, has released the 2024A Z-Wave Specification Package which includes new User Credential Command Class features, as well as new User Credential Control Specifications.
The 2024A Z-Wave Specification Package includes several documents that have undergone an Intellectual Property Rights (IPR) review including,
- Z-Wave Specification 2024A.pdf: The main document detailing the 2024A specifications.
- Short_changelog.txt: A text file summarizing the changes made.
- Indicator Command Class, list of assigned indicators and Property IDs.xlsx: A spreadsheet listing the indicators and Property IDs for the Indicator Command Class.
- changes.patch: A file containing the specific changes made to the code or documentation.
The updates included in this package are:
- Clarifications and fixes to the User Credential Command Class (CC).
- The User Credential Control Specification.
- Minor clarifications in the Association v4 and MAC v5 Command Classes.
The Z-Wave User Credential Command Class (CC) is a specification within the Z-Wave protocol that defines how user credentials, such as passwords or PIN codes, are managed and communicated between devices in a Z-Wave network. This Command Class update provides a standardized way for smart locks to handle user authentication in access control, ensuring secure and reliable operation within a Z-Wave smart home network The Z-Wave CC is a vital component for managing user access and ensuring security within a Z-Wave smart home network. Key aspects include:
- Credential Management: It allows devices to create, modify, and delete user credentials. This includes defining the type of credential (e.g., PIN code, password), its validity period, and any associated permissions.
- Security: The Command Class ensures that user credentials are transmitted and stored securely within the network. This is crucial for maintaining the integrity and confidentiality of the smart home environment.
- Interoperability: By following the specifications of the User Credential Command Class, different Z-Wave devices can work together seamlessly when it comes to managing user access. For instance, a smart lock from one manufacturer can understand and use the credentials provided by a smart home controller from another manufacturer.
- User Control: It provides users with control over who can access their Z-Wave network and devices. For example, homeowners can add or remove users and set different access levels for family members, guests, or service personnel.
- Automation Integration: The Command Class can be used in conjunction with other Z-Wave Command Classes to create sophisticated automation scenarios. For instance, unlocking a door could trigger a series of events like turning on lights, adjusting the thermostat, or disarming a security system.
The Z-Wave User Credential Control Specification outlines the standards and protocols for managing user credentials within a Z-Wave network. It defines how devices should handle, store, and communicate user credentials such as PIN codes, passwords, or biometric data to ensure secure access control and authentication. Key components are:
- Credential Types: Defines the different types of user credentials that can be used, such as numeric PIN codes, alphanumeric passwords, and biometric data.
- Credential Management: Specifies how to create, update, and delete user credentials. This includes procedures for adding new users, changing existing credentials, and removing users from the system.
- Access Control: Establishes how user credentials are used to control access to devices and services within the Z-Wave network. This involves setting permissions and access levels for different users.
- Security Protocols: Outlines the security measures required to protect user credentials. This includes encryption standards for transmitting credentials, secure storage practices, and methods for verifying the authenticity of credentials.
- Interoperability: Ensures that different Z-Wave devices can work together seamlessly when managing user credentials. It allows devices from various manufacturers to understand and use credentials consistently.
- Event Logging: Describes how to log events related to credential use, such as successful and failed authentication attempts. This is important for auditing and monitoring the security of the network.
- User Interface: Provides guidelines for user interfaces that manage credentials, ensuring that they are user-friendly and secure.
- Error Handling: Defines how devices should handle errors related to credential management, such as incorrect PIN entries or expired passwords.
By adhering to the Z-Wave User Credential Command Class and User Credential Control Specification, Z-Wave devices can offer robust, secure, and interoperable user authentication and access control, enhancing the overall security and user experience of the smart home network.
For more information about Z-Wave technology and the Z-Wave Alliance, visit
http://z-wavealliance.org.
