diff options
1 files changed, 32 insertions, 0 deletions
diff --git a/bluez.tex b/bluez.tex
index 4de998e..4814d04 100644
--- a/bluez.tex
+++ b/bluez.tex
@@ -202,6 +202,38 @@ Detailed information regarding management interface is available at {\em
doc/mgmt-api.txt}. For a technical introduction and rationale, see at BlueZ
homepage \cite{bzhp}.
+\subsection{Security Manager}
+The Security Manager (SM) defines the protocol and behavior to manage pairing
+and key distribution, authentication and encryption between LE devices.
+The device in the master role shall initiate the Security procedures and the
+device in the slave role shall responding. The slave will send to the master a
+Security Request command and it may encrypt the link or reject de request.
+In the BlueZ, only the minimum from Security Manager was implemented.
+Currently, only the method "Just Works" is running (method provides no
+protection against eavesdroppers or man in the middle attacks during the
+pairing process).
+In BlueZ API, we have two methods to connect and/or pair with devices,
+{\em CreateDevice} and {\em CreatePairedDevice}.
+{\em CreateDevice} creates a new object path for a remote device and
+connect to device. So it will retrieve all SDP records. Note that this
+method will fail if a path for the remote device already exists.
+{\em CreatePairedDevice} shares some characteristics with {\em CreateDevice}.
+It creates object path (if not exists), connect to remote device and then
+initiate the pairing. It will fails if the pairing already exists.
+Consequently we have the option of create a device connection with
+{\em CreateDevice} and pair after with {\em CreatePairedDevice}.
+Addtionally, we can increasing security level after connection setting
+\verb|BT_IO_OPT_SEC_LEVEL| using {\em bt\_io\_set()} function. After that, a
+security request is sent to the master and security precess is initiated.
\subsection{Services over GATT}
The Generic Attribute Profile (GATT) defines a service framework for