Upload
dominique-trask
View
213
Download
0
Tags:
Embed Size (px)
Citation preview
1
The phone in the cloud Utilizing resources hosted anywhere
Claes Nilsson
2
“Software as a Service”
“Cloud Computing”
……..
3
What about
“The Phone as a Service”
GPS Camera MessagingCalendar
…………….
4
Let us combine this……..
5
So, we all agree that…
6
The Web is THE application execution
platform
7
and that ….
8
Mobile Devices must be full citizens of the
Cloud
9
and that….
10
Web Applications must be able to consistently
utilize Cloud Resources
as well asLocal Device Resources
11
Device APIs
Acc
ess
co
ntr
ol
fra
me
wo
rk
Web Application Device Capabilities
Give Web Applications access to device capabilities in a
secure manner
GPS
Camera
Messaging
Calendar
12
Existing Device API solutions
GeoLocationDAP APIs
All these solutions define JavaScript APIs for web
browsers and web widget engines
Example:
navigator.geolocation.getCurrentPosition(showMap);
13
14
One approach is control by some trusted
authority
15
Existing Device API solutions –Bondi/JIL Security
define an access policy control framework based on origin of web application and
user interaction
Access control policyframework
• Unknown ?•Manufacturer ?
• Operator ?
Web Application Device Capabilities
16
Existing Device API solutions – Bondi/JIL policy security model
Examples:
• “A Widget whose signature chains to operator root certificate can read and write from the PIM databases”
• “A Widget downloaded from weather.com can access geolocation coordinates if the user says it’s OK”
Control by a configured access policy
17
Another approach is full user control (and
responsibility)
18
Security – implicit user consent examples
Full user control
• user must press camera shutter
• user must state granularity of location
• user must inspect message and press “send”
•
19
Device APIs – work in progress
Device API and Policy (DAP) WG
• Main SDO for Device APIs• SEMC active – support for W3C DAP is our main strategic direction for device APIs
• Other members; Nokia, Vodafone, Google, Opera, Orange, AT&T, Telefonica, OMTP, Aplix, Intel…...
• W3C DAP Website
20
Device API and Policy WG
So far JavaScript interfaces defined
MessagingContacts
Calendar
File Writer
MediaCapture
System informationandSensors
Gallery
File DirectoriesSystem
21
Device API and Policy WG
In addition an optional genericpolicy based access control framework
is being worked on
22
•Another approach proposed by
•Local Resources as “Virtual Web Servers”
•HTTP REST APIs
Device API and Policy WG – REST APIs
Client (Web Browser orWidget Engine)
Server(Resource Provider)
Server(Resource Provider)
http://................
http://................
23
•APIs as URIs:• Example: http://localhost/dap/contacts/create.json?...&name=Mr.%20Robert%20Smith%20Jr&nicknames=Bob
•Access through standard HTTP methods GET, POST, PUT, DELETE
•More reading Rest Introduction
Device API and Policy WG – REST APIs
24
•HTTP REST API advantagesLanguage independent
A resource can be situated "anywhere“In mobile device, in PC, in accessory, in server…
A resource can be accessed from “anywhere”
Leverage on existing HTTP access control mechanisms
Device API and Policy WG – REST APIs
25
InternetInternet
BrowserBrowser
In-device Web ServerIn-device Web Server
Access ControlAccess Control
WebApplication
Native DeviceAPIs
Native DeviceAPIs
Device
RESTDeviceAPIs
SEMC - access to local resources through in-device web server
Any native APIcan be bound to a web API
New web APIsby upgradingin-device server
JS libraries to hide complex REST-coding
26
•Powerbox• Proposed by , SEMC and Mozilla Labs• Supports discovery and interaction with resources independent of where these resources are hosted or how they are produced
• Security and Privacy purely user controlled
Device API and Policy WG – Powerbox
27
1. Customer Web Application needs a user’s private image
2. User selects image Provider:• Photo sharing web site
• Local device image gallery
• Device camera
3. User selects image
Device API and Policy WG – Powerbox example scenario
28
Device API and Policy WG – Powerbox Provider Registration
1: Web content:“Offer URL to Provider”
Remote ResourceProvider (e.g. photo sharing site)
Remote Resources
……
Local Resource Providers
Web Site thatoffers a Provider
2: Get Providermetadata doc
Powerboxenabledbrowser
“Pre-registered”
29
Device API and Policy WG – Powerbox User selects remote Provider
Customer Web Site
1: Web Application: “Request image”
3: Powerbox sends introduction request to Provider
5: Provider provides link to selected image
2: User selects Remote Resource Provider
Remote ResourceProvider (e.g. photo sharing site)
Remote Resources
Powerboxenabledbrowser
4: Provider returns web page that lets user choose image
30
Device API and Policy WG – Powerbox User selects device gallery Provider Customer
1: Web Application: “Request image”
4: Provider lets user choose image5: Provider provides link to selected image
2: User selects device gallery Provider
Powerboxenabledbrowser
Local Resource Providers
3: Powerbox sends introduction request to local gallery Provider
31
Device API and Policy WG – Powerbox User selects device camera Provider Customer
1: Web Application: “Request image”
4: Provider activates camera
6: Link to image provided
2: User selects device camera Provider
Powerboxenabledbrowser
Local Resource Providers
5: User takes a picture
3: Powerbox sends introduction request to local camera Provider
32
Conclusion
33
Use resources hosted anywhere
34
•We need:
Resource discovery
User directed resource selection
Standardized APIs (HTTP – REST)
Access and privacy control
35
Thank you !