Upload
wso2
View
1.072
Download
0
Embed Size (px)
DESCRIPTION
-
Citation preview
API Managementand
Internet of Things
Sumedha RubasingheDirector, API Architecture
**
Things, Devices, IoT
Source: http://www.control4.com/blog/2014/03/the-internet-of-things-and-the-connected-home
**
Anatomy of a Device
● Piece of hardware● Built for a purpose● Capable of a limited functionality● Control interface● Input/output● Consumes power
**
Anatomy of a Device (Functional)
● Functional Capabilities (Actuators)● Administration Capabilities (Management)● Monitoring Capabilities (Sensor Data)
**
Modeling Device as an API
● Example : HTTP API○ Temperature Sensor
■ http://{ip}/{locationid}/sensors/temperature1 - GET
○ Motor■ http://{ip}/{locationid}/actuators/motor1/rotate/{turns}/
{direction} - GET■ http://{ip}/{locationid}/actuators/motor1/status - GET
**
Benefits - Devices as APIs
● APIs - Standard Integration Pattern○ Heterogenous devices■ protocols, access control mechanisms, data
formats● App Developers - Already familiar
programming paradigm● Seamless Integration with existing systems● Ability to re-user known Patterns for securing,
hardening APIs● API Economy
**
Drivers for API Economy
● Mobile Applications● Internal Innovation● Unleash External Developer Innovation● New Channels● New Business Models
**
Apps & APIs
**
Open APIs vs Managed APIs
● Dumb API -> Intelligent API● Authentication & Authorization○ Subscription Management○ Access Provisioning
● How to control access?○ Throttling
● Monitoring & SLA
**
Why Manage Device API?
● Why?○ Exposing raw device○ With no control
● Managed API○ proper access control○ subscription capabilities
**
Devices Need More Capabilities..
● Throttling● Caching● Request Routing● Buffering● Stats collection & monitoring● Alerting● Decision Making
**
OAuth
● Standard for Authorization● Provides client applications with secure,
delegated access to server resources on behalf of resource owner
● Authorization based on a Token
**
Using API Tokens to secure Device Access● Device capabilities can be represented as
resources● OAuth (2.0) tokens can be used to authorize
access to these resources● Tokens can be easily revoked, refreshed
**
OAuth2 Based Model for Securing Devices● Registering a new Device Type● Device Owner Registering a Device● Device Publishing Sensor Data● App Accessing Device (Controls)● Device Polling for Pending Actions
**
Registering a New Device Type
**
Owner Claiming a Device
**
Device Publishing Sensor Data
**
App Accessing Device
**
Device Polling for Pending Actions
**
API Management @ The Edge
● More closer to where device is● Or inside device itself● Several patterns
**
Pattern #1
App
End User
Device
Device is having full API Management capabilities.
**
Pattern #2
Authorization Manager
App
End User
Device
Device uses an authorization server to authorize access.
**
Pattern #3
Device Gateway
App
End User
Authorization Manager
Device
Having a Device gateway in front of device. Device gateway is exposed to outside world.
**
Pattern #4
Device Gateway
App
End User
Authorization Manager
Statistics Processing
Device
Device gateway publishing device access statistics to a separate (scalable) processing engine.
**
Pattern #5
Mediation/ Routing
Device Gateway
App
End User
Authorization Manager
Statistics Processing
Device
Having a mediation & routing capabilities helps to transform the messages going back and forth from device.
Routing helps to select the correct device.
**
Pattern #6
Device Queue
Mediation/ Routing
Device Gateway
App
End User
Authorization Manager
Statistics Processing
Device
Devices could be busy, unavailable.
Having a Queue helps to guarantee message delivery to/from device.
**
Pattern #7
Device Queue
Mediation/ Routing
Device Gateway
App
End User
Authorization Manager
Statistics Processing
Device
Some devices are not built with sufficient processing capabilities. They could be low powered ones.
A Device hub will help such devices to be connected to rest of the world.
Device Hub
Device
DeviceDevice
**
Pattern #8
Device Queue
Mediation/ Routing
Device Gateway
App
End User
Authorization Manager
Statistics Processing
Device
Device Management helps to centrally manage large number of devices (common policies,etc)
Device Hub
Device
DeviceDevice
Device Management
**
Pattern #9
Device Queue
Mediation/ Routing
Device Gateway
App
End User
Authorization Manager
Statistics Processing
Device
Devices should also be connected to existing identity management systems.
Device Hub
Device
DeviceDevice
Device Management
Identity Management
**
API Traffic can be MASSIVESource : http://blog.programmableweb.com/2011/05/25/who-belongs-to-the-api-billionaires-club/
Source : http://blog.programmableweb.com/2011/05/25/who-belongs-to-the-api-billionaires-club/
**
Scaling for Billions of Devices
● Massive number of devices to be connected● Devices represented as APIs● Thus the need for scalable API Management
**
Barcelona Digital - Case Study
Contact us !