SlideShare ist ein Scribd-Unternehmen logo

IoT platforms – comparison Azure IoT vs AWS IoT

(
(Saravana) Pandiyan Varadaraj (He/Him)

Comparison of IoT Platforms - Azure IoT vs AWS IoT as it related to Device Provisioning, Device Life Cycle Management and Device Content Management

Technologie
1 von 24
IoTPlatforms–Comparison AzureIoTvsAWSIoT Device Provisioning, Device Life Cycle Management & Device Content Management
Services Description AWS IoT Azure IoT Identity of Devices Registry of Devices • Device Registry • Contains Device ID, meta data, Credentials (Authentication), Authorization (Policy). • Can categorize things in to Thing Types and Thing Groups. • Can store meta data information and query meta data information • Also support indexing on the device registry for querying data from the registry. • Identity Registry • Contains Device ID, Credentials (Authentication) • Store the meta data in device twin. • Additional Meta data can be stored outside of Registry. • Does not support expressive querying. • Recommended only for device management/provisioning. Not for High Throughput operations Security Authentication Mechanism (for Devices) • X 509 Certificates - Generated by AWS or CA signed or Self Signed • Recommended - X509 Certificates • Supports rotation of certifications • X509 Certificates - Self Signed or CA signed. • Security Token - IoT Hub uses security tokens to authenticate devices and services to avoid sending keys on the wire. Tokens are signed using either Shared Access Signature(SAS) key or Symmetric key. • Azure IoT Hub grants access to endpoints by verifying a token against the shared access policies and identity registry security credentials. • Supports rotation of keys (thru Provisioning service) Authorization Mechanism (for Devices) • Policy - Permissions which are attached to the Certificates. (AWS IoT Policy) • Certificates gets attached to the device. • Permissions and Shared Access Policy • A token signed with a shared access key grants access to all the functionality associated with the shared access policy permissions. • A token signed with a device identity's symmetric key only grants the Device Connect permission for the associated device identity.
Services Description AWS IoT Azure IoT Device Provisioning • Bulk Provisioning - Preconfigure the IoT solution with necessary Device Credential Information. • Just in Time Provisioning - Provisions the device when the device first connects to the IoT. No Pre- configuration required per device on the cloud. • Bulk Provisioning - Supported. Facilitated by using provisioning templates. Just in Time Provisioning - Supported. Need to configure a CA certificate and Provisioning Templates ahead of time before the device connects Bulk Provisioning - Supported through Jobs/Bulk Imports. Just In Time provisioning - Supported through Provisioning Service. (X509 Certificates, TPM – Trusted Platform Module/HSM) Device Content Management • Ability to modify the content of the connected device including application code, firmware updates • Supported through AWS Jobs API. • Define a job that instructs a set of devices to download and install application or firmware updates, reboot, rotate certificates, or perform remote troubleshooting operations (more of a pull mechanism by the device when it connects to IoT) • Supported. (Jobs) Has two options. • For scenario which require immediate response,(like Reboot or factory Reset) - Use Direct method • For scenario which does not require immediate response. (configuration, firmware updates) - Use Device Twins. Device life Cycle Management • Monitoring • Retire Devices (and Revoke Devices) • Monitoring – Cloudwatch Alarms, logs, events, CloudTrail, AWS IoT metrics • Retire/Revoke - Revoke Device Certificate, deactivate Device certificate, Deactivate CA Certificate. • Monitoring - Azure monitor, Azure Resource health • Retire/Revoke - Use IoT Hub registry to revoke Device Identity or Credentials. Device Identity Can be deleted as well.
Azure IoT Scenarios • Scenario 1 – Device Provisioning - Provisioning a device using Just-In-Time Registration (Azure IoT) • Scenario 2 – Device Provisioning – Provision the device with desired S/W Configuration (Azure IoT) • Scenario 3 – Device Provisioning – Block the Provisioning of a Device during Just in time Provisioning (Azure IoT) • Scenario 4 – Device Content Management-Configure the devices with desired Software Configuration (Azure IoT) • Scenario 5 – Customer did not pay. Disable the Service (AZURE IoT) • Scenario 6 – Device compromised. Revoke the Device. (AZURE IoT) • Scenario 7 – Retire a Device (AZURE IoT) AWS IoT Scenarios • Scenario 1 – Device Provisioning - Provisioning a device using Just-In-Time Registration (AWS IoT) • Scenario 2 – Device Provisioning – Provision the device with desired S/W Configuration (AWS IoT) • Scenario 3 – Device Provisioning – Block the Provisioning of a Device during Just in time Provisioning (AWS IoT) • Scenario 4 – Device Content Management-Configure the devices with desired Software Configuration (AWS IoT) • Scenario 5 – Customer did not pay. Disable the Service (AWS IoT) • Scenario 6 – Device compromised. Revoke the Device. (AWS IoT) • Scenario 7 – Retire a Device (AWS IoT)
Assumptions • Authentication • X.509 based authentication is recommended and is far more secure since they are based on asymmetric keys. • The presentation assumes that the device would use X.509 based authentication. • Individual device (Leaf) certificates would be signed by either CA signed or Self signed intermediate certificates. • This would be required for Just-in-Time provisioning as any certificate signed by the intermediate certificates would be authenticated. • This eliminates the need for mappings/entries for individual devices before provisioning. • Authorization • Authorization is achieved through AWS IoT Policy (AWS) and Shared Access Policy (Azure IoT). • This presentation assumes that each device will NOT have individual authorization policy for accessing the IoT. • Group of devices will share the same policy. • This eliminates the need for mappings/entries for individual devices before provisioning. • Provisioning • This presentation assumes that the devices would use Just-In-Time provisioning instead of Bulk provisioning for devices. • Just-In-Time provisioning approach is far more advanced and eliminates the need for mappings/entries for individual devices before provisioning. • Just-in-provisioning involves the device to be provisioned when the device first connects to IoT solutions.
Role which is responsible for manufacturing the hardware device itself. This presentation assumes that certificates (private key) is embedded within the HSM of the device by the device manufacturer. Role which is responsible for configuring/flashing the IoT SDK and the initial version of IoT application client on the device itself. Role which is responsible for configuring the provisioning rules, IoT Configuration or anything which is required on the cloud. Device Manufacturer Device Solution Provider IoT Cloud Solution Provider/Operator Roles - Assumptions Note:The roles are used for better understanding of the responsibilities however these responsibilities are usually automated using CLI, API or other automation tools.
Services Azure IoT Build Blocks Description Registry IoT Identity Registry Device Identity, Credentials, Access Policy are stored in the IoT Identity Registry Provisioning Device Provisioning Service Service responsible for Just-in-Provisioning of an IoT device. (HTTPS Service). Global Service. Supports Geo-sharding. Supports Three types of Enrollment/assignment Evenly Assign the devices to get connected to different IoT Hubs Assign the devices based on latency. Assign it based on Static Configuration (Supports Group and Individual enrollments) Note: This presentation assumes we are using assignment based on Group enrollment. Authorization Shared Access Policy The permissions/authorization is achieved through Shared Access Policy. Usually any client which comes with a Device Identity gets assigned "DeviceConnect" permissions. Software Configurations Device Twins Device twins are JSON documents that store device state information including metadata, configurations, and conditions. Azure IoT Hub maintains a device twin for each device that you connect to IoT Hub. Back office sets the "desired" state on the device twin. The device reads the "desired" state from device twin and does the necessary configuration and reports the status thru "reported" state. Bulk executions Jobs Jobs API used for bulk execution/configuration changes on the devices using either device twin or direct access method. This presentations uses only device twin for s/w configurations on the device. Grouping Devices/Device meta data Device Twins Any meta data for the device, grouping information can be specified in device twin using tags. Used for querying the list of devices based on tags to identify target devices for bulk executions/configurations. Azure IoT Service and Building Blocks
Device Life CycleRetire Plan Provision ConfigureMonitor • Securely Provision new devices to IoT Hub. • Use IoT Hub Registry to create flexible device identities. • Use Device Provisioning Service to perform Just-in-time provisioning • or Use bulk provisioning of devices using a job. • Plan for device meta data scheme for Bulk management operation on devices. • Device Twin and Device meta Data • Type of device Credentials to be used • Replace or decommission devices after a failure, upgrade cycle, or at the end of the service lifetime. • Use the device twin to maintain device info if the physical device is being replaced, or archived if being retired. • Use the IoT Hub identity registry for securely revoking • device identities and credentials. • Monitor overall device collection health, the status of ongoing operations, and alert operators to issues that might require their attention. • Apply the device twin to allow devices to report real time operating conditions and status of update operations. • Build powerful dashboard reports that surface the most immediate issues by using device twin queries. • (Azure Monitor, Azure Health) • Facilitate Bulk configuration changes or firmware updates on devices. • Use either Direct Method or Device Twin (in bulk using jobs)
Precondition • Device not registered inAzure IoT Identity Registry, Individual Leaf Device Certificate signed by intermediate certificate available. PostCondition • Device is registered in the Azure IoT Identity Registry. • The credentials are associated with the device in the Identity Registry. • DeviceTwin created. • Device provisioning is complete. • Device is connected to the appropriate Azure IoT Hub IoT Device 1. Manufactures the device and installs Certificates (private key in HSM) – Once Per device 2. Installs Initial version of Azure IoT Client/SDK and initial version of application - Once Per device Azure Device Provisioning Service Azure IoT Identity Registry Azure IoT 3. Create IoT Hub, Subscription, Shared Access Policy (Done once for all devices) 4. Create and Link Device Provisioning service to IoT Hub (Done once) 5. ConfigureGroup enrollment rules by associating, root and intermediate certificates (one per group) 6. Calls DPS during first time when it connected to internet. – Once Per device 7.Verifies the credentials, Registers the device in Identity Registry and returns the IoT Hub Information Device Manufacturer Device Solution Provider IoT Cloud Solution Provider/Operator
Precondition • Device not registered inAzure IoT Identity Registry, Individual Leaf Device Certificate signed by intermediate certificate available. PostCondition • Device is registered in the Azure IoT Identity Registry. • DeviceTwin created and Device and Device is connected to the appropriate Azure IoT Hub • Device configured with desired S/W Configuration and Device provisioning is complete. IoT Device 1. Manufactures the device and installs Certificates (private key in HSM) – Once Per device 2. InstallsAzure IoT Client, SDK and initial version of application - Once Per device Azure Device Provisioning Service Azure IoT Identity Registry Azure IoT 3. Create IoT Hub, Subscription, Shared Access Policy (Done once for all devices) 4. Create and Link Device Provisioning service to IoT Hub (Done once) 5. ConfigureGroup enrollment rules by associating, root and intermediate certificates & desired Configuration (one per group) 7. Calls DPS during first time when it connected to internet. – Once Per device 8. Credentials are verified and the device is registered. Device Twin 9. Device connects and works with device twin to do the necessary configuration and periodically updates the status. Device Manufacturer Device Solution Provider IoT Cloud Solution Provider/Operator
Precondition • Device not registered inAzure IoT Identity Registry, Individual Leaf Device Certificate signed by intermediate certificate available. PostCondition • Device is NOT registered in the Azure IoT Identity Registry. • Device is blocked from Device Provisioning. IoT Device 1. Manufactures the device and installs Certificates (private key in HSM) – Once Per device 2. InstallsAzure IoT Client, SDK and initial version of application - Once Per device Azure Device Provisioning Service Azure IoT Identity Registry Azure IoT 3. Create IoT Hub, Subscription, Shared Access Policy (Done once for all devices) 4. Create and Link Device Provisioning service to IoT Hub (Done once) 5. ConfigureGroup enrollment rules by associating, root and intermediate certificates (one per group) 7. Calls DPS during first time when it connected to internet. – Once Per device 8. Credentials are not valid since the device is blacklisted. 6. Create Individual Enrollment record to black list the device Device Manufacturer Device Solution Provider IoT Cloud Solution Provider/Operator
Precondition • Device is registered and active in theAWS IoT Device Registry PostCondition • Device is configured with the desired configuration. DeviceTwins 1. Query the DeviceTwin meta data to identity the target group of devices 2. Create a Job to use device twin with desired Configuration Azure IoT Job IoT Device 3. Performs Configuration 4. Updates the reported status periodically IoT Cloud Solution Provider/Operator
Precondition • Device is registered and active in the Azure IoT Identity Registry Post Condition • The device will not be able to connect to the Azure IoT. Enable the device in the registry if the service needs to be restored. Azure IoT Identity Registry 1. Disable the Device in the Registry IoT Cloud Solution Provider/Operator
Precondition • Device is registered and active in the Azure IoT Identity Registry Post Condition • The device will not be authenticated and will not be able to connect to the Azure IoT Azure IoT Identity Registry 1. Revoke the Credential associated with the device Azure IoT Device Provisioning Service 2. Blacklist the device/credential using individual enrollmentIoT Cloud Solution Provider/Operator
Precondition • Device is registered and active in the Azure IoT Identity Registry Post Condition • Device is not registered. (The device has to go thru provisioning if it needs to be reused) Note: Same scenarios is applicable if a customer cancels the service. Azure IoT Identity Registry 1. Delete the Device from the Registry IoT Cloud Solution Provider/Operator
AWS IoT Service and Building Blocks Services AWS IoT Build Blocks Description Registry Device Registry Device Identity, Credentials, Access Policy are stored in the IoT Device Registry Detail Device meta data can also be stored in the Device registry. Provides indexing and query capabilities on the registry. Provisioning AWS IoT AWS IoT provides the device provisioning services. (No explicit mention of provisioning service as such like azure IoT DPS) Authorization IoT Policy The permissions/authorization is achieved through IoT Policy. IoT Policy are defined and gets attached to the certificate and the certificate gets attached to the device in the device registry (during provisioning) Software Configurations & Bulk executions Jobs Bulk s/w configuration or remote operations on a number of devices are configured through AWS IoT Jobs. The Jobs are of two types. SNAPSHOT - used on fixed number devices. CONTINUOUS - A continuous job is one that continues to run and is executed when a change is detected in a target.A continuous job can be used to onboard or upgrade devices as they are added to a group. Specify Rollout to indicate how quickly the device need to be notified of the job. Job Document - contains the details of the job that need be performed. Grouping Devices Thing Group, Thing Types Device can be grouped in to Thing Group and/or Thing Types. Facilitates in identifying a group if a s/w configuration needs to be done on a specific group.
Device Life CycleRetire Plan Provision ConfigureMonitor • Securely Provision new devices to AWS IoT. • Use Device Registry to create flexible device identities. • Use Just-in-time provisioning or Use bulk provisioning of devices using a job. • Plan for device meta data scheme for Bulk management operation on devices. • Plan for Thing Groups and Thing Types for bulk operations • Type of device Credentials to be used • Replace or decommission devices after a failure, upgrade cycle, or at the end of the service lifetime. • Use the Device registry for securely revoking • device identities and credentials. • Monitor overall device collection health, the status of ongoing operations, and alert operators to issues that might require their attention. • AWS Cloud Watch (metrics, events, logs), Cloud Trail • Facilitate Bulk configuration changes Using AWS Jobs
Precondition • Device not registered inAWS IoT Device Registry, Individual Leaf Device Certificate signed by intermediate certificate available. PostCondition • Device is registered in the AWS IoT Device Registry. • The credentials are associated with the device in the Device Registry. • Device provisioning is complete. • Device is connected to theAWS IoT IoT Device 1. Manufactures the device and installs Certificates (private key in HSM) – Once Per device 2. InstallsAzure IoT Client, SDK and initial version of application - Once Per device AWS IoT AWS IoT Device Registry 3. Create IoT Hub (Done once for all devices) 4. Upload the Root, Intermediate Certificates, Provisioning templates and enable auto registration on the certificates, attach policy 5. CallsAWS IoT during first time when it connected to internet. – Once Per device 6.Verifies the credentials, Registers the device in Device Registry Device Manufacturer Device Solution Provider IoT Cloud Solution Provider/Operator
Precondition • Device not registered inAWS IoT Device Registry, Individual Leaf Device Certificate signed by intermediate certificate available. PostCondition • Device is registered in the AWS IoT Device Registry. Device provisioning is complete. • Device is connected to the appropriate AWS IoT. Device is configured with the desired configuration specified in the Job. IoT Device 1. Manufactures the device and installs Certificates (private key in HSM) – Once Per device 2. InstallsAzure IoT Client, SDK and initial version of application - Once Per device AWS IoT AWS IoT Device Registry 3. Create IoT Hub (Done once for all devices) 4. Upload the Root, Intermediate Certificates, Provisioning templates and enable auto registration on the certificates, attach policy 6. CallsAWS IoT during first time when it connected to internet. – Once Per device 7. Credentials are authenticated & the device is registered 5. Configure a AWS (CONTINUOUS Job) target it to aThing Group. Specify the rollout to indicate the target devices to be notified of the job immediately. AWS IoT Job 8. Device connects, gets notified of the pending job and executes the necessary S/W Configuration and periodically updates the status Device Manufacturer Device Solution Provider IoT Cloud Solution Provider/Operator
Precondition • Device not registered inAWS IoT Device Registry, Individual Leaf Device Certificate signed by intermediate certificate available. PostCondition • Device is NOT registered in the AWS IoT Device Registry. • Device is blocked from Device Provisioning. IoT Device 1. Manufactures the device and installs Certificates (private key in HSM) – Once Per device 2. InstallsAzure IoT Client, SDK and initial version of application - Once Per device AWS IoT AWS IoT Device Registry 3. Create IoT Hub (Done once for all devices) 4. Upload the Root, Intermediate Certificates, Provisioning templates and enable auto registration on the certificates, attach policy 6. CallsAWS IoT during first time when it connected to internet. – Once Per device 7. Credentials are NOT authenticated since the device certificate is revoked 5. Upload the device certificate and revoke it to black list it. Device Manufacturer Device Solution Provider IoT Cloud Solution Provider/Operator
Precondition • Device is registered and active in theAWS IoT Device Registry Note: • Job Document – specifies the remote operations that needs to be performed on the device. • SNAPSHOT job completes after the job is completed on the target. CONTINUOUS Job continues to run when the change is detected in a target (Applicable to use cases where the devices need to be updated as they are added to a group. • Target – could beThing Group or list of devices. Rollout – Indicates how quickly the device need to be notified of the job. PostCondition • Device is configured with the desired configuration. AWS IoT Device Registry 1. Query the Device Registry to identity the target group of devices 2. Create a SNAPSHOT Job with Job Document, Target devices, and Rollout parameter AWS IoT Job IoT DeviceAWS IoT /Topics 3. Notifies the job is available for the device 4. Retrieve Job Information 5. Performs Configuration 6. Updates the job execution status IoT Cloud Solution Provider/Operator
Precondition • Device is registered and active in the AWS IoT Device Registry Post Condition • The device will not be authenticated and will not be able to connect to the AWS IoT. Reactivate the certificate if the service needs to be restored. AWS IoT Device Registry 1. Deactivate the Certificate associated with the device IoT Cloud Solution Provider/Operator
Precondition • Device is registered and active in the AWS IoT Device Registry Post Condition • The device will not be authenticated and will not be able to connect to the AWS IoT AWS IoT Device Registry 1. Revoke the Certificate associated with the device. IoT Cloud Solution Provider/Operator
Precondition • Device is registered and active in the AWS IoT Device Registry Post Condition • Device is not registered. (The device has to go thru provisioning if it needs to be reused) Note: Same scenarios is applicable if a customer cancels the service. AWS IoT Device Registry 1. Deactivate certificate 2. Detach the Certificate from the device 3. Delete the Device from the Registry IoT Cloud Solution Provider/Operator

Empfohlen

Cloud Computing and Microsoft Azure
Cloud Computing and Microsoft AzureCloud Computing and Microsoft Azure
Cloud Computing and Microsoft AzureSuhail Jamaldeen
 
Azure key vault
Azure key vaultAzure key vault
Azure key vaultRahul Nath
 
Webinar: Simplifying the Enterprise Hybrid Cloud with Azure Stack HCI
Webinar: Simplifying the Enterprise Hybrid Cloud with Azure Stack HCIWebinar: Simplifying the Enterprise Hybrid Cloud with Azure Stack HCI
Webinar: Simplifying the Enterprise Hybrid Cloud with Azure Stack HCIStorage Switzerland
 
Security Architectures on AWS
Security Architectures on AWSSecurity Architectures on AWS
Security Architectures on AWSAmazon Web Services
 
Azure IoT Hub
Azure IoT HubAzure IoT Hub
Azure IoT HubShahriar Hossain
 
Amazon Cognito를 활용한 모바일 인증 및 보안, 자원 접근 제어 기법 - AWS Summit Seoul 2017
Amazon Cognito를 활용한 모바일 인증 및 보안, 자원 접근 제어 기법 - AWS Summit Seoul 2017Amazon Cognito를 활용한 모바일 인증 및 보안, 자원 접근 제어 기법 - AWS Summit Seoul 2017
Amazon Cognito를 활용한 모바일 인증 및 보안, 자원 접근 제어 기법 - AWS Summit Seoul 2017Amazon Web Services Korea
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS SecurityAmazon Web Services
 
Amazon ECS
Amazon ECSAmazon ECS
Amazon ECSAmazon Web Services
 

Empfohlen

Cloud Computing and Microsoft Azure
Cloud Computing and Microsoft AzureCloud Computing and Microsoft Azure
Cloud Computing and Microsoft AzureSuhail Jamaldeen
 
Azure key vault
Azure key vaultAzure key vault
Azure key vaultRahul Nath
 
Webinar: Simplifying the Enterprise Hybrid Cloud with Azure Stack HCI
Webinar: Simplifying the Enterprise Hybrid Cloud with Azure Stack HCIWebinar: Simplifying the Enterprise Hybrid Cloud with Azure Stack HCI
Webinar: Simplifying the Enterprise Hybrid Cloud with Azure Stack HCIStorage Switzerland
 
Security Architectures on AWS
Security Architectures on AWSSecurity Architectures on AWS
Security Architectures on AWSAmazon Web Services
 
Azure IoT Hub
Azure IoT HubAzure IoT Hub
Azure IoT HubShahriar Hossain
 
Amazon Cognito를 활용한 모바일 인증 및 보안, 자원 접근 제어 기법 - AWS Summit Seoul 2017
Amazon Cognito를 활용한 모바일 인증 및 보안, 자원 접근 제어 기법 - AWS Summit Seoul 2017Amazon Cognito를 활용한 모바일 인증 및 보안, 자원 접근 제어 기법 - AWS Summit Seoul 2017
Amazon Cognito를 활용한 모바일 인증 및 보안, 자원 접근 제어 기법 - AWS Summit Seoul 2017Amazon Web Services Korea
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS SecurityAmazon Web Services
 
Amazon ECS
Amazon ECSAmazon ECS
Amazon ECSAmazon Web Services
 
Microsoft Azure - Introduction to microsoft's public cloud
Microsoft Azure - Introduction to microsoft's public cloudMicrosoft Azure - Introduction to microsoft's public cloud
Microsoft Azure - Introduction to microsoft's public cloudAtanas Gergiminov
 
A Deepdive into Azure Networking
A Deepdive into Azure NetworkingA Deepdive into Azure Networking
A Deepdive into Azure NetworkingKarim Vaes
 
Setting Up a Landing Zone
Setting Up a Landing ZoneSetting Up a Landing Zone
Setting Up a Landing ZoneAmazon Web Services
 
VMware Cloud on AWS - 100819.pdf
VMware Cloud on AWS - 100819.pdfVMware Cloud on AWS - 100819.pdf
VMware Cloud on AWS - 100819.pdfAmazon Web Services
 
클라우드 세상에서 살아남기: 금융편 - 이한주 대표이사/공동창업자, 베스핀 글로벌 / 김민성 팀장, KB국민카드 :: AWS Summit ...
클라우드 세상에서 살아남기: 금융편 - 이한주 대표이사/공동창업자, 베스핀 글로벌 / 김민성 팀장, KB국민카드 :: AWS Summit ...클라우드 세상에서 살아남기: 금융편 - 이한주 대표이사/공동창업자, 베스핀 글로벌 / 김민성 팀장, KB국민카드 :: AWS Summit ...
클라우드 세상에서 살아남기: 금융편 - 이한주 대표이사/공동창업자, 베스핀 글로벌 / 김민성 팀장, KB국민카드 :: AWS Summit ...Amazon Web Services Korea
 
Microsoft Azure Overview Class 1
Microsoft Azure Overview Class 1Microsoft Azure Overview Class 1
Microsoft Azure Overview Class 1MH Muhammad Ali
 
LG 이노텍 - Amazon Redshift Serverless를 활용한 데이터 분석 플랫폼 혁신 과정 - 발표자: 유재상 선임, LG이노...
LG 이노텍 - Amazon Redshift Serverless를 활용한 데이터 분석 플랫폼 혁신 과정 - 발표자: 유재상 선임, LG이노...LG 이노텍 - Amazon Redshift Serverless를 활용한 데이터 분석 플랫폼 혁신 과정 - 발표자: 유재상 선임, LG이노...
LG 이노텍 - Amazon Redshift Serverless를 활용한 데이터 분석 플랫폼 혁신 과정 - 발표자: 유재상 선임, LG이노...Amazon Web Services Korea
 
IoT & Azure (EventHub)
IoT & Azure (EventHub)IoT & Azure (EventHub)
IoT & Azure (EventHub)Mirco Vanini
 
Introduction to Azure IaaS
Introduction to Azure IaaSIntroduction to Azure IaaS
Introduction to Azure IaaSRobert Crane
 
Migrate to Microsoft Azure with Confidence
Migrate to Microsoft Azure with ConfidenceMigrate to Microsoft Azure with Confidence
Migrate to Microsoft Azure with ConfidenceDavid J Rosenthal
 
Cloudwatch: Monitoring your Services with Metrics and Alarms
Cloudwatch: Monitoring your Services with Metrics and AlarmsCloudwatch: Monitoring your Services with Metrics and Alarms
Cloudwatch: Monitoring your Services with Metrics and AlarmsFelipe
 
Microsoft Defender for Endpoint
Microsoft Defender for EndpointMicrosoft Defender for Endpoint
Microsoft Defender for EndpointCheah Eng Soon
 
Microsoft Azure cloud services
Microsoft Azure cloud servicesMicrosoft Azure cloud services
Microsoft Azure cloud servicesNajeeb Khan
 
Azure WAF
Azure WAFAzure WAF
Azure WAFCheah Eng Soon
 
Scaling a Core Banking Engine Using Apache Kafka | Peter Dudbridge, Thought M...
Scaling a Core Banking Engine Using Apache Kafka | Peter Dudbridge, Thought M...Scaling a Core Banking Engine Using Apache Kafka | Peter Dudbridge, Thought M...
Scaling a Core Banking Engine Using Apache Kafka | Peter Dudbridge, Thought M...HostedbyConfluent
 
AWS GovCloud (US): A path to high compliance in the cloud - GRC344 - AWS re:I...
AWS GovCloud (US): A path to high compliance in the cloud - GRC344 - AWS re:I...AWS GovCloud (US): A path to high compliance in the cloud - GRC344 - AWS re:I...
AWS GovCloud (US): A path to high compliance in the cloud - GRC344 - AWS re:I...Amazon Web Services
 
CAF presentation 09 16-2020
CAF presentation 09 16-2020CAF presentation 09 16-2020
CAF presentation 09 16-2020Michael Nichols
 
AWS IoTにおけるデバイスへの認証情報のプロビジョニング
AWS IoTにおけるデバイスへの認証情報のプロビジョニングAWS IoTにおけるデバイスへの認証情報のプロビジョニング
AWS IoTにおけるデバイスへの認証情報のプロビジョニングAmazon Web Services Japan
 
AWS Amazon S3 Mastery Bootcamp
AWS Amazon S3 Mastery BootcampAWS Amazon S3 Mastery Bootcamp
AWS Amazon S3 Mastery BootcampMatt Bohn
 
Engage your users with Amazon SNS Mobile Push (Now with Broadcast) - Jinesh V...
Engage your users with Amazon SNS Mobile Push (Now with Broadcast) - Jinesh V...Engage your users with Amazon SNS Mobile Push (Now with Broadcast) - Jinesh V...
Engage your users with Amazon SNS Mobile Push (Now with Broadcast) - Jinesh V...Amazon Web Services
 
Gestire i devices con Azure IoT Hub e IoT Edge
Gestire i devices con Azure IoT Hub e IoT EdgeGestire i devices con Azure IoT Hub e IoT Edge
Gestire i devices con Azure IoT Hub e IoT EdgeMarco Parenzan
 
CCI2018 - Gestire devices per l'Internet of Things con Azure IoT Hub
CCI2018 - Gestire devices per l'Internet of Things con Azure IoT HubCCI2018 - Gestire devices per l'Internet of Things con Azure IoT Hub
CCI2018 - Gestire devices per l'Internet of Things con Azure IoT Hubwalk2talk srl
 

Weitere ähnliche Inhalte

Was ist angesagt?

Microsoft Azure - Introduction to microsoft's public cloud
Microsoft Azure - Introduction to microsoft's public cloudMicrosoft Azure - Introduction to microsoft's public cloud
Microsoft Azure - Introduction to microsoft's public cloudAtanas Gergiminov
 
A Deepdive into Azure Networking
A Deepdive into Azure NetworkingA Deepdive into Azure Networking
A Deepdive into Azure NetworkingKarim Vaes
 
VMware Cloud on AWS - 100819.pdf
VMware Cloud on AWS - 100819.pdfVMware Cloud on AWS - 100819.pdf
VMware Cloud on AWS - 100819.pdfAmazon Web Services
 
클라우드 세상에서 살아남기: 금융편 - 이한주 대표이사/공동창업자, 베스핀 글로벌 / 김민성 팀장, KB국민카드 :: AWS Summit ...
클라우드 세상에서 살아남기: 금융편 - 이한주 대표이사/공동창업자, 베스핀 글로벌 / 김민성 팀장, KB국민카드 :: AWS Summit ...클라우드 세상에서 살아남기: 금융편 - 이한주 대표이사/공동창업자, 베스핀 글로벌 / 김민성 팀장, KB국민카드 :: AWS Summit ...
클라우드 세상에서 살아남기: 금융편 - 이한주 대표이사/공동창업자, 베스핀 글로벌 / 김민성 팀장, KB국민카드 :: AWS Summit ...Amazon Web Services Korea
 
Microsoft Azure Overview Class 1
Microsoft Azure Overview Class 1Microsoft Azure Overview Class 1
Microsoft Azure Overview Class 1MH Muhammad Ali
 
LG 이노텍 - Amazon Redshift Serverless를 활용한 데이터 분석 플랫폼 혁신 과정 - 발표자: 유재상 선임, LG이노...
LG 이노텍 - Amazon Redshift Serverless를 활용한 데이터 분석 플랫폼 혁신 과정 - 발표자: 유재상 선임, LG이노...LG 이노텍 - Amazon Redshift Serverless를 활용한 데이터 분석 플랫폼 혁신 과정 - 발표자: 유재상 선임, LG이노...
LG 이노텍 - Amazon Redshift Serverless를 활용한 데이터 분석 플랫폼 혁신 과정 - 발표자: 유재상 선임, LG이노...Amazon Web Services Korea
 
IoT & Azure (EventHub)
IoT & Azure (EventHub)IoT & Azure (EventHub)
IoT & Azure (EventHub)Mirco Vanini
 
Introduction to Azure IaaS
Introduction to Azure IaaSIntroduction to Azure IaaS
Introduction to Azure IaaSRobert Crane
 
Migrate to Microsoft Azure with Confidence
Migrate to Microsoft Azure with ConfidenceMigrate to Microsoft Azure with Confidence
Migrate to Microsoft Azure with ConfidenceDavid J Rosenthal
 
Cloudwatch: Monitoring your Services with Metrics and Alarms
Cloudwatch: Monitoring your Services with Metrics and AlarmsCloudwatch: Monitoring your Services with Metrics and Alarms
Cloudwatch: Monitoring your Services with Metrics and AlarmsFelipe
 
Microsoft Defender for Endpoint
Microsoft Defender for EndpointMicrosoft Defender for Endpoint
Microsoft Defender for EndpointCheah Eng Soon
 
Microsoft Azure cloud services
Microsoft Azure cloud servicesMicrosoft Azure cloud services
Microsoft Azure cloud servicesNajeeb Khan
 
Scaling a Core Banking Engine Using Apache Kafka | Peter Dudbridge, Thought M...
Scaling a Core Banking Engine Using Apache Kafka | Peter Dudbridge, Thought M...Scaling a Core Banking Engine Using Apache Kafka | Peter Dudbridge, Thought M...
Scaling a Core Banking Engine Using Apache Kafka | Peter Dudbridge, Thought M...HostedbyConfluent
 
AWS GovCloud (US): A path to high compliance in the cloud - GRC344 - AWS re:I...
AWS GovCloud (US): A path to high compliance in the cloud - GRC344 - AWS re:I...AWS GovCloud (US): A path to high compliance in the cloud - GRC344 - AWS re:I...
AWS GovCloud (US): A path to high compliance in the cloud - GRC344 - AWS re:I...Amazon Web Services
 
CAF presentation 09 16-2020
CAF presentation 09 16-2020CAF presentation 09 16-2020
CAF presentation 09 16-2020Michael Nichols
 
AWS IoTにおけるデバイスへの認証情報のプロビジョニング
AWS IoTにおけるデバイスへの認証情報のプロビジョニングAWS IoTにおけるデバイスへの認証情報のプロビジョニング
AWS IoTにおけるデバイスへの認証情報のプロビジョニングAmazon Web Services Japan
 
AWS Amazon S3 Mastery Bootcamp
AWS Amazon S3 Mastery BootcampAWS Amazon S3 Mastery Bootcamp
AWS Amazon S3 Mastery BootcampMatt Bohn
 
Engage your users with Amazon SNS Mobile Push (Now with Broadcast) - Jinesh V...
Engage your users with Amazon SNS Mobile Push (Now with Broadcast) - Jinesh V...Engage your users with Amazon SNS Mobile Push (Now with Broadcast) - Jinesh V...
Engage your users with Amazon SNS Mobile Push (Now with Broadcast) - Jinesh V...Amazon Web Services
 

Was ist angesagt? (20)

Microsoft Azure - Introduction to microsoft's public cloud
Microsoft Azure - Introduction to microsoft's public cloudMicrosoft Azure - Introduction to microsoft's public cloud
Microsoft Azure - Introduction to microsoft's public cloud
 
A Deepdive into Azure Networking
A Deepdive into Azure NetworkingA Deepdive into Azure Networking
A Deepdive into Azure Networking
 
Setting Up a Landing Zone
Setting Up a Landing ZoneSetting Up a Landing Zone
Setting Up a Landing Zone
 
VMware Cloud on AWS - 100819.pdf
VMware Cloud on AWS - 100819.pdfVMware Cloud on AWS - 100819.pdf
VMware Cloud on AWS - 100819.pdf
 
클라우드 세상에서 살아남기: 금융편 - 이한주 대표이사/공동창업자, 베스핀 글로벌 / 김민성 팀장, KB국민카드 :: AWS Summit ...
클라우드 세상에서 살아남기: 금융편 - 이한주 대표이사/공동창업자, 베스핀 글로벌 / 김민성 팀장, KB국민카드 :: AWS Summit ...클라우드 세상에서 살아남기: 금융편 - 이한주 대표이사/공동창업자, 베스핀 글로벌 / 김민성 팀장, KB국민카드 :: AWS Summit ...
클라우드 세상에서 살아남기: 금융편 - 이한주 대표이사/공동창업자, 베스핀 글로벌 / 김민성 팀장, KB국민카드 :: AWS Summit ...
 
Microsoft Azure Overview Class 1
Microsoft Azure Overview Class 1Microsoft Azure Overview Class 1
Microsoft Azure Overview Class 1
 
LG 이노텍 - Amazon Redshift Serverless를 활용한 데이터 분석 플랫폼 혁신 과정 - 발표자: 유재상 선임, LG이노...
LG 이노텍 - Amazon Redshift Serverless를 활용한 데이터 분석 플랫폼 혁신 과정 - 발표자: 유재상 선임, LG이노...LG 이노텍 - Amazon Redshift Serverless를 활용한 데이터 분석 플랫폼 혁신 과정 - 발표자: 유재상 선임, LG이노...
LG 이노텍 - Amazon Redshift Serverless를 활용한 데이터 분석 플랫폼 혁신 과정 - 발표자: 유재상 선임, LG이노...
 
IoT & Azure (EventHub)
IoT & Azure (EventHub)IoT & Azure (EventHub)
IoT & Azure (EventHub)
 
Introduction to Azure IaaS
Introduction to Azure IaaSIntroduction to Azure IaaS
Introduction to Azure IaaS
 
Migrate to Microsoft Azure with Confidence
Migrate to Microsoft Azure with ConfidenceMigrate to Microsoft Azure with Confidence
Migrate to Microsoft Azure with Confidence
 
Cloudwatch: Monitoring your Services with Metrics and Alarms
Cloudwatch: Monitoring your Services with Metrics and AlarmsCloudwatch: Monitoring your Services with Metrics and Alarms
Cloudwatch: Monitoring your Services with Metrics and Alarms
 
Microsoft Defender for Endpoint
Microsoft Defender for EndpointMicrosoft Defender for Endpoint
Microsoft Defender for Endpoint
 
Microsoft Azure cloud services
Microsoft Azure cloud servicesMicrosoft Azure cloud services
Microsoft Azure cloud services
 
Azure WAF
Azure WAFAzure WAF
Azure WAF
 
Scaling a Core Banking Engine Using Apache Kafka | Peter Dudbridge, Thought M...
Scaling a Core Banking Engine Using Apache Kafka | Peter Dudbridge, Thought M...Scaling a Core Banking Engine Using Apache Kafka | Peter Dudbridge, Thought M...
Scaling a Core Banking Engine Using Apache Kafka | Peter Dudbridge, Thought M...
 
AWS GovCloud (US): A path to high compliance in the cloud - GRC344 - AWS re:I...
AWS GovCloud (US): A path to high compliance in the cloud - GRC344 - AWS re:I...AWS GovCloud (US): A path to high compliance in the cloud - GRC344 - AWS re:I...
AWS GovCloud (US): A path to high compliance in the cloud - GRC344 - AWS re:I...
 
CAF presentation 09 16-2020
CAF presentation 09 16-2020CAF presentation 09 16-2020
CAF presentation 09 16-2020
 
AWS IoTにおけるデバイスへの認証情報のプロビジョニング
AWS IoTにおけるデバイスへの認証情報のプロビジョニングAWS IoTにおけるデバイスへの認証情報のプロビジョニング
AWS IoTにおけるデバイスへの認証情報のプロビジョニング
 
AWS Amazon S3 Mastery Bootcamp
AWS Amazon S3 Mastery BootcampAWS Amazon S3 Mastery Bootcamp
AWS Amazon S3 Mastery Bootcamp
 
Engage your users with Amazon SNS Mobile Push (Now with Broadcast) - Jinesh V...
Engage your users with Amazon SNS Mobile Push (Now with Broadcast) - Jinesh V...Engage your users with Amazon SNS Mobile Push (Now with Broadcast) - Jinesh V...
Engage your users with Amazon SNS Mobile Push (Now with Broadcast) - Jinesh V...
 

Ähnlich wie IoT platforms – comparison Azure IoT vs AWS IoT

Gestire i devices con Azure IoT Hub e IoT Edge
Gestire i devices con Azure IoT Hub e IoT EdgeGestire i devices con Azure IoT Hub e IoT Edge
Gestire i devices con Azure IoT Hub e IoT EdgeMarco Parenzan
 
CCI2018 - Gestire devices per l'Internet of Things con Azure IoT Hub
CCI2018 - Gestire devices per l'Internet of Things con Azure IoT HubCCI2018 - Gestire devices per l'Internet of Things con Azure IoT Hub
CCI2018 - Gestire devices per l'Internet of Things con Azure IoT Hubwalk2talk srl
 
AWS_IoT_Device_Management_Workshop.pptx
AWS_IoT_Device_Management_Workshop.pptxAWS_IoT_Device_Management_Workshop.pptx
AWS_IoT_Device_Management_Workshop.pptxhawkheadtrolley
 
BRK2122 IOT - From the cloud to the edge
BRK2122 IOT - From the cloud to the edgeBRK2122 IOT - From the cloud to the edge
BRK2122 IOT - From the cloud to the edgeAxel Dittmann
 
Manage your devices with Azure IoT...and more
Manage your devices with Azure IoT...and moreManage your devices with Azure IoT...and more
Manage your devices with Azure IoT...and moreMarco Parenzan
 
Develop a portal to manage your IoT Hub solution
Develop a portal to manage your IoT Hub solution Develop a portal to manage your IoT Hub solution
Develop a portal to manage your IoT Hub solutionMarco Parenzan
 
IOT Edge within th eAzure IOT Framework
IOT Edge within th eAzure IOT FrameworkIOT Edge within th eAzure IOT Framework
IOT Edge within th eAzure IOT FrameworkAxel Dittmann
 
Microsoft Azure IoT Hub (Sam Vanhoutte @TechdaysNL 2017)
Microsoft Azure IoT Hub (Sam Vanhoutte @TechdaysNL 2017)Microsoft Azure IoT Hub (Sam Vanhoutte @TechdaysNL 2017)
Microsoft Azure IoT Hub (Sam Vanhoutte @TechdaysNL 2017)Codit
 
PLNOG15: Simplifying network deployment using Autonomic networking and Plug-a...
PLNOG15: Simplifying network deployment using Autonomic networking and Plug-a...PLNOG15: Simplifying network deployment using Autonomic networking and Plug-a...
PLNOG15: Simplifying network deployment using Autonomic networking and Plug-a...PROIDEA
 
Io t security and azure sphere
Io t security and azure sphereIo t security and azure sphere
Io t security and azure spherePushkar Saraf
 
Srv204 Getting Started with AWS IoT
Srv204 Getting Started with AWS IoTSrv204 Getting Started with AWS IoT
Srv204 Getting Started with AWS IoTAmazon Web Services
 
Build 2017 - B8024 - Connected intelligent things with Windows IoT Core and A...
Build 2017 - B8024 - Connected intelligent things with Windows IoT Core and A...Build 2017 - B8024 - Connected intelligent things with Windows IoT Core and A...
Build 2017 - B8024 - Connected intelligent things with Windows IoT Core and A...Windows Developer
 
한컴MDS_Microsoft Azure IoT Overview
한컴MDS_Microsoft Azure IoT Overview한컴MDS_Microsoft Azure IoT Overview
한컴MDS_Microsoft Azure IoT OverviewHANCOM MDS
 
Improve operational excellence & reduce downtime for your IoT devices.pptx
Improve operational excellence & reduce downtime for your IoT devices.pptxImprove operational excellence & reduce downtime for your IoT devices.pptx
Improve operational excellence & reduce downtime for your IoT devices.pptxNeel688696
 
Open and Secure SCADA: Efficient and Economical Control, Without the Risk
Open and Secure SCADA: Efficient and Economical Control, Without the RiskOpen and Secure SCADA: Efficient and Economical Control, Without the Risk
Open and Secure SCADA: Efficient and Economical Control, Without the RiskInductive Automation
 
Open and Secure SCADA: Efficient and Economical Control, Without the Risk
Open and Secure SCADA: Efficient and Economical Control, Without the RiskOpen and Secure SCADA: Efficient and Economical Control, Without the Risk
Open and Secure SCADA: Efficient and Economical Control, Without the RiskInductive Automation
 
Building an IoT System to Protect My Lunch
Building an IoT System to Protect My LunchBuilding an IoT System to Protect My Lunch
Building an IoT System to Protect My LunchJohn Varghese
 
AWS NYC Meetup - May 2017 - "AWS IoT and Greengrass"
AWS NYC Meetup - May 2017 - "AWS IoT and Greengrass"AWS NYC Meetup - May 2017 - "AWS IoT and Greengrass"
AWS NYC Meetup - May 2017 - "AWS IoT and Greengrass"Chris Munns
 
Jeremy Cowan's AWS user group presentation "AWS Greengrass & IoT demo"
Jeremy Cowan's AWS user group presentation "AWS Greengrass & IoT demo"Jeremy Cowan's AWS user group presentation "AWS Greengrass & IoT demo"
Jeremy Cowan's AWS user group presentation "AWS Greengrass & IoT demo"AWS Chicago
 
Azure IoT Edge: a breakthrough platform and service running cloud intelligenc...
Azure IoT Edge: a breakthrough platform and service running cloud intelligenc...Azure IoT Edge: a breakthrough platform and service running cloud intelligenc...
Azure IoT Edge: a breakthrough platform and service running cloud intelligenc...Microsoft Tech Community
 

Ähnlich wie IoT platforms – comparison Azure IoT vs AWS IoT (20)

Gestire i devices con Azure IoT Hub e IoT Edge
Gestire i devices con Azure IoT Hub e IoT EdgeGestire i devices con Azure IoT Hub e IoT Edge
Gestire i devices con Azure IoT Hub e IoT Edge
 
CCI2018 - Gestire devices per l'Internet of Things con Azure IoT Hub
CCI2018 - Gestire devices per l'Internet of Things con Azure IoT HubCCI2018 - Gestire devices per l'Internet of Things con Azure IoT Hub
CCI2018 - Gestire devices per l'Internet of Things con Azure IoT Hub
 
AWS_IoT_Device_Management_Workshop.pptx
AWS_IoT_Device_Management_Workshop.pptxAWS_IoT_Device_Management_Workshop.pptx
AWS_IoT_Device_Management_Workshop.pptx
 
BRK2122 IOT - From the cloud to the edge
BRK2122 IOT - From the cloud to the edgeBRK2122 IOT - From the cloud to the edge
BRK2122 IOT - From the cloud to the edge
 
Manage your devices with Azure IoT...and more
Manage your devices with Azure IoT...and moreManage your devices with Azure IoT...and more
Manage your devices with Azure IoT...and more
 
Develop a portal to manage your IoT Hub solution
Develop a portal to manage your IoT Hub solution Develop a portal to manage your IoT Hub solution
Develop a portal to manage your IoT Hub solution
 
IOT Edge within th eAzure IOT Framework
IOT Edge within th eAzure IOT FrameworkIOT Edge within th eAzure IOT Framework
IOT Edge within th eAzure IOT Framework
 
Microsoft Azure IoT Hub (Sam Vanhoutte @TechdaysNL 2017)
Microsoft Azure IoT Hub (Sam Vanhoutte @TechdaysNL 2017)Microsoft Azure IoT Hub (Sam Vanhoutte @TechdaysNL 2017)
Microsoft Azure IoT Hub (Sam Vanhoutte @TechdaysNL 2017)
 
PLNOG15: Simplifying network deployment using Autonomic networking and Plug-a...
PLNOG15: Simplifying network deployment using Autonomic networking and Plug-a...PLNOG15: Simplifying network deployment using Autonomic networking and Plug-a...
PLNOG15: Simplifying network deployment using Autonomic networking and Plug-a...
 
Io t security and azure sphere
Io t security and azure sphereIo t security and azure sphere
Io t security and azure sphere
 
Srv204 Getting Started with AWS IoT
Srv204 Getting Started with AWS IoTSrv204 Getting Started with AWS IoT
Srv204 Getting Started with AWS IoT
 
Build 2017 - B8024 - Connected intelligent things with Windows IoT Core and A...
Build 2017 - B8024 - Connected intelligent things with Windows IoT Core and A...Build 2017 - B8024 - Connected intelligent things with Windows IoT Core and A...
Build 2017 - B8024 - Connected intelligent things with Windows IoT Core and A...
 
한컴MDS_Microsoft Azure IoT Overview
한컴MDS_Microsoft Azure IoT Overview한컴MDS_Microsoft Azure IoT Overview
한컴MDS_Microsoft Azure IoT Overview
 
Improve operational excellence & reduce downtime for your IoT devices.pptx
Improve operational excellence & reduce downtime for your IoT devices.pptxImprove operational excellence & reduce downtime for your IoT devices.pptx
Improve operational excellence & reduce downtime for your IoT devices.pptx
 
Open and Secure SCADA: Efficient and Economical Control, Without the Risk
Open and Secure SCADA: Efficient and Economical Control, Without the RiskOpen and Secure SCADA: Efficient and Economical Control, Without the Risk
Open and Secure SCADA: Efficient and Economical Control, Without the Risk
 
Open and Secure SCADA: Efficient and Economical Control, Without the Risk
Open and Secure SCADA: Efficient and Economical Control, Without the RiskOpen and Secure SCADA: Efficient and Economical Control, Without the Risk
Open and Secure SCADA: Efficient and Economical Control, Without the Risk
 
Building an IoT System to Protect My Lunch
Building an IoT System to Protect My LunchBuilding an IoT System to Protect My Lunch
Building an IoT System to Protect My Lunch
 
AWS NYC Meetup - May 2017 - "AWS IoT and Greengrass"
AWS NYC Meetup - May 2017 - "AWS IoT and Greengrass"AWS NYC Meetup - May 2017 - "AWS IoT and Greengrass"
AWS NYC Meetup - May 2017 - "AWS IoT and Greengrass"
 
Jeremy Cowan's AWS user group presentation "AWS Greengrass & IoT demo"
Jeremy Cowan's AWS user group presentation "AWS Greengrass & IoT demo"Jeremy Cowan's AWS user group presentation "AWS Greengrass & IoT demo"
Jeremy Cowan's AWS user group presentation "AWS Greengrass & IoT demo"
 
Azure IoT Edge: a breakthrough platform and service running cloud intelligenc...
Azure IoT Edge: a breakthrough platform and service running cloud intelligenc...Azure IoT Edge: a breakthrough platform and service running cloud intelligenc...
Azure IoT Edge: a breakthrough platform and service running cloud intelligenc...
 

Kürzlich hochgeladen

Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 

Kürzlich hochgeladen (20)

Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 

IoT platforms – comparison Azure IoT vs AWS IoT

  • 1. IoTPlatforms–Comparison AzureIoTvsAWSIoT Device Provisioning, Device Life Cycle Management & Device Content Management
  • 2. Services Description AWS IoT Azure IoT Identity of Devices Registry of Devices • Device Registry • Contains Device ID, meta data, Credentials (Authentication), Authorization (Policy). • Can categorize things in to Thing Types and Thing Groups. • Can store meta data information and query meta data information • Also support indexing on the device registry for querying data from the registry. • Identity Registry • Contains Device ID, Credentials (Authentication) • Store the meta data in device twin. • Additional Meta data can be stored outside of Registry. • Does not support expressive querying. • Recommended only for device management/provisioning. Not for High Throughput operations Security Authentication Mechanism (for Devices) • X 509 Certificates - Generated by AWS or CA signed or Self Signed • Recommended - X509 Certificates • Supports rotation of certifications • X509 Certificates - Self Signed or CA signed. • Security Token - IoT Hub uses security tokens to authenticate devices and services to avoid sending keys on the wire. Tokens are signed using either Shared Access Signature(SAS) key or Symmetric key. • Azure IoT Hub grants access to endpoints by verifying a token against the shared access policies and identity registry security credentials. • Supports rotation of keys (thru Provisioning service) Authorization Mechanism (for Devices) • Policy - Permissions which are attached to the Certificates. (AWS IoT Policy) • Certificates gets attached to the device. • Permissions and Shared Access Policy • A token signed with a shared access key grants access to all the functionality associated with the shared access policy permissions. • A token signed with a device identity's symmetric key only grants the Device Connect permission for the associated device identity.
  • 3. Services Description AWS IoT Azure IoT Device Provisioning • Bulk Provisioning - Preconfigure the IoT solution with necessary Device Credential Information. • Just in Time Provisioning - Provisions the device when the device first connects to the IoT. No Pre- configuration required per device on the cloud. • Bulk Provisioning - Supported. Facilitated by using provisioning templates. Just in Time Provisioning - Supported. Need to configure a CA certificate and Provisioning Templates ahead of time before the device connects Bulk Provisioning - Supported through Jobs/Bulk Imports. Just In Time provisioning - Supported through Provisioning Service. (X509 Certificates, TPM – Trusted Platform Module/HSM) Device Content Management • Ability to modify the content of the connected device including application code, firmware updates • Supported through AWS Jobs API. • Define a job that instructs a set of devices to download and install application or firmware updates, reboot, rotate certificates, or perform remote troubleshooting operations (more of a pull mechanism by the device when it connects to IoT) • Supported. (Jobs) Has two options. • For scenario which require immediate response,(like Reboot or factory Reset) - Use Direct method • For scenario which does not require immediate response. (configuration, firmware updates) - Use Device Twins. Device life Cycle Management • Monitoring • Retire Devices (and Revoke Devices) • Monitoring – Cloudwatch Alarms, logs, events, CloudTrail, AWS IoT metrics • Retire/Revoke - Revoke Device Certificate, deactivate Device certificate, Deactivate CA Certificate. • Monitoring - Azure monitor, Azure Resource health • Retire/Revoke - Use IoT Hub registry to revoke Device Identity or Credentials. Device Identity Can be deleted as well.
  • 4. Azure IoT Scenarios • Scenario 1 – Device Provisioning - Provisioning a device using Just-In-Time Registration (Azure IoT) • Scenario 2 – Device Provisioning – Provision the device with desired S/W Configuration (Azure IoT) • Scenario 3 – Device Provisioning – Block the Provisioning of a Device during Just in time Provisioning (Azure IoT) • Scenario 4 – Device Content Management-Configure the devices with desired Software Configuration (Azure IoT) • Scenario 5 – Customer did not pay. Disable the Service (AZURE IoT) • Scenario 6 – Device compromised. Revoke the Device. (AZURE IoT) • Scenario 7 – Retire a Device (AZURE IoT) AWS IoT Scenarios • Scenario 1 – Device Provisioning - Provisioning a device using Just-In-Time Registration (AWS IoT) • Scenario 2 – Device Provisioning – Provision the device with desired S/W Configuration (AWS IoT) • Scenario 3 – Device Provisioning – Block the Provisioning of a Device during Just in time Provisioning (AWS IoT) • Scenario 4 – Device Content Management-Configure the devices with desired Software Configuration (AWS IoT) • Scenario 5 – Customer did not pay. Disable the Service (AWS IoT) • Scenario 6 – Device compromised. Revoke the Device. (AWS IoT) • Scenario 7 – Retire a Device (AWS IoT)
  • 5. Assumptions • Authentication • X.509 based authentication is recommended and is far more secure since they are based on asymmetric keys. • The presentation assumes that the device would use X.509 based authentication. • Individual device (Leaf) certificates would be signed by either CA signed or Self signed intermediate certificates. • This would be required for Just-in-Time provisioning as any certificate signed by the intermediate certificates would be authenticated. • This eliminates the need for mappings/entries for individual devices before provisioning. • Authorization • Authorization is achieved through AWS IoT Policy (AWS) and Shared Access Policy (Azure IoT). • This presentation assumes that each device will NOT have individual authorization policy for accessing the IoT. • Group of devices will share the same policy. • This eliminates the need for mappings/entries for individual devices before provisioning. • Provisioning • This presentation assumes that the devices would use Just-In-Time provisioning instead of Bulk provisioning for devices. • Just-In-Time provisioning approach is far more advanced and eliminates the need for mappings/entries for individual devices before provisioning. • Just-in-provisioning involves the device to be provisioned when the device first connects to IoT solutions.
  • 6. Role which is responsible for manufacturing the hardware device itself. This presentation assumes that certificates (private key) is embedded within the HSM of the device by the device manufacturer. Role which is responsible for configuring/flashing the IoT SDK and the initial version of IoT application client on the device itself. Role which is responsible for configuring the provisioning rules, IoT Configuration or anything which is required on the cloud. Device Manufacturer Device Solution Provider IoT Cloud Solution Provider/Operator Roles - Assumptions Note:The roles are used for better understanding of the responsibilities however these responsibilities are usually automated using CLI, API or other automation tools.
  • 7. Services Azure IoT Build Blocks Description Registry IoT Identity Registry Device Identity, Credentials, Access Policy are stored in the IoT Identity Registry Provisioning Device Provisioning Service Service responsible for Just-in-Provisioning of an IoT device. (HTTPS Service). Global Service. Supports Geo-sharding. Supports Three types of Enrollment/assignment Evenly Assign the devices to get connected to different IoT Hubs Assign the devices based on latency. Assign it based on Static Configuration (Supports Group and Individual enrollments) Note: This presentation assumes we are using assignment based on Group enrollment. Authorization Shared Access Policy The permissions/authorization is achieved through Shared Access Policy. Usually any client which comes with a Device Identity gets assigned "DeviceConnect" permissions. Software Configurations Device Twins Device twins are JSON documents that store device state information including metadata, configurations, and conditions. Azure IoT Hub maintains a device twin for each device that you connect to IoT Hub. Back office sets the "desired" state on the device twin. The device reads the "desired" state from device twin and does the necessary configuration and reports the status thru "reported" state. Bulk executions Jobs Jobs API used for bulk execution/configuration changes on the devices using either device twin or direct access method. This presentations uses only device twin for s/w configurations on the device. Grouping Devices/Device meta data Device Twins Any meta data for the device, grouping information can be specified in device twin using tags. Used for querying the list of devices based on tags to identify target devices for bulk executions/configurations. Azure IoT Service and Building Blocks
  • 8. Device Life CycleRetire Plan Provision ConfigureMonitor • Securely Provision new devices to IoT Hub. • Use IoT Hub Registry to create flexible device identities. • Use Device Provisioning Service to perform Just-in-time provisioning • or Use bulk provisioning of devices using a job. • Plan for device meta data scheme for Bulk management operation on devices. • Device Twin and Device meta Data • Type of device Credentials to be used • Replace or decommission devices after a failure, upgrade cycle, or at the end of the service lifetime. • Use the device twin to maintain device info if the physical device is being replaced, or archived if being retired. • Use the IoT Hub identity registry for securely revoking • device identities and credentials. • Monitor overall device collection health, the status of ongoing operations, and alert operators to issues that might require their attention. • Apply the device twin to allow devices to report real time operating conditions and status of update operations. • Build powerful dashboard reports that surface the most immediate issues by using device twin queries. • (Azure Monitor, Azure Health) • Facilitate Bulk configuration changes or firmware updates on devices. • Use either Direct Method or Device Twin (in bulk using jobs)
  • 9. Precondition • Device not registered inAzure IoT Identity Registry, Individual Leaf Device Certificate signed by intermediate certificate available. PostCondition • Device is registered in the Azure IoT Identity Registry. • The credentials are associated with the device in the Identity Registry. • DeviceTwin created. • Device provisioning is complete. • Device is connected to the appropriate Azure IoT Hub IoT Device 1. Manufactures the device and installs Certificates (private key in HSM) – Once Per device 2. Installs Initial version of Azure IoT Client/SDK and initial version of application - Once Per device Azure Device Provisioning Service Azure IoT Identity Registry Azure IoT 3. Create IoT Hub, Subscription, Shared Access Policy (Done once for all devices) 4. Create and Link Device Provisioning service to IoT Hub (Done once) 5. ConfigureGroup enrollment rules by associating, root and intermediate certificates (one per group) 6. Calls DPS during first time when it connected to internet. – Once Per device 7.Verifies the credentials, Registers the device in Identity Registry and returns the IoT Hub Information Device Manufacturer Device Solution Provider IoT Cloud Solution Provider/Operator
  • 10. Precondition • Device not registered inAzure IoT Identity Registry, Individual Leaf Device Certificate signed by intermediate certificate available. PostCondition • Device is registered in the Azure IoT Identity Registry. • DeviceTwin created and Device and Device is connected to the appropriate Azure IoT Hub • Device configured with desired S/W Configuration and Device provisioning is complete. IoT Device 1. Manufactures the device and installs Certificates (private key in HSM) – Once Per device 2. InstallsAzure IoT Client, SDK and initial version of application - Once Per device Azure Device Provisioning Service Azure IoT Identity Registry Azure IoT 3. Create IoT Hub, Subscription, Shared Access Policy (Done once for all devices) 4. Create and Link Device Provisioning service to IoT Hub (Done once) 5. ConfigureGroup enrollment rules by associating, root and intermediate certificates & desired Configuration (one per group) 7. Calls DPS during first time when it connected to internet. – Once Per device 8. Credentials are verified and the device is registered. Device Twin 9. Device connects and works with device twin to do the necessary configuration and periodically updates the status. Device Manufacturer Device Solution Provider IoT Cloud Solution Provider/Operator
  • 11. Precondition • Device not registered inAzure IoT Identity Registry, Individual Leaf Device Certificate signed by intermediate certificate available. PostCondition • Device is NOT registered in the Azure IoT Identity Registry. • Device is blocked from Device Provisioning. IoT Device 1. Manufactures the device and installs Certificates (private key in HSM) – Once Per device 2. InstallsAzure IoT Client, SDK and initial version of application - Once Per device Azure Device Provisioning Service Azure IoT Identity Registry Azure IoT 3. Create IoT Hub, Subscription, Shared Access Policy (Done once for all devices) 4. Create and Link Device Provisioning service to IoT Hub (Done once) 5. ConfigureGroup enrollment rules by associating, root and intermediate certificates (one per group) 7. Calls DPS during first time when it connected to internet. – Once Per device 8. Credentials are not valid since the device is blacklisted. 6. Create Individual Enrollment record to black list the device Device Manufacturer Device Solution Provider IoT Cloud Solution Provider/Operator
  • 12. Precondition • Device is registered and active in theAWS IoT Device Registry PostCondition • Device is configured with the desired configuration. DeviceTwins 1. Query the DeviceTwin meta data to identity the target group of devices 2. Create a Job to use device twin with desired Configuration Azure IoT Job IoT Device 3. Performs Configuration 4. Updates the reported status periodically IoT Cloud Solution Provider/Operator
  • 13. Precondition • Device is registered and active in the Azure IoT Identity Registry Post Condition • The device will not be able to connect to the Azure IoT. Enable the device in the registry if the service needs to be restored. Azure IoT Identity Registry 1. Disable the Device in the Registry IoT Cloud Solution Provider/Operator
  • 14. Precondition • Device is registered and active in the Azure IoT Identity Registry Post Condition • The device will not be authenticated and will not be able to connect to the Azure IoT Azure IoT Identity Registry 1. Revoke the Credential associated with the device Azure IoT Device Provisioning Service 2. Blacklist the device/credential using individual enrollmentIoT Cloud Solution Provider/Operator
  • 15. Precondition • Device is registered and active in the Azure IoT Identity Registry Post Condition • Device is not registered. (The device has to go thru provisioning if it needs to be reused) Note: Same scenarios is applicable if a customer cancels the service. Azure IoT Identity Registry 1. Delete the Device from the Registry IoT Cloud Solution Provider/Operator
  • 16. AWS IoT Service and Building Blocks Services AWS IoT Build Blocks Description Registry Device Registry Device Identity, Credentials, Access Policy are stored in the IoT Device Registry Detail Device meta data can also be stored in the Device registry. Provides indexing and query capabilities on the registry. Provisioning AWS IoT AWS IoT provides the device provisioning services. (No explicit mention of provisioning service as such like azure IoT DPS) Authorization IoT Policy The permissions/authorization is achieved through IoT Policy. IoT Policy are defined and gets attached to the certificate and the certificate gets attached to the device in the device registry (during provisioning) Software Configurations & Bulk executions Jobs Bulk s/w configuration or remote operations on a number of devices are configured through AWS IoT Jobs. The Jobs are of two types. SNAPSHOT - used on fixed number devices. CONTINUOUS - A continuous job is one that continues to run and is executed when a change is detected in a target.A continuous job can be used to onboard or upgrade devices as they are added to a group. Specify Rollout to indicate how quickly the device need to be notified of the job. Job Document - contains the details of the job that need be performed. Grouping Devices Thing Group, Thing Types Device can be grouped in to Thing Group and/or Thing Types. Facilitates in identifying a group if a s/w configuration needs to be done on a specific group.
  • 17. Device Life CycleRetire Plan Provision ConfigureMonitor • Securely Provision new devices to AWS IoT. • Use Device Registry to create flexible device identities. • Use Just-in-time provisioning or Use bulk provisioning of devices using a job. • Plan for device meta data scheme for Bulk management operation on devices. • Plan for Thing Groups and Thing Types for bulk operations • Type of device Credentials to be used • Replace or decommission devices after a failure, upgrade cycle, or at the end of the service lifetime. • Use the Device registry for securely revoking • device identities and credentials. • Monitor overall device collection health, the status of ongoing operations, and alert operators to issues that might require their attention. • AWS Cloud Watch (metrics, events, logs), Cloud Trail • Facilitate Bulk configuration changes Using AWS Jobs
  • 18. Precondition • Device not registered inAWS IoT Device Registry, Individual Leaf Device Certificate signed by intermediate certificate available. PostCondition • Device is registered in the AWS IoT Device Registry. • The credentials are associated with the device in the Device Registry. • Device provisioning is complete. • Device is connected to theAWS IoT IoT Device 1. Manufactures the device and installs Certificates (private key in HSM) – Once Per device 2. InstallsAzure IoT Client, SDK and initial version of application - Once Per device AWS IoT AWS IoT Device Registry 3. Create IoT Hub (Done once for all devices) 4. Upload the Root, Intermediate Certificates, Provisioning templates and enable auto registration on the certificates, attach policy 5. CallsAWS IoT during first time when it connected to internet. – Once Per device 6.Verifies the credentials, Registers the device in Device Registry Device Manufacturer Device Solution Provider IoT Cloud Solution Provider/Operator
  • 19. Precondition • Device not registered inAWS IoT Device Registry, Individual Leaf Device Certificate signed by intermediate certificate available. PostCondition • Device is registered in the AWS IoT Device Registry. Device provisioning is complete. • Device is connected to the appropriate AWS IoT. Device is configured with the desired configuration specified in the Job. IoT Device 1. Manufactures the device and installs Certificates (private key in HSM) – Once Per device 2. InstallsAzure IoT Client, SDK and initial version of application - Once Per device AWS IoT AWS IoT Device Registry 3. Create IoT Hub (Done once for all devices) 4. Upload the Root, Intermediate Certificates, Provisioning templates and enable auto registration on the certificates, attach policy 6. CallsAWS IoT during first time when it connected to internet. – Once Per device 7. Credentials are authenticated & the device is registered 5. Configure a AWS (CONTINUOUS Job) target it to aThing Group. Specify the rollout to indicate the target devices to be notified of the job immediately. AWS IoT Job 8. Device connects, gets notified of the pending job and executes the necessary S/W Configuration and periodically updates the status Device Manufacturer Device Solution Provider IoT Cloud Solution Provider/Operator
  • 20. Precondition • Device not registered inAWS IoT Device Registry, Individual Leaf Device Certificate signed by intermediate certificate available. PostCondition • Device is NOT registered in the AWS IoT Device Registry. • Device is blocked from Device Provisioning. IoT Device 1. Manufactures the device and installs Certificates (private key in HSM) – Once Per device 2. InstallsAzure IoT Client, SDK and initial version of application - Once Per device AWS IoT AWS IoT Device Registry 3. Create IoT Hub (Done once for all devices) 4. Upload the Root, Intermediate Certificates, Provisioning templates and enable auto registration on the certificates, attach policy 6. CallsAWS IoT during first time when it connected to internet. – Once Per device 7. Credentials are NOT authenticated since the device certificate is revoked 5. Upload the device certificate and revoke it to black list it. Device Manufacturer Device Solution Provider IoT Cloud Solution Provider/Operator
  • 21. Precondition • Device is registered and active in theAWS IoT Device Registry Note: • Job Document – specifies the remote operations that needs to be performed on the device. • SNAPSHOT job completes after the job is completed on the target. CONTINUOUS Job continues to run when the change is detected in a target (Applicable to use cases where the devices need to be updated as they are added to a group. • Target – could beThing Group or list of devices. Rollout – Indicates how quickly the device need to be notified of the job. PostCondition • Device is configured with the desired configuration. AWS IoT Device Registry 1. Query the Device Registry to identity the target group of devices 2. Create a SNAPSHOT Job with Job Document, Target devices, and Rollout parameter AWS IoT Job IoT DeviceAWS IoT /Topics 3. Notifies the job is available for the device 4. Retrieve Job Information 5. Performs Configuration 6. Updates the job execution status IoT Cloud Solution Provider/Operator
  • 22. Precondition • Device is registered and active in the AWS IoT Device Registry Post Condition • The device will not be authenticated and will not be able to connect to the AWS IoT. Reactivate the certificate if the service needs to be restored. AWS IoT Device Registry 1. Deactivate the Certificate associated with the device IoT Cloud Solution Provider/Operator
  • 23. Precondition • Device is registered and active in the AWS IoT Device Registry Post Condition • The device will not be authenticated and will not be able to connect to the AWS IoT AWS IoT Device Registry 1. Revoke the Certificate associated with the device. IoT Cloud Solution Provider/Operator
  • 24. Precondition • Device is registered and active in the AWS IoT Device Registry Post Condition • Device is not registered. (The device has to go thru provisioning if it needs to be reused) Note: Same scenarios is applicable if a customer cancels the service. AWS IoT Device Registry 1. Deactivate certificate 2. Detach the Certificate from the device 3. Delete the Device from the Registry IoT Cloud Solution Provider/Operator