Digital Identity is Under Attack: FIDO Paris Seminar.pptx
A ROA for the WOT
1. A Resource Oriented Architecture
for the Web of Things
Dominique Guinard (ETH / SAP Research / MIT Auto-ID Labs)
Vlad Trifa (ETH Zurich / SAP Research)
Erik Wilde (UC Berkeley)
2. INTRODUCTION AND MOTIVATION
What’s the Web of Things? What is it good for?
Dec. 1, 2010 2Dominique Guinard ETH / SAP / MIT
[http://www.flickr.com/photos/moragcasey/]
3. Dec. 1, 2010 3Dominique Guinard ETH / SAP / MIT
The Embedded Systems Era
Ubiquitous:
Home appliances
Industries
Smart Cities
Connected:
Zigbee, Bluetooth, Wifi
4. Finding an Application Integration Platform
Question:
How do we enable tech savvys and
companies to create applications on
top of this eco-system?
Hundreds of different platforms
Web?
Scalable (7000 Facebook p/sec.)
Ubiquitous (from mobile to desktop)
Well-understood (1.73 Bio. users)
Thesis:
Re-use and develop Web-standards to
build a Things Universal API.
Dec. 1, 2010 4Dominique Guinard ETH / SAP / MIT
5. WEB OF THINGS ARCHITECTURE
Building a Web of Things, piece by piece…
Dec. 1, 2010 5Dominique Guinard ETH / SAP / MIT
[http://www.flickr.com/photos/julianbleecker]
6. REST: The Core of the Web
REST: architecture with 5 constraints
1. Identify resources and links:
A resource: something, that can and that’s worth, getting a URI and
links
2. Design respresentations
3. Use the uniform interface
4. Bring things to the Internet&Web
Dec. 1, 2010 6Dominique Guinard ETH / SAP / MIT
[2] Architectural
styles…
[1] RESTful Web
Services.
7. Case Study with Sun Spots
1) Resources and Links
Thanks to their atomicity services on embedded devices are
quite adapted to Resource-Oriented Architectures.
Resources:
Spots: http://webofthings.com/spots
Spot 2: http://webofthings.com/spots/2
Light Sensor: http://webofthings.com/spots/2/sensors/light
Led Actuator:
http://webofthings.com/spots/2/actuators/led
Resource Identification Hypermedia
Dec. 1, 2010 7Dominique Guinard ETH / SAP / MIT
8. 2) Representation Design
HTML as default, ideal for browsing:
http://webofthings.com/spots
JSON & JSONp, ideal for mashups
XML, ideal for integration with business systems
Self-Describing Messages Hypermedia
Dec. 1, 2010 8Dominique Guinard ETH / SAP / MIT
9. 3) Interface Design
Leverage content negotiation:
Accept: application/json
Use the HTTP Verbs extensively:
GET, PUT, POST, DELETE
GET http://webofthings.com/spots/2/sensors/temperature
PUT http://webofthings.com/spots/2/actuators/led/1
Map status codes:
200 OK, 201 Created, 400 Bad Request
Dec. 1, 2010 9Dominique Guinard ETH / SAP / MIT
Uniform Interface Self-Describing Messages
10. 4) Bringing Things to the Internet&Web:
Smart Gateways
6lowpan coming quickly:
Cisco, IPSO, OpenPicus
HTTP Reverse Proxy
Hiding IoT proprietary protocols
(Zigbee, Bluetooth, etc.):
Dongle based
OSGi modularity
Installed on residential gateways:
Wireless routers (OpenWrt)
NAT
RESTful Design Process can be
(partially) automated
Dec. 1, 2010 10Dominique Guinard ETH / SAP / MIT
[3] Facilitating Integration of
Services for WoT
11. APPLICATIONS
What can we build on top of the Web of Things?
Dec. 1, 2010 11Dominique Guinard ETH / SAP / MIT
[http://www.flickr.com/photos/docman]
12. Typical WoT Architecture: « Energie Visible »
Project for a private foundation
for sustainability (cudrefin02.ch)
Goal: an easily deployable
system for better understanding
consumption:
Cross-platform
Web access
Uses the Plogg sensor nodes
Smart Gateway provides
RESTful API
Dec. 1, 2010 12Dominique Guinard ETH / SAP / MIT
13. « Energie Visible »: Mashup and UIs
Web UI / Mashup using Javascript (GWT):
www.webofthings.com/energievisible
E-Meter iPhone App
Dec. 1, 2010 13Dominique Guinard ETH / SAP / MIT
[http://www.vs.inf.ethz.ch/res/show.html?what=emeter_demo]
[4] Increasing Energy
Awareness Through
Web-enabled Power
Outlets.
14. Physical Mashup Editors
• Clickscript:
– Javascript (JQuery / DOJO) based
visual language.
• Added wrappers for WoT
devices:
– SunSPOT, Ploggs, RFID reader
Dec. 1, 2010 14Dominique Guinard ETH / SAP / MIT
[http://www.clickscript.ch]
[5] Mashing up Your
Web-Enabled Home
15. EVALUATION
Ok, it’s easier to build apps upon, but is the WoT really feasible?
Dec. 1, 2010 15Dominique Guinard ETH / SAP / MIT
[ http://www.flickr.com/photos/myfwc]
16. Quantitative Evaluation
10’000 requests on the Sun
SPOTs
1) Embedded Webserver:
205 ms (97 – 8500)
2) Smart Gateway:
Sync-based (caching)
4 ms (2 – 49)
Age max: 300 ms
Good enough for most sub-
second use cases.
Dec. 1, 2010 16Dominique Guinard ETH / SAP / MIT
17. BEYOND REST
What is the Web of Things good for?
Dec. 1, 2010 17Dominique Guinard ETH / SAP / MIT
[http://www.flickr.com/photos/brapke/]
18. Beyond Client-Server: Real-Time Web
Client-server paradigm not really
natural for sensing application.
Need for sensor push.
First step:
Atom (cleaner RSS) / AtomPub
Real push
Pubsubhubbub
HTML 5 Web
Sockets
Server-sent
events
RESTful XMPP
Dec. 1, 2010 18Dominique Guinard ETH / SAP / MIT
19. Beyond HTML: Discovering Services
Service Discovery:
Microformats
HTML5 Microdata
RDFa
Google Custom Engine
Yahoo Search Monkey
Dyser
Dec. 1, 2010 19Dominique Guinard ETH / SAP / MIT
20. Thanks a lot for your attention
Contact us if you want to use our
APIs in your projects:
Dominique Guinard
www.guinard.org
www.webofthings.com
Special thanks to: Simon Mayer,
Lukas Naef and Thomas Pham.
Dec. 1, 2010 20Dominique Guinard ETH / SAP / MIT
21. References
1. L. Richardson and S. Ruby. RESTful Web Services.
O'Reilly Media, Inc., 2007
2. R. Fielding: “Architectural styles and the design of
network-based software architectures”, 2000
3. S. Mayer, D. Guinard, V. Trifa: “Facilitating Integration and
Interaction of Real-World Services for WoT” Urban IoT
2010
4. M. Weiss, D. Guinard: “Increasing Energy Awareness
Through Web-enabled Power Outlets” MUM 2010
5. D. Guinard: “Mashing up Your Web-Enabled Home”,
Touch the Web 2010
Dec. 1, 2010 21Dominique Guinard ETH / SAP / MIT
23. Qualitative Evaluation
Plogg RESTful API & Sun SPOT API used by 6
independent research labs.
Early feedback:
Easy to understand and use
Straightforward testing & Web-integration
Currently evaluating with 80 students.
Dec. 1, 2010 23Dominique Guinard ETH / SAP / MIT
Let’s turn a Sun SPOT sensor node into a resource.
The first step is to think of what should be a resource in a Sun SPOT.
Obviously the spot itself should be, so it’s sensors and actuator.
Then we think about the representation of these resources. We suggest offering at least HTML since it allows for natural browsing and user oriented-discovery of the sub resources.
For application to application communication we suggest JSON, a lightweight alternative to XML which is easily parseable into objects (javascript or java). To specify the format we would like to obtain we use either a .format or the standard http accept header (recommended).
Reverse proxy: from the Web to the proxy
Impemented the sunspot with both the embedded webserver idea and the smart gateway
In the first case, each request is routed through the proxy to
the embedded HTTP server running on the remote Sun SPOT
where it is served. In this case, the average round-trip time
over 10’000 consecutive request is 205 milliseconds (min 97
ms, max 8.5 seconds).
In the second case, we use a synchronization-based ar-
chitecture — that is each Sun SPOT periodically sends its
sensor readings to the proxy where they are cached locally.
Each request is then served directly from this cache without
accessing the actual device, in which case the average round-
trip time was 4 ms (min 2 ms, max 49 ms). This has
a) Early Qualitative Evaluation: The Plogg RESTful
Gateway and the Sun SPOTs have been used by two external
development teams, which hints some of the qualitative advan-
tages developers can gain from the proposed the architecture.
In the first case, the idea was to build a mobile energy monitor-
ing application based on the iPhone and communicating with
the Ploggs. In the second case, the goal was to demonstrate
the use of a browser-based JavaScript Mashup editor with
real-world services. According to interviews we conducted
with the developers, they enjoyed using the RESTful smart
things, in particular the ease of use of a Web “API” versus
a custom “API”. For the iPhone application a native API to
Bluetooth did not exist at that time. However, like for almost
any platform an HTTP (and JSON) library was available. One
of the developer mentioned a learning curve for REST but
emphasized the fact that it was still rather simple and that once
it was learnt the same principles could be used to interact with
a large number of services and possibly soon devices. They
finally noted the direct integration to Web browsers as one of
the most prevalen