Diese Präsentation wurde erfolgreich gemeldet.
Die SlideShare-Präsentation wird heruntergeladen. ×

Web API Management meets the Internet of Things

Wird geladen in …3

Hier ansehen

1 von 24 Anzeige

Weitere Verwandte Inhalte

Diashows für Sie (18)

Ähnlich wie Web API Management meets the Internet of Things (20)


Weitere von Paul Fremantle (17)

Aktuellste (20)


Web API Management meets the Internet of Things

  1. 1. Web API Management meets the Internet of Things Paul Fremantle, University of Portsmouth Dr. Jacek Kopecký, University of Portsmouth Dr. Benjamin Aziz, University of Portsmouth {paul.fremantle, jacek.kopecky,benjamin.aziz}@port.ac.uk
  2. 2. Abstract • Web API Management is an extension to support Service Oriented Architectures on the public internet • We examine how IoT networks work with Web API Management • Built a prototype • Present the results and performance evaluation
  3. 3. Definition of Web API Management • Web APIs are capabilities offered across the web, accessed by software not people • Web API Management adds: – Publishing of metadata – Sign-up and subscription – Key management – Access Control – Usage Control – Monitoring and Monetization • References [1,2,3]
  4. 4. A typical Web API Management “Developer Site”
  5. 5. The Internet of Things • Systems that connect the physical world to the Internet • Sensors – Pollution, Weather, Health, House, Cars, etc • Actuators – Lighting, Door locks, Motors, etc • Low power requirements • Non-HTTP protocols such as MQTT and CoAP
  6. 6. Research Questions What is the impact of the Internet of Things onto Web APIs and Web API Management – How do IoT devices identify themselves to Web APIs over IoT protocols? – How can we add IoT protocol support to existing Web API Management systems? – What is the impact of adding identity, usage control and analytics to existing IoT protocol interactions
  7. 7. Related Work • Very little academic research into Web API Management – Raivio et al: business models of Open APIs in telecoms [4] – Kopecky et al [5] challenges and approaches of managing Web APIs • Hypercat [6], ZettaJS [7] – open Web APIs for IoT • Existing gateways [8,9] are network bridges sitting out in the field, not server-side capabilities • Some use of advanced access control and Oauth – Fremantle et al [10] and Cirani et al [11]
  8. 8. The current situation Majority of IoT networks today Private API Device Web systems: Ecosystems, On-demand signup, rich set of clients
  9. 9. Gaps in the existing work • Authentication and access control – But little work on publishing, signup, usage control, monitoring, etc • No extension of API management capabilities to IoT protocols such as MQTT and CoAP • How to extend existing models to support large numbers of IoT clients
  10. 10. Contributions • Identification of issues in the area • Creation of a prototype software environment for exploration (IGNITE) – The first general intermediary for MQTT • Demonstration that OAuth2 Dynamic Client Registration works in the context of IoT • Experimental performance results
  11. 11. Background
  12. 12. OAuth2 • Emerged out of OpenID as an approach for machine-to-machine tokens using Web protocols • A web-based API centric authentication and authorization standard • Used extensively for API management • OAuth2 evolution: – OpenID Connect – User Managed Access (UMA)
  13. 13. Dynamic Client Registration • IETF standard • Part of OAuth2 / OpenID Connect family of standards • A RESTful API for Clients to register to an OAuth2 authorization server • In the context of IoT allows each client to have its own unique credentials – Important because of hardware / device hacking possibilities
  14. 14. MQTT • Very lightweight messaging protocol – Designed for 8-bit controllers, SCADA, etc – Low power, low bandwidth – Binary header of 2 bytes – Lots of implementations • Mosquitto from Eclipse • Apache ActiveMQ and Apollo – Clients: • Arduino, Perl, Python, PHP, C, Java, JS/Node.js, .Net, etc • Plus an even lighter-weight version for Zigbee – MQTT-SN (Sensor Network)
  15. 15. API Portal HTTP Gateway IGNITE Key Server MQTT Broker Web Client IoT Client HTTP Service Monitoring Existing Infrastructure (above dashed line) REST MQTT Developer Web interaction Newly added Infrastructure (below dashed line) Public Internet (to left of dotted line) Overall System Architecture
  16. 16. Implementation • Open Source API Management solution – WSO2 API Manager • Authorization Server – MitreID-Connect server from MIT – Open Source OAuth2 authorization server • Message Broker – Based on Mosquitto – Open Source MQTT broker • IGNITE – Intelligent Gateway for Networked IoT Events – Prototyped in Python and Java – Available at https://github.com/pzfreo/ignite
  17. 17. IGNITE MITRE- Connect Key Server Mosquitto MQTT Broker Test System Connect MQTT Subscriber Publish Test System
  18. 18. Performance Results
  19. 19. Conclusions • IoT protocols can be added into existing API management capabilities orthogonally • Extended existing work on adding OAuth2 to MQTT in a more flexible, extensible manner • Enables Usage Control, throttling, and monitoring
  20. 20. Further Work • Extend the IGNITE system beyond the simple Python prototype into a more robust system • Add Usage Control, Throttling, Monitoring • Explore CoAP
  21. 21. References 1. Heffner, R.: The Forrester Wave: API Management Solutions, Q3 2014 (2014) 2. Lane, K.: API Evangelist Blog. http://apievangelist.com/blog/ 3. Williams, A.: 5 Rules For API Management | TechCrunch. http://techcrunch.com/2012/11/11/5- rules-for-api-management/ 4. Raivio, Y., Luukkainen, S., Seppala, S.: Towards Open Telco-Business models of API management providers. In: System Sciences (HICSS), 2011 44th Hawaii International Conference on. pp. 1{11. IEEE (2011) 5. Kopecky, J., Fremantle, P., Boakes, R.: A history and future of Web APIs. Information Technology (2014) 6. Lea, R.: HyperCat: an IoT interoperability specication (2013) 7. Zetta - An API-First Internet of Things (IoT) Platform - Free and Open Source Software, http://www.zettajs.org/ 8. Chen, H., Jia, X., Li, H.: A brief introduction to IoT gateway. In: IET International Conference on Communication Technology and Application (ICCTA 2011). Pp. 610{613 (2011) 9. Zhu, Q., Wang, R., Chen, Q., Liu, Y., Qin, W.: IoT gateway: Bridging wireless sensor networks into internet of things. In: Embedded and Ubiquitous Computing (EUC), 2010 IEEE/IFIP 8th International Conference on. pp. 347{352. IEEE (2010) 10. Fremantle, P., Aziz, B., Scott, P., Kopecky, J.: Federated Identity and Access Management for the Internet of Things. In: 3rd International Workshop on the Secure IoT (2014) 11. Cirani, S., Picone, M., Gonizzi, P., Veltri, L., Ferrari, G.: IoT-OAS: An Oauth-based Authorization Service Architecture for Secure Services in IoT Scenarios (2015)
  22. 22. Questions? https://www.flickr.com/photos/-bast-
  23. 23. Acknowledgements The travel expenses of presenting this research paper were funded by the University of Portsmouth, Faculty of Technology Research Capital Investment Fund (RCIF) number 46175.

Hinweis der Redaktion

  • title MQTT QOS2 flow

    participant Publisher as P
    participant Broker as B
    participant Subscriber as S



    S->B: SUBSCRIBE (Topic: /pzf, QoS: 2)
    B->S: SUBACK
    Note right of S: Subscribed

    P->B: PUBLISH (d0, q2, r0, m1, '/pzf', hello)
    B->S: PUBLISH (d0, q2, r0, m1, '/pzf', hello)
    S->B: PUBREC

    B->P: PUBREC
    P->B: PUBREL

    B->S: PUBREL
    note right of S: deliver to app “hello”