SlideShare a Scribd company logo

Browser-based Secure Remote Access for the Internet of Things

Günter Obiltschnig
Günter Obiltschnig

Secure remote access to the built-in web server of a device is one of the fundamental building blocks for the Internet of Things. my-devices.net enables easy and secure remote access, even if the device is located behind a NAT router or a firewall and does not have a public IP address.

Internet
1 of 30
Download to read offline
Secure cloud-enabled remote access to IoT devices via web browser, SSH or TCP-based network protocols. my-devices.net
Executive Summary > Remotely manage and monitor your IoT devices securely using a device’s built-in web server, command-line shell (SSH) or other TCP-based protocols. > Securely connect mobile apps to your devices using REST APIs. > Allow your customers to access their devices from anywhere. > Assist your customers setting up or troubleshooting their devices. > Secure your devices against unauthorized access or attacks from the internet. > Don’t worry about firewalls, NAT, proxy servers or mobile routers preventing access to your device. > Avoid insecure port forwarding/dynamic DNS or complex VPNs. > Host on public or private cloud.
Web-based user interfaces are state-of-the-art 
 in network-based embedded systems for 
 configuration, control and monitoring. Thanks to advanced web browsers (even on mobile devices), JavaScript and Ajax technologies, modern web-based user interfaces are powerful, visually attractive and easy to use.
Web-based user interfaces work great … ! … if device and web browser are in the same local network ! … or if the device is exposed to the Internet (a bad idea)
But what if… > the user wants to access a device when away from home? > the device is at a hard to reach remote location? > support staff needs to access the device for trouble shooting?
What about Port Forwarding and Dynamic DNS? > it’s simple and widely supported by internet routers > it allows access to any TCP or UDP-based network service provided by the device (if properly forwarded)
But … > NAT router configuration for port forwarding can be complex, especially if multiple devices must be accessible (every device needs a unique public port number) > a Dynamic DNS service is needed if the NAT router does not have a static public IP address > the device is directly exposed to the internet – very high risk and danger of denial-of-service or other attacks and thus a very bad idea
 (be prepared to find your device on Shodan)
What about VPNs? > the device is directly integrated into a remote network using a secure tunnel through the internet > secure, encrypted connection > proven, standardized and widely available technology
But… > VPNs may be blocked by network provider > necessary network and VPN server infrastructure is difficult to setup and to maintain, especially if lots of devices must be integrated > all clients must have access to VPN in order to access the devices (difficult with a large number of users in consumer markets, e.g. home automation) > additional measures must be taken to isolate devices in the VPN from one another and to prevent users from accessing devices they should not access
A Solution: my-devices.net > uses secure (TLS) WebSocket-based tunneling, initiated by device
 (NAT router, proxy and firewall friendly) > reflector server connects device and client > easy to integrate into a device (especially if Linux based):
 single executable plus configuration file, or library for direct integration into an application > works with any web server > can securely forward almost any TCP-based protocol, including SSH
! SDK DEVICE API REST HTTPS (REST API) HTTPS (Web Page) WebTunnel my-devices.net Reflector Server HTTP SSH etc. How my-devices.net works Browser Mobile App
The my-devices.net Reflector Server > connect clients and devices by transparently forwarding TCP socket connections from client to device > contains a web server and acts as a quasi transparent HTTP proxy > performs user and device authentication > provides a web user interface for managing devices > provides a REST interface for easy integration with other applications > uses wildcard DNS entries to address devices – each device gets its own unique hostname and bookmark-able URL
Tour
Account/Current User Clicking the Account icon or user name takes you to the Account page.
Filter Controls The filter controls allow you to display devices matching given keywords or tags. You can also switch between online, offline or all devices.
Device Name and Description The first column displays the device name and description. Clicking on the device name opens the device website. Clicking on the description opens the properties page for this device. Hovering over the device name or description displays a tooltip showing the device’s unique ID and its domain (the user group it belongs to).
Online/Offline Status This column shows whether the device is currently connected to the reflector server (= online) or not (= offline). If the browser supports WebSockets, this will be updated dynamically as soon as the status changes.
IP Address The externally visible IP address of the device. In most cases this is the address of the NAT router the device uses to connect to the internet.
Properties and Delete Buttons Clicking the Properties button opens the properties page of the device. Clicking the delete button (only shown for offline devices) allows you to delete the device.
Now let’s open a device website.
https://b170daab-c7cd-4412-9f55-0004f303c68d.my-devices.net/ Each device gets its unique host name (based on its unique ID) and bookmark-able URL.
my-devices.net can be used for: > remote access to IoT gateways, data loggers and monitoring devices, e.g. in renewable energy (photovoltaics and wind energy plants), environmental monitoring, traffic and transport, etc. > smart metering (remote access to smart power meters or smart metering gateways) > remote access to mobile devices for data acquisition, tracking, fleet management, etc. > remote maintenance and servicing of consumer electronics, home/building automation and HVAC devices > remote maintenance and servicing of machines and industrial equipment > remote access to IP network cameras and DVRs > remote access to security and access control systems
To get started with my-devices.net: > visit http://www.my-devices.net for more information > read the white paper at 
 http://www.my-devices.net/download/whitepaper/my-devices.net_WhitePaper.pdf > register for a free account and connect up to five of your own devices at
 http://www.my-devices.net/getstarted.html
Applied Informatics Solutions Portfolio
For more information, please visit: ! http://www.my-devices.net http://www.appinf.com Copyright © 2014-2015 by Applied Informatics Software Engineering GmbH. All rights reserved. Applied Informatics Software Engineering GmbH Maria Elend 143 9182 Maria Elend Austria 
 +43 4253 32596 | info@appinf.com

Recommended

Programming IoT Gateways in JavaScript with macchina.io
Programming IoT Gateways in JavaScript with macchina.ioProgramming IoT Gateways in JavaScript with macchina.io
Programming IoT Gateways in JavaScript with macchina.io
Günter Obiltschnig
 
Programming IoT Gateways with macchina.io
Programming IoT Gateways with macchina.ioProgramming IoT Gateways with macchina.io
Programming IoT Gateways with macchina.io
Günter Obiltschnig
 
Cosmos, Big Data GE Implementation
Cosmos, Big Data GE ImplementationCosmos, Big Data GE Implementation
Cosmos, Big Data GE ImplementationFIWARE
 
Building Your Own IoT Platform using FIWARE GEis
Building Your Own IoT Platform using FIWARE GEisBuilding Your Own IoT Platform using FIWARE GEis
Building Your Own IoT Platform using FIWARE GEis
FIWARE
 
201410 2 fiware-orion-contextbroker
201410 2 fiware-orion-contextbroker201410 2 fiware-orion-contextbroker
201410 2 fiware-orion-contextbrokerFIWARE
 
Whats new in iOS5
Whats new in iOS5Whats new in iOS5
Whats new in iOS5
Paul Ardeleanu
 
iOS Keychain 介紹
iOS Keychain 介紹iOS Keychain 介紹
iOS Keychain 介紹
ShengWen Chiou
 
Security and performance designs for client-server communications
Security and performance designs for client-server communicationsSecurity and performance designs for client-server communications
Security and performance designs for client-server communicationsWO Community
 

Recommended

Programming IoT Gateways in JavaScript with macchina.io
Programming IoT Gateways in JavaScript with macchina.ioProgramming IoT Gateways in JavaScript with macchina.io
Programming IoT Gateways in JavaScript with macchina.io
Günter Obiltschnig
 
Programming IoT Gateways with macchina.io
Programming IoT Gateways with macchina.ioProgramming IoT Gateways with macchina.io
Programming IoT Gateways with macchina.io
Günter Obiltschnig
 
Cosmos, Big Data GE Implementation
Cosmos, Big Data GE ImplementationCosmos, Big Data GE Implementation
Cosmos, Big Data GE ImplementationFIWARE
 
Building Your Own IoT Platform using FIWARE GEis
Building Your Own IoT Platform using FIWARE GEisBuilding Your Own IoT Platform using FIWARE GEis
Building Your Own IoT Platform using FIWARE GEis
FIWARE
 
201410 2 fiware-orion-contextbroker
201410 2 fiware-orion-contextbroker201410 2 fiware-orion-contextbroker
201410 2 fiware-orion-contextbrokerFIWARE
 
Whats new in iOS5
Whats new in iOS5Whats new in iOS5
Whats new in iOS5
Paul Ardeleanu
 
iOS Keychain 介紹
iOS Keychain 介紹iOS Keychain 介紹
iOS Keychain 介紹
ShengWen Chiou
 
Security and performance designs for client-server communications
Security and performance designs for client-server communicationsSecurity and performance designs for client-server communications
Security and performance designs for client-server communicationsWO Community
 
Beginning icloud development - Cesare Rocchi - WhyMCA
Beginning icloud development - Cesare Rocchi - WhyMCABeginning icloud development - Cesare Rocchi - WhyMCA
Beginning icloud development - Cesare Rocchi - WhyMCAWhymca
 
Laporan multi client
Laporan multi clientLaporan multi client
Laporan multi clientichsanbarokah
 
Architecting Secure and Compliant Applications with MongoDB
Architecting Secure and Compliant Applications with MongoDB Architecting Secure and Compliant Applications with MongoDB
Architecting Secure and Compliant Applications with MongoDB
MongoDB
 
Arduino、Web 到 IoT
Arduino、Web 到 IoTArduino、Web 到 IoT
Arduino、Web 到 IoT
Justin Lin
 
Do you know what your drupal is doing? Observe it!
Do you know what your drupal is doing? Observe it!Do you know what your drupal is doing? Observe it!
Do you know what your drupal is doing? Observe it!
Luca Lusso
 
Cnam azure 2014 mobile services
Cnam azure 2014 mobile servicesCnam azure 2014 mobile services
Cnam azure 2014 mobile services
Aymeric Weinbach
 
Generating cross platform .NET based azure IoTdevice
Generating cross platform .NET based azure IoTdeviceGenerating cross platform .NET based azure IoTdevice
Generating cross platform .NET based azure IoTdevice
Alon Fliess
 
Taking advantage of the Amazon Web Services (AWS) Family
Taking advantage of the Amazon Web Services (AWS) FamilyTaking advantage of the Amazon Web Services (AWS) Family
Taking advantage of the Amazon Web Services (AWS) Family
Ben Hall
 
Hack ASP.NET website
Hack ASP.NET websiteHack ASP.NET website
Hack ASP.NET website
Positive Hack Days
 
Fun Teaching MongoDB New Tricks
Fun Teaching MongoDB New TricksFun Teaching MongoDB New Tricks
Fun Teaching MongoDB New Tricks
MongoDB
 
A.java
A.javaA.java
A.java
JahnaviBhagat
 
Cassandra summit 2013 - DataStax Java Driver Unleashed!
Cassandra summit 2013 - DataStax Java Driver Unleashed!Cassandra summit 2013 - DataStax Java Driver Unleashed!
Cassandra summit 2013 - DataStax Java Driver Unleashed!Michaël Figuière
 
Networking and Data Access with Eqela
Networking and Data Access with EqelaNetworking and Data Access with Eqela
Networking and Data Access with Eqelajobandesther
 
Local Authentication par Pierre-Alban Toth
Local Authentication par Pierre-Alban TothLocal Authentication par Pierre-Alban Toth
Local Authentication par Pierre-Alban Toth
CocoaHeads France
 
"Auth for React.js APP", Nikita Galkin
"Auth for React.js APP", Nikita Galkin"Auth for React.js APP", Nikita Galkin
"Auth for React.js APP", Nikita Galkin
Fwdays
 
Jsp/Servlet
Jsp/ServletJsp/Servlet
Jsp/Servlet
Sunil OS
 
dotSwift - From Problem to Solution
dotSwift - From Problem to SolutiondotSwift - From Problem to Solution
dotSwift - From Problem to Solution
soroushkhanlou
 
DEF CON 27 - ALVARO MUNOZ / OLEKSANDR MIROSH - sso wars the token menace
DEF CON 27 - ALVARO MUNOZ / OLEKSANDR MIROSH - sso wars the token menaceDEF CON 27 - ALVARO MUNOZ / OLEKSANDR MIROSH - sso wars the token menace
DEF CON 27 - ALVARO MUNOZ / OLEKSANDR MIROSH - sso wars the token menace
Felipe Prado
 
Introduction to Nodejs
Introduction to NodejsIntroduction to Nodejs
Introduction to Nodejs
Gabriele Lana
 
Build resource server & client for OCF Cloud (2018.8.30)
Build resource server & client for OCF Cloud (2018.8.30)Build resource server & client for OCF Cloud (2018.8.30)
Build resource server & client for OCF Cloud (2018.8.30)
남균 김
 
Virtual Private Network (VPN).
Virtual Private Network (VPN).Virtual Private Network (VPN).
Virtual Private Network (VPN).Debasis Chowdhury
 
WebRTC Security
WebRTC SecurityWebRTC Security
WebRTC Security
Alex Hunte
 

More Related Content

What's hot

Beginning icloud development - Cesare Rocchi - WhyMCA
Beginning icloud development - Cesare Rocchi - WhyMCABeginning icloud development - Cesare Rocchi - WhyMCA
Beginning icloud development - Cesare Rocchi - WhyMCAWhymca
 
Laporan multi client
Laporan multi clientLaporan multi client
Laporan multi clientichsanbarokah
 
Architecting Secure and Compliant Applications with MongoDB
Architecting Secure and Compliant Applications with MongoDB Architecting Secure and Compliant Applications with MongoDB
Architecting Secure and Compliant Applications with MongoDB
MongoDB
 
Arduino、Web 到 IoT
Arduino、Web 到 IoTArduino、Web 到 IoT
Arduino、Web 到 IoT
Justin Lin
 
Do you know what your drupal is doing? Observe it!
Do you know what your drupal is doing? Observe it!Do you know what your drupal is doing? Observe it!
Do you know what your drupal is doing? Observe it!
Luca Lusso
 
Cnam azure 2014 mobile services
Cnam azure 2014 mobile servicesCnam azure 2014 mobile services
Cnam azure 2014 mobile services
Aymeric Weinbach
 
Generating cross platform .NET based azure IoTdevice
Generating cross platform .NET based azure IoTdeviceGenerating cross platform .NET based azure IoTdevice
Generating cross platform .NET based azure IoTdevice
Alon Fliess
 
Taking advantage of the Amazon Web Services (AWS) Family
Taking advantage of the Amazon Web Services (AWS) FamilyTaking advantage of the Amazon Web Services (AWS) Family
Taking advantage of the Amazon Web Services (AWS) Family
Ben Hall
 
Hack ASP.NET website
Hack ASP.NET websiteHack ASP.NET website
Hack ASP.NET website
Positive Hack Days
 
Fun Teaching MongoDB New Tricks
Fun Teaching MongoDB New TricksFun Teaching MongoDB New Tricks
Fun Teaching MongoDB New Tricks
MongoDB
 
A.java
A.javaA.java
A.java
JahnaviBhagat
 
Cassandra summit 2013 - DataStax Java Driver Unleashed!
Cassandra summit 2013 - DataStax Java Driver Unleashed!Cassandra summit 2013 - DataStax Java Driver Unleashed!
Cassandra summit 2013 - DataStax Java Driver Unleashed!Michaël Figuière
 
Networking and Data Access with Eqela
Networking and Data Access with EqelaNetworking and Data Access with Eqela
Networking and Data Access with Eqelajobandesther
 
Local Authentication par Pierre-Alban Toth
Local Authentication par Pierre-Alban TothLocal Authentication par Pierre-Alban Toth
Local Authentication par Pierre-Alban Toth
CocoaHeads France
 
"Auth for React.js APP", Nikita Galkin
"Auth for React.js APP", Nikita Galkin"Auth for React.js APP", Nikita Galkin
"Auth for React.js APP", Nikita Galkin
Fwdays
 
Jsp/Servlet
Jsp/ServletJsp/Servlet
Jsp/Servlet
Sunil OS
 
dotSwift - From Problem to Solution
dotSwift - From Problem to SolutiondotSwift - From Problem to Solution
dotSwift - From Problem to Solution
soroushkhanlou
 
DEF CON 27 - ALVARO MUNOZ / OLEKSANDR MIROSH - sso wars the token menace
DEF CON 27 - ALVARO MUNOZ / OLEKSANDR MIROSH - sso wars the token menaceDEF CON 27 - ALVARO MUNOZ / OLEKSANDR MIROSH - sso wars the token menace
DEF CON 27 - ALVARO MUNOZ / OLEKSANDR MIROSH - sso wars the token menace
Felipe Prado
 
Introduction to Nodejs
Introduction to NodejsIntroduction to Nodejs
Introduction to Nodejs
Gabriele Lana
 
Build resource server & client for OCF Cloud (2018.8.30)
Build resource server & client for OCF Cloud (2018.8.30)Build resource server & client for OCF Cloud (2018.8.30)
Build resource server & client for OCF Cloud (2018.8.30)
남균 김
 

What's hot (20)

Beginning icloud development - Cesare Rocchi - WhyMCA
Beginning icloud development - Cesare Rocchi - WhyMCABeginning icloud development - Cesare Rocchi - WhyMCA
Beginning icloud development - Cesare Rocchi - WhyMCA
 
Laporan multi client
Laporan multi clientLaporan multi client
Laporan multi client
 
Architecting Secure and Compliant Applications with MongoDB
Architecting Secure and Compliant Applications with MongoDB Architecting Secure and Compliant Applications with MongoDB
Architecting Secure and Compliant Applications with MongoDB
 
Arduino、Web 到 IoT
Arduino、Web 到 IoTArduino、Web 到 IoT
Arduino、Web 到 IoT
 
Do you know what your drupal is doing? Observe it!
Do you know what your drupal is doing? Observe it!Do you know what your drupal is doing? Observe it!
Do you know what your drupal is doing? Observe it!
 
Cnam azure 2014 mobile services
Cnam azure 2014 mobile servicesCnam azure 2014 mobile services
Cnam azure 2014 mobile services
 
Generating cross platform .NET based azure IoTdevice
Generating cross platform .NET based azure IoTdeviceGenerating cross platform .NET based azure IoTdevice
Generating cross platform .NET based azure IoTdevice
 
Taking advantage of the Amazon Web Services (AWS) Family
Taking advantage of the Amazon Web Services (AWS) FamilyTaking advantage of the Amazon Web Services (AWS) Family
Taking advantage of the Amazon Web Services (AWS) Family
 
Hack ASP.NET website
Hack ASP.NET websiteHack ASP.NET website
Hack ASP.NET website
 
Fun Teaching MongoDB New Tricks
Fun Teaching MongoDB New TricksFun Teaching MongoDB New Tricks
Fun Teaching MongoDB New Tricks
 
A.java
A.javaA.java
A.java
 
Cassandra summit 2013 - DataStax Java Driver Unleashed!
Cassandra summit 2013 - DataStax Java Driver Unleashed!Cassandra summit 2013 - DataStax Java Driver Unleashed!
Cassandra summit 2013 - DataStax Java Driver Unleashed!
 
Networking and Data Access with Eqela
Networking and Data Access with EqelaNetworking and Data Access with Eqela
Networking and Data Access with Eqela
 
Local Authentication par Pierre-Alban Toth
Local Authentication par Pierre-Alban TothLocal Authentication par Pierre-Alban Toth
Local Authentication par Pierre-Alban Toth
 
"Auth for React.js APP", Nikita Galkin
"Auth for React.js APP", Nikita Galkin"Auth for React.js APP", Nikita Galkin
"Auth for React.js APP", Nikita Galkin
 
Jsp/Servlet
Jsp/ServletJsp/Servlet
Jsp/Servlet
 
dotSwift - From Problem to Solution
dotSwift - From Problem to SolutiondotSwift - From Problem to Solution
dotSwift - From Problem to Solution
 
DEF CON 27 - ALVARO MUNOZ / OLEKSANDR MIROSH - sso wars the token menace
DEF CON 27 - ALVARO MUNOZ / OLEKSANDR MIROSH - sso wars the token menaceDEF CON 27 - ALVARO MUNOZ / OLEKSANDR MIROSH - sso wars the token menace
DEF CON 27 - ALVARO MUNOZ / OLEKSANDR MIROSH - sso wars the token menace
 
Introduction to Nodejs
Introduction to NodejsIntroduction to Nodejs
Introduction to Nodejs
 
Build resource server & client for OCF Cloud (2018.8.30)
Build resource server & client for OCF Cloud (2018.8.30)Build resource server & client for OCF Cloud (2018.8.30)
Build resource server & client for OCF Cloud (2018.8.30)
 

Similar to Browser-based Secure Remote Access for the Internet of Things

Virtual Private Network (VPN).
Virtual Private Network (VPN).Virtual Private Network (VPN).
Virtual Private Network (VPN).Debasis Chowdhury
 
WebRTC Security
WebRTC SecurityWebRTC Security
WebRTC Security
Alex Hunte
 
Security and identity management on WebRTC
Security and identity management on WebRTCSecurity and identity management on WebRTC
Security and identity management on WebRTC
Quobis
 
Networking devices
Networking devicesNetworking devices
Networking devices
NetProtocol Xpert
 
WebRTC Security Concerns, a real problem?
WebRTC Security Concerns, a real problem?WebRTC Security Concerns, a real problem?
WebRTC Security Concerns, a real problem?
VOIP2DAY
 
VOIP2DAY 2015: "WebRTC security concerns, a real problem?"
VOIP2DAY 2015: "WebRTC security concerns, a real problem?"VOIP2DAY 2015: "WebRTC security concerns, a real problem?"
VOIP2DAY 2015: "WebRTC security concerns, a real problem?"
Quobis
 
Network security
Network securityNetwork security
Network security
Presentaionslive.blogspot.com
 
Introduction of firewall slides
Introduction of firewall slidesIntroduction of firewall slides
Introduction of firewall slidesrahul kundu
 
Mobile Devices & BYOD Security – Deployment & Best Practices
Mobile Devices & BYOD Security – Deployment & Best PracticesMobile Devices & BYOD Security – Deployment & Best Practices
Mobile Devices & BYOD Security – Deployment & Best Practices
Cisco Canada
 
Comparative analysis of traditional scada systems and io t implemented scada
Comparative analysis of traditional scada systems and io t implemented scadaComparative analysis of traditional scada systems and io t implemented scada
Comparative analysis of traditional scada systems and io t implemented scada
IJARIIT
 
REMOVABLE STORAGE CENTRALIZED CONTROL FOR WINDOWS LAN, WAN, OR WORKGROUP
REMOVABLE STORAGE CENTRALIZED CONTROL FOR WINDOWS LAN, WAN, OR WORKGROUPREMOVABLE STORAGE CENTRALIZED CONTROL FOR WINDOWS LAN, WAN, OR WORKGROUP
REMOVABLE STORAGE CENTRALIZED CONTROL FOR WINDOWS LAN, WAN, OR WORKGROUP
Network_security
 
REMOVABLE STORAGE CENTRALIZED CONTROL FOR WINDOWS LAN, WAN, OR WORKGROUP
REMOVABLE STORAGE CENTRALIZED CONTROL FOR WINDOWS LAN, WAN, OR WORKGROUPREMOVABLE STORAGE CENTRALIZED CONTROL FOR WINDOWS LAN, WAN, OR WORKGROUP
REMOVABLE STORAGE CENTRALIZED CONTROL FOR WINDOWS LAN, WAN, OR WORKGROUP
Javier Arrospide
 
EMBEDDED WEB SERVER
EMBEDDED WEB SERVEREMBEDDED WEB SERVER
EMBEDDED WEB SERVER
kavya Reddy
 
Virtual private network
Virtual private networkVirtual private network
Virtual private network
VINAY GATLA
 

Similar to Browser-based Secure Remote Access for the Internet of Things (20)

Virtual Private Network (VPN).
Virtual Private Network (VPN).Virtual Private Network (VPN).
Virtual Private Network (VPN).
 
WebRTC Security
WebRTC SecurityWebRTC Security
WebRTC Security
 
Security and identity management on WebRTC
Security and identity management on WebRTCSecurity and identity management on WebRTC
Security and identity management on WebRTC
 
Networking devices
Networking devicesNetworking devices
Networking devices
 
CentralizedSerialWP
CentralizedSerialWPCentralizedSerialWP
CentralizedSerialWP
 
WebRTC Security Concerns, a real problem?
WebRTC Security Concerns, a real problem?WebRTC Security Concerns, a real problem?
WebRTC Security Concerns, a real problem?
 
VOIP2DAY 2015: "WebRTC security concerns, a real problem?"
VOIP2DAY 2015: "WebRTC security concerns, a real problem?"VOIP2DAY 2015: "WebRTC security concerns, a real problem?"
VOIP2DAY 2015: "WebRTC security concerns, a real problem?"
 
Web Technology
Web TechnologyWeb Technology
Web Technology
 
Web Technology
Web TechnologyWeb Technology
Web Technology
 
Web Technology
Web TechnologyWeb Technology
Web Technology
 
Network security
Network securityNetwork security
Network security
 
Ecommerce final ppt
Ecommerce final pptEcommerce final ppt
Ecommerce final ppt
 
Introduction of firewall slides
Introduction of firewall slidesIntroduction of firewall slides
Introduction of firewall slides
 
Mobile Devices & BYOD Security – Deployment & Best Practices
Mobile Devices & BYOD Security – Deployment & Best PracticesMobile Devices & BYOD Security – Deployment & Best Practices
Mobile Devices & BYOD Security – Deployment & Best Practices
 
Comparative analysis of traditional scada systems and io t implemented scada
Comparative analysis of traditional scada systems and io t implemented scadaComparative analysis of traditional scada systems and io t implemented scada
Comparative analysis of traditional scada systems and io t implemented scada
 
REMOVABLE STORAGE CENTRALIZED CONTROL FOR WINDOWS LAN, WAN, OR WORKGROUP
REMOVABLE STORAGE CENTRALIZED CONTROL FOR WINDOWS LAN, WAN, OR WORKGROUPREMOVABLE STORAGE CENTRALIZED CONTROL FOR WINDOWS LAN, WAN, OR WORKGROUP
REMOVABLE STORAGE CENTRALIZED CONTROL FOR WINDOWS LAN, WAN, OR WORKGROUP
 
REMOVABLE STORAGE CENTRALIZED CONTROL FOR WINDOWS LAN, WAN, OR WORKGROUP
REMOVABLE STORAGE CENTRALIZED CONTROL FOR WINDOWS LAN, WAN, OR WORKGROUPREMOVABLE STORAGE CENTRALIZED CONTROL FOR WINDOWS LAN, WAN, OR WORKGROUP
REMOVABLE STORAGE CENTRALIZED CONTROL FOR WINDOWS LAN, WAN, OR WORKGROUP
 
EMBEDDED WEB SERVER
EMBEDDED WEB SERVEREMBEDDED WEB SERVER
EMBEDDED WEB SERVER
 
Final ppt ecommerce
Final ppt ecommerceFinal ppt ecommerce
Final ppt ecommerce
 
Virtual private network
Virtual private networkVirtual private network
Virtual private network
 

Recently uploaded

test test test test testtest test testtest test testtest test testtest test ...
test test test test testtest test testtest test testtest test testtest test ...test test test test testtest test testtest test testtest test testtest test ...
test test test test testtest test testtest test testtest test testtest test ...
Arif0071
 
ER(Entity Relationship) Diagram for online shopping - TAE
ER(Entity Relationship) Diagram for online shopping - TAEER(Entity Relationship) Diagram for online shopping - TAE
ER(Entity Relationship) Diagram for online shopping - TAE
Himani415946
 
The+Prospects+of+E-Commerce+in+China.pptx
The+Prospects+of+E-Commerce+in+China.pptxThe+Prospects+of+E-Commerce+in+China.pptx
The+Prospects+of+E-Commerce+in+China.pptx
laozhuseo02
 
Living-in-IT-era-Module-7-Imaging-and-Design-for-Social-Impact.pptx
Living-in-IT-era-Module-7-Imaging-and-Design-for-Social-Impact.pptxLiving-in-IT-era-Module-7-Imaging-and-Design-for-Social-Impact.pptx
Living-in-IT-era-Module-7-Imaging-and-Design-for-Social-Impact.pptx
TristanJasperRamos
 
急速办(bedfordhire毕业证书)英国贝德福特大学毕业证成绩单原版一模一样
急速办(bedfordhire毕业证书)英国贝德福特大学毕业证成绩单原版一模一样急速办(bedfordhire毕业证书)英国贝德福特大学毕业证成绩单原版一模一样
急速办(bedfordhire毕业证书)英国贝德福特大学毕业证成绩单原版一模一样
3ipehhoa
 
Latest trends in computer networking.pptx
Latest trends in computer networking.pptxLatest trends in computer networking.pptx
Latest trends in computer networking.pptx
JungkooksNonexistent
 
History+of+E-commerce+Development+in+China-www.cfye-commerce.shop
History+of+E-commerce+Development+in+China-www.cfye-commerce.shopHistory+of+E-commerce+Development+in+China-www.cfye-commerce.shop
History+of+E-commerce+Development+in+China-www.cfye-commerce.shop
laozhuseo02
 
1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样
1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样
1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样
3ipehhoa
 
How to Use Contact Form 7 Like a Pro.pptx
How to Use Contact Form 7 Like a Pro.pptxHow to Use Contact Form 7 Like a Pro.pptx
How to Use Contact Form 7 Like a Pro.pptx
Gal Baras
 
This 7-second Brain Wave Ritual Attracts Money To You.!
This 7-second Brain Wave Ritual Attracts Money To You.!This 7-second Brain Wave Ritual Attracts Money To You.!
This 7-second Brain Wave Ritual Attracts Money To You.!
nirahealhty
 
Multi-cluster Kubernetes Networking- Patterns, Projects and Guidelines
Multi-cluster Kubernetes Networking- Patterns, Projects and GuidelinesMulti-cluster Kubernetes Networking- Patterns, Projects and Guidelines
Multi-cluster Kubernetes Networking- Patterns, Projects and Guidelines
Sanjeev Rampal
 
原版仿制(uob毕业证书)英国伯明翰大学毕业证本科学历证书原版一模一样
原版仿制(uob毕业证书)英国伯明翰大学毕业证本科学历证书原版一模一样原版仿制(uob毕业证书)英国伯明翰大学毕业证本科学历证书原版一模一样
原版仿制(uob毕业证书)英国伯明翰大学毕业证本科学历证书原版一模一样
3ipehhoa
 
1.Wireless Communication System_Wireless communication is a broad term that i...
1.Wireless Communication System_Wireless communication is a broad term that i...1.Wireless Communication System_Wireless communication is a broad term that i...
1.Wireless Communication System_Wireless communication is a broad term that i...
JeyaPerumal1
 
guildmasters guide to ravnica Dungeons & Dragons 5...
guildmasters guide to ravnica Dungeons & Dragons 5...guildmasters guide to ravnica Dungeons & Dragons 5...
guildmasters guide to ravnica Dungeons & Dragons 5...
Rogerio Filho
 
Output determination SAP S4 HANA SAP SD CC
Output determination SAP S4 HANA SAP SD CCOutput determination SAP S4 HANA SAP SD CC
Output determination SAP S4 HANA SAP SD CC
ShahulHameed54211
 
BASIC C++ lecture NOTE C++ lecture 3.pptx
BASIC C++ lecture NOTE C++ lecture 3.pptxBASIC C++ lecture NOTE C++ lecture 3.pptx
BASIC C++ lecture NOTE C++ lecture 3.pptx
natyesu
 

Recently uploaded (16)

test test test test testtest test testtest test testtest test testtest test ...
test test test test testtest test testtest test testtest test testtest test ...test test test test testtest test testtest test testtest test testtest test ...
test test test test testtest test testtest test testtest test testtest test ...
 
ER(Entity Relationship) Diagram for online shopping - TAE
ER(Entity Relationship) Diagram for online shopping - TAEER(Entity Relationship) Diagram for online shopping - TAE
ER(Entity Relationship) Diagram for online shopping - TAE
 
The+Prospects+of+E-Commerce+in+China.pptx
The+Prospects+of+E-Commerce+in+China.pptxThe+Prospects+of+E-Commerce+in+China.pptx
The+Prospects+of+E-Commerce+in+China.pptx
 
Living-in-IT-era-Module-7-Imaging-and-Design-for-Social-Impact.pptx
Living-in-IT-era-Module-7-Imaging-and-Design-for-Social-Impact.pptxLiving-in-IT-era-Module-7-Imaging-and-Design-for-Social-Impact.pptx
Living-in-IT-era-Module-7-Imaging-and-Design-for-Social-Impact.pptx
 
急速办(bedfordhire毕业证书)英国贝德福特大学毕业证成绩单原版一模一样
急速办(bedfordhire毕业证书)英国贝德福特大学毕业证成绩单原版一模一样急速办(bedfordhire毕业证书)英国贝德福特大学毕业证成绩单原版一模一样
急速办(bedfordhire毕业证书)英国贝德福特大学毕业证成绩单原版一模一样
 
Latest trends in computer networking.pptx
Latest trends in computer networking.pptxLatest trends in computer networking.pptx
Latest trends in computer networking.pptx
 
History+of+E-commerce+Development+in+China-www.cfye-commerce.shop
History+of+E-commerce+Development+in+China-www.cfye-commerce.shopHistory+of+E-commerce+Development+in+China-www.cfye-commerce.shop
History+of+E-commerce+Development+in+China-www.cfye-commerce.shop
 
1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样
1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样
1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样
 
How to Use Contact Form 7 Like a Pro.pptx
How to Use Contact Form 7 Like a Pro.pptxHow to Use Contact Form 7 Like a Pro.pptx
How to Use Contact Form 7 Like a Pro.pptx
 
This 7-second Brain Wave Ritual Attracts Money To You.!
This 7-second Brain Wave Ritual Attracts Money To You.!This 7-second Brain Wave Ritual Attracts Money To You.!
This 7-second Brain Wave Ritual Attracts Money To You.!
 
Multi-cluster Kubernetes Networking- Patterns, Projects and Guidelines
Multi-cluster Kubernetes Networking- Patterns, Projects and GuidelinesMulti-cluster Kubernetes Networking- Patterns, Projects and Guidelines
Multi-cluster Kubernetes Networking- Patterns, Projects and Guidelines
 
原版仿制(uob毕业证书)英国伯明翰大学毕业证本科学历证书原版一模一样
原版仿制(uob毕业证书)英国伯明翰大学毕业证本科学历证书原版一模一样原版仿制(uob毕业证书)英国伯明翰大学毕业证本科学历证书原版一模一样
原版仿制(uob毕业证书)英国伯明翰大学毕业证本科学历证书原版一模一样
 
1.Wireless Communication System_Wireless communication is a broad term that i...
1.Wireless Communication System_Wireless communication is a broad term that i...1.Wireless Communication System_Wireless communication is a broad term that i...
1.Wireless Communication System_Wireless communication is a broad term that i...
 
guildmasters guide to ravnica Dungeons & Dragons 5...
guildmasters guide to ravnica Dungeons & Dragons 5...guildmasters guide to ravnica Dungeons & Dragons 5...
guildmasters guide to ravnica Dungeons & Dragons 5...
 
Output determination SAP S4 HANA SAP SD CC
Output determination SAP S4 HANA SAP SD CCOutput determination SAP S4 HANA SAP SD CC
Output determination SAP S4 HANA SAP SD CC
 
BASIC C++ lecture NOTE C++ lecture 3.pptx
BASIC C++ lecture NOTE C++ lecture 3.pptxBASIC C++ lecture NOTE C++ lecture 3.pptx
BASIC C++ lecture NOTE C++ lecture 3.pptx
 

Browser-based Secure Remote Access for the Internet of Things

  • 1. Secure cloud-enabled remote access to IoT devices via web browser, SSH or TCP-based network protocols. my-devices.net
  • 2. Executive Summary > Remotely manage and monitor your IoT devices securely using a device’s built-in web server, command-line shell (SSH) or other TCP-based protocols. > Securely connect mobile apps to your devices using REST APIs. > Allow your customers to access their devices from anywhere. > Assist your customers setting up or troubleshooting their devices. > Secure your devices against unauthorized access or attacks from the internet. > Don’t worry about firewalls, NAT, proxy servers or mobile routers preventing access to your device. > Avoid insecure port forwarding/dynamic DNS or complex VPNs. > Host on public or private cloud.
  • 3. Web-based user interfaces are state-of-the-art 
 in network-based embedded systems for 
 configuration, control and monitoring. Thanks to advanced web browsers (even on mobile devices), JavaScript and Ajax technologies, modern web-based user interfaces are powerful, visually attractive and easy to use.
  • 4. Web-based user interfaces work great … ! … if device and web browser are in the same local network ! … or if the device is exposed to the Internet (a bad idea)
  • 5. But what if… > the user wants to access a device when away from home? > the device is at a hard to reach remote location? > support staff needs to access the device for trouble shooting?
  • 6. What about Port Forwarding and Dynamic DNS? > it’s simple and widely supported by internet routers > it allows access to any TCP or UDP-based network service provided by the device (if properly forwarded)
  • 7. But … > NAT router configuration for port forwarding can be complex, especially if multiple devices must be accessible (every device needs a unique public port number) > a Dynamic DNS service is needed if the NAT router does not have a static public IP address > the device is directly exposed to the internet – very high risk and danger of denial-of-service or other attacks and thus a very bad idea
 (be prepared to find your device on Shodan)
  • 8.
  • 9.
  • 10. What about VPNs? > the device is directly integrated into a remote network using a secure tunnel through the internet > secure, encrypted connection > proven, standardized and widely available technology
  • 11. But… > VPNs may be blocked by network provider > necessary network and VPN server infrastructure is difficult to setup and to maintain, especially if lots of devices must be integrated > all clients must have access to VPN in order to access the devices (difficult with a large number of users in consumer markets, e.g. home automation) > additional measures must be taken to isolate devices in the VPN from one another and to prevent users from accessing devices they should not access
  • 12. A Solution: my-devices.net > uses secure (TLS) WebSocket-based tunneling, initiated by device
 (NAT router, proxy and firewall friendly) > reflector server connects device and client > easy to integrate into a device (especially if Linux based):
 single executable plus configuration file, or library for direct integration into an application > works with any web server > can securely forward almost any TCP-based protocol, including SSH
  • 13. ! SDK DEVICE API REST HTTPS (REST API) HTTPS (Web Page) WebTunnel my-devices.net Reflector Server HTTP SSH etc. How my-devices.net works Browser Mobile App
  • 14. The my-devices.net Reflector Server > connect clients and devices by transparently forwarding TCP socket connections from client to device > contains a web server and acts as a quasi transparent HTTP proxy > performs user and device authentication > provides a web user interface for managing devices > provides a REST interface for easy integration with other applications > uses wildcard DNS entries to address devices – each device gets its own unique hostname and bookmark-able URL
  • 15. Tour
  • 16.
  • 17.
  • 18. Account/Current User Clicking the Account icon or user name takes you to the Account page.
  • 19. Filter Controls The filter controls allow you to display devices matching given keywords or tags. You can also switch between online, offline or all devices.
  • 20. Device Name and Description The first column displays the device name and description. Clicking on the device name opens the device website. Clicking on the description opens the properties page for this device. Hovering over the device name or description displays a tooltip showing the device’s unique ID and its domain (the user group it belongs to).
  • 21. Online/Offline Status This column shows whether the device is currently connected to the reflector server (= online) or not (= offline). If the browser supports WebSockets, this will be updated dynamically as soon as the status changes.
  • 22. IP Address The externally visible IP address of the device. In most cases this is the address of the NAT router the device uses to connect to the internet.
  • 23. Properties and Delete Buttons Clicking the Properties button opens the properties page of the device. Clicking the delete button (only shown for offline devices) allows you to delete the device.
  • 24. Now let’s open a device website.
  • 25.
  • 26. https://b170daab-c7cd-4412-9f55-0004f303c68d.my-devices.net/ Each device gets its unique host name (based on its unique ID) and bookmark-able URL.
  • 27. my-devices.net can be used for: > remote access to IoT gateways, data loggers and monitoring devices, e.g. in renewable energy (photovoltaics and wind energy plants), environmental monitoring, traffic and transport, etc. > smart metering (remote access to smart power meters or smart metering gateways) > remote access to mobile devices for data acquisition, tracking, fleet management, etc. > remote maintenance and servicing of consumer electronics, home/building automation and HVAC devices > remote maintenance and servicing of machines and industrial equipment > remote access to IP network cameras and DVRs > remote access to security and access control systems
  • 28. To get started with my-devices.net: > visit http://www.my-devices.net for more information > read the white paper at 
 http://www.my-devices.net/download/whitepaper/my-devices.net_WhitePaper.pdf > register for a free account and connect up to five of your own devices at
 http://www.my-devices.net/getstarted.html
  • 30. For more information, please visit: ! http://www.my-devices.net http://www.appinf.com Copyright © 2014-2015 by Applied Informatics Software Engineering GmbH. All rights reserved. Applied Informatics Software Engineering GmbH Maria Elend 143 9182 Maria Elend Austria 
 +43 4253 32596 | info@appinf.com