The document discusses the integration of consumer IoT devices into business workflows, highlighting the potential for automation and data processing in enterprise environments. It covers how to get involved with IoT, the use of various protocols and technologies for integration, and provides a detailed OAuth workflow for using device APIs. A specific use case of integrating health monitoring devices into insurance workflows is presented, emphasizing the benefits of reducing manual data entry.

1. Integrating Consumer IoT
Devices Into Business
Workflow
by Yakov Fain, Farata Systems

2. Farata Systems and SuranceBay
http://easy.insure
http://surancebay.com

3. Things are Sensors,
IoT - Connected Sensors

4. Yesterday’s Sensors
• 18 years ago. Telephony.
• I’ve been programming IoT!
• Do I want to program sensors again?

5. Today’s Sensors
SCIO: a molecular sensor that scans physical objects and
receives instant information to your smartphone.
http://www.consumerphysics.com/

6. Today’s sensors: Navdy
integrates a sensor with smartphone
https://www.navdy.com

7. Tomorrow: Streachable Wearables
epidermal electronics
Source: http://bit.ly/1uu0srr

8. Typical Consumer Device Setup
Smartphone
Device
Manufacturer’s
Server
Device

9. How to get involved with IoT?
Going after thousands of vendors of things?
Which protocols: MQTP, XMPP, CoAP?
Buy Raspberry Pi or Arduino?
Learn HomeKit and HealthKit from Apple?

10. How to get involved with IoT?
Creating an exensive cloud-based IoT
platform

11. How to get involved with IoT?
Create custom-made solutions
integrating things into an existing
business workflow.

13. Why?

14. Why?
Manual Data Entry

15. Enterprise IoT is about
automation of collecting and
processing data required in
the business workflow.

16. What we’re working on
• integrating consumer devices into insurance business
workflow
• leveraging existing software technologies
• creating a standard-based application layer that connects
things

17. Things Oriented Middleware (TOM)
• Build a layer in the middle of things.
• Use consumer things in enterprise applications. "
• Side benefit: being in the middle allows having valuable
data for analisys.

18. Medical Examiner’s Report

19. Medical Examiner’s Report
Removing Manual Entry

20. Fitbit: Typical Workflow
fitbit.com
XYZ protocol
XYZ protocol

21. Fitbit: Typical Workflow
fitbit.com
XYZ protocol
XYZ protocol
What’s XYZ?

22. Fitbit: Typical Workflow
fitbit.com
XYZ protocol
XYZ protocol
What’s XYZ?
Do we need to know?

23. What do we use for Integration
• RESTful Web services
• OAuth authentication
• WebSocket protocol
• JSON data format
• Java servers
• HTML5/JavaScript

24. What do we use for integration
• RESTful Web services
• OAuth authentication
• WebSocket protocol
• JSON data format
• Java servers
• HTML5/JavaScript
Our recent book

25. Use case: Integrating Scale and Blood Pressure Monitor
into insurance workflow
IHealth Blood
Pressure Monitor
Fitbit Scale
Aria

26. Integrating With Fitbit Scale: Take 1.
fitbit.com
My Front-End App
HTTP/Rest API
Weight:

27. Integrating With Fitbit Scale: Take 2.
fitbit.com
HTTP/Rest API
My Front-End App
Weight:
My Server
Data push Polling/Pub-Sub
via
WebSocket

28. Integrating With Fitbit and iHealthLabs.
fitbit.com
Weight:
iHealthLabs.com
HTTP/
Rest API
Blood Pressure:
HTTP/Rest API
Data push
via
WebSocket
My Front-End App
My Server

29. Adding OAuth Authentication
fitbit.com
My Front-End App
Weight:
iHealthLabs.com
HTTP/
Rest API
Blood Pressure:
HTTP/Rest API
Secret+key from
each device
vendor
My Server
Data push
via
WebSocket

30. OAuth: Authorization Check Delegation

31. The OAuth Workflow
• My company builds an app to use the thing’s API (e.g. with REST )

32. The OAuth Workflow
• My company builds an app to use the thing’s API (e.g. with REST )
• My company registers the app with the thing’s vendor and receives an id and
a secret.

33. The OAuth Workflow
• My company builds an app to use the thing’s API (e.g. with REST )
• My company registers the app with the thing’s vendor and receives an id
and a secret.
• The thing’s owner opens my app and logs into thing’s vendor site.

34. The OAuth Workflow
• My company builds an app to use the thing’s API (e.g. with REST )
• My company registers the app with the thing’s vendor and receives an id
and a secret.
• The thing’s owner opens the my app and logs into thing’s vendor site.
• My app receives temp credentials from the thing’s vendor and the user has to
authorize my app.

35. The OAuth Workflow
• My company builds an app to use the thing’s API (e.g. with REST )
• My company registers the app with the thing’s vendor and receives an id and
a secret.
• The thing’s owner opens my app and logs into thing’s vendor site.
• My app receives temp credentials from the thing’s vendor and the user has to
authorize my app.
• The vendor redirects the user to my app and provides the authorization token.

36. The OAuth Workflow
• My company builds an app to use the thing’s API (e.g. with REST )
• My company registers the app with the thing’s vendor and receives an id and
a secret.
• The thing’s owner opens the my app and logs into thing’s vendor site.
• My app receives temp credentials from the thing’s vendor and the user has to
authorize my app.
• The vendor redirects the user to my app and provides the authorization token.
• My app uses the token for all requests to the thing’s vendor.

37. © 2014 Farata Systems
What’s WebSocket
• Standardized full-duplex low overhead protocol.
• Client-side API: Web browsers come with
window.WebSocket object.
• Server-side API: we use Java EE 7 servers

38. What about security?
• We don’t deal with security between the thing and its
vendor.
• Our apps are as as secure as any other app that uses
OAuth/REST services.

39. Demo: removingmanual entry of blood
pressure and weight measurements.

40. Contact Info and Links
• email: yfain@faratasystems.com"
• Farata Systems: faratasystems.com"
• SuranceBay: surancebay.com"
• Find and rate insurance agents: easy.insure "
• Twitter: @yfain"
• Personal blog: yakovfain.com