This document discusses technical issues and the proposed Webinos architecture for addressing them. It identifies needs such as open governance to avoid vendor lock-in, standardizing security and offline functionality, and enabling devices and applications to communicate across platforms. The Webinos architecture proposes personal agents (PZH and PZP) to manage user identity, policy, context and routing across devices. It uses JSON-RPC and a lightweight protocol to allow even resource-constrained "things" to connect to the internet securely and interact. The goal is to give users control over their data and allow innovative sharing of data and applications between devices.

1. Issues & Architecture
from a technical perspective
by Nick Allott, Impleo
Webinos Technical Coordinator
w w w. w e b i n o s . o r g
1

2. We need communal
innovation
Innovate in Private Innovate Collaboratively
Negotiate
Standardise
Standardise
Speed and Open Source

3. We need open
governance framework
 Where we are in mobile
 Chrome: Google dominance
 Android: Google dominance
 Webkit: Apple dominance
 WAC: Operator dominance
 Meego: Nokia dominance
 Limo: Samsung dominance
Adoption requires balance

4. We need to give the web
APIs
APIs
Browser
Web is

5. We need standardised
security
Developer App Store Device
App App App
intent intent intent
signature signature
permission
Without standardised security
HTML5 will be siloed ecosystem
Cannot port apps between devices
Security risk profile will be greater (cognitive load)

6. We need better offline
functionality
 Requirements for offline
– Native OS level file access
– Secure file access
– Synchronised file structures
– Binary file management
EU cyber-security Agency ENISA flags security fixes - http://bit.ly/pgvuk3
Defcon Abusing HTML5 - http://bit.ly/nYWp9I
W3C New browsing group - http://bit.ly/lgABrI

7. We need better network
behaviour
 HTTP was not design as a transport for
programming messages
 XHR is chatty and inefficient
 Too many TCP Connections
 Operators Urge Action Against Chatty
Apps http://bit.ly/mR34k0

8. We need network
innovation
 Need mutual authentication
 User authentication
 Device authentication
 Application identity
– What is a user agent…….?
 Platform attestation
 Safe session IDs

9. We need our devices to
talk to each other
All devices
Talk to each other
Connect when there is
no internet
Even M2M – the
internet of things

10. We need to be able to
“share” “stuff”
“socially” “securely”
 I want to share data with “my” social
network
 With any application I choose
 Over any service I choose
 I want to be able to revoke that permission
 I want to control what I disclose
 I want access to rich context
Calendar sharing user case is perfect example
Why do I need an intermediate service

11. We need to give
consumers control over
their data
G Advertisers
Website A
Users
Users NO Advertisers
Users
Users Consent Website
G
A Consent Google Consent
G Advertisers
Website A
No Consent

12. We need it all to work
together
Interoperability
Ubiquity

13. WEBINOS ARCHITECTURE

14. Personal Agent
PZH
Authentication Certs
User Tokens
App IDs
Service IDs
Routing
Friend IDs
Personal Agent is you –
Policy when your not online
Context PZH can receive messages on
your behalf
PZH is an authority you can
Messaging
Sync JSON-RPC authorise yourself against
Sync
TLS
Packets Packets PZH manages: sync, context,
message routing, data and
policy
PZP PZP: does what a PZH does
Authentication Certs
when the PZH is not there
User Tokens
App IDs
Service IDs Routing
Friend IDs
Policy
Context

15. Different webinos
processors – and bearers
Smart Device with WRT
Webinos client
Bearers WRT PZP
API
Routing
Wireless
Bluetooth Dumb Device No WRT
Zigbe PZP
API
RFID Routing
USB
Other…
Super Dumb Device No WRT No
PZP
API

16. New Networking Model
Server Server
Symmetric
Asymmetric Mutually
JSON - RPC
Unilateral authenticated T
authentication
Padded H Streamlined L
User ID
Multiple T Device ID
S
connections T App ID
Manual javascript
bindings
P Multiplexed
Integrated
Javascript
bindings
Client Client

17. Local and Remote APIs
Remote Browser
OR
PZP
Widget Runtime
JSON RPC
Contacts-API
Location-API
Sensor-API
Gallery-API
File-API
Local Browser
OR
Widget Runtime

18. Internet of Things
Web The webinos model gives
Server PZP
a lightweight protocol for
Policy “things” to connect to the
Internet (securely) and
issue and respond to
events with well defined
semantics
JSON RPC
Web John: PZH Secure
Session
Browser Policy

19. Sharing and Distributed
Policy
Nick: PZH John: PZH
Policy Policy
Nick: PZP John: PZP
Policy Policy
->GetLocation()

20. Device Side TLS
ArchitecturePZP Node.js
Session Manager Widget Manager
Messaging Manager Context Manager
Chromium or QT
WRT Routing Messaging User Data Device
Storage Manager
Binding Policy Manager
WebSocket Storage
Sync Manager
Local Discovery Manager
bindings
RPC
API manager Native Discovery
Javascript Engine
Mechanisms
V8 Native C
Native OS
APIs
APIs
APIs
APIs
APIs
Drivers

21. To Follow or Contact webinos
 Website http://webinos.org/
 Contact hello@webinos.org
 http://www.linkedin.com/groups/webinos-3387786
 http://twitter.com/webinosproject
 http://www.facebook.com/webinosproject
21