Issues in the Web Application Landscape and webinos Architecture


Published on

Issues in today’s web applications landscape and solutions proposed by the webinos Architecture.

Published in: Technology
1 Comment
  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Issues in the Web Application Landscape and webinos Architecture

  1. 1. Issues & Architecture from a technical perspectiveby Nick Allott, ImpleoWebinos Technical Coordinator w w w. w e b i n o s . o r g 1
  2. 2. We need communalinnovation Innovate in Private Innovate Collaboratively Negotiate Standardise Standardise Speed and Open Source
  3. 3. We need opengovernance framework Where we are in mobile Chrome: Google dominance Android: Google dominance Webkit: Apple dominance WAC: Operator dominance Meego: Nokia dominance Limo: Samsung dominance Adoption requires balance
  4. 4. We need to give the webAPIs APIs Browser Web is
  5. 5. We need standardisedsecurity Developer App Store Device App App App intent intent intent signature signature permission Without standardised security HTML5 will be siloed ecosystem Cannot port apps between devices Security risk profile will be greater (cognitive load)
  6. 6. We need better offlinefunctionality Requirements for offline – Native OS level file access – Secure file access – Synchronised file structures – Binary file management EU cyber-security Agency ENISA flags security fixes - Defcon Abusing HTML5 - W3C New browsing group -
  7. 7. We need better networkbehaviour HTTP was not design as a transport for programming messages XHR is chatty and inefficient Too many TCP Connections Operators Urge Action Against Chatty Apps
  8. 8. We need networkinnovation Need mutual authentication User authentication Device authentication Application identity – What is a user agent…….? Platform attestation Safe session IDs
  9. 9. We need our devices totalk to each other All devices Talk to each other Connect when there is no internet Even M2M – the internet of things
  10. 10. We need to be able to“share” “stuff”“socially” “securely” I want to share data with “my” social network With any application I choose Over any service I choose I want to be able to revoke that permission I want to control what I disclose I want access to rich context Calendar sharing user case is perfect example Why do I need an intermediate service
  11. 11. We need to give consumers control over their data G Advertisers Website AUsersUsers NO Advertisers Users Users Consent Website G A Consent Google Consent G Advertisers Website A No Consent
  12. 12. We need it all to worktogether Interoperability Ubiquity
  14. 14. Personal Agent PZH Authentication Certs User Tokens App IDs Service IDs Routing Friend IDs Personal Agent is you – Policy when your not online Context PZH can receive messages on your behalf PZH is an authority you can Messaging Sync JSON-RPC authorise yourself against SyncTLS Packets Packets PZH manages: sync, context, message routing, data and policy PZP PZP: does what a PZH does Authentication Certs when the PZH is not there User Tokens App IDs Service IDs Routing Friend IDs Policy Context
  15. 15. Different webinosprocessors – and bearers Smart Device with WRT Webinos client Bearers WRT PZP API Routing Wireless Bluetooth Dumb Device No WRT Zigbe PZP API RFID Routing USB Other… Super Dumb Device No WRT No PZP API
  16. 16. New Networking Model Server Server SymmetricAsymmetric Mutually JSON - RPCUnilateral authenticated TauthenticationPadded H Streamlined L User IDMultiple T Device ID Sconnections T App IDManual javascriptbindings P Multiplexed Integrated Javascript bindings Client Client
  17. 17. Local and Remote APIs Remote Browser OR PZP Widget Runtime JSON RPC Contacts-API Location-API Sensor-API Gallery-API File-API Local Browser OR Widget Runtime
  18. 18. Internet of Things Web The webinos model gives Server PZP a lightweight protocol for Policy “things” to connect to the Internet (securely) and issue and respond to events with well defined semantics JSON RPC Web John: PZH Secure Session Browser Policy
  19. 19. Sharing and DistributedPolicy Nick: PZH John: PZH Policy Policy Nick: PZP John: PZP Policy Policy ->GetLocation()
  20. 20. Device Side TLSArchitecturePZP Node.js Session Manager Widget Manager Messaging Manager Context Manager Chromium or QTWRT Routing Messaging User Data Device Storage Manager Binding Policy Manager WebSocket Storage Sync Manager Local Discovery Manager bindings RPC API manager Native Discovery Javascript Engine Mechanisms V8 Native C Native OS APIs APIs APIs APIs APIs Drivers
  21. 21. To Follow or Contact webinos Website Contact 21