3. *
Anatomy of a Device
● Piece of hardware
● Built for a purpose
● Capable of a limited functionality
● Control interface
● Input/output
● Consumes power
4. *
Anatomy of a Device (Functional)
● Functional Capabilities (Actuators)
● Administration Capabilities (Management)
● Monitoring Capabilities (Sensor Data)
5. *
Modeling Device as an API
● Example : HTTP API
○ Temperature Sensor
■ http://{ip}/{locationid}/sensors/temperature1 - GET
○ Motor
■ http://{ip}/{locationid}/actuators/motor1/rotate/{turns}/
{direction} - GET
■ http://{ip}/{locationid}/actuators/motor1/status - GET
6. *
Benefits - Devices as APIs
● APIs - Standard Integration Pattern
○ Heterogenous devices
■ protocols, access control mechanisms, data
formats
● App Developers - Already familiar
programming paradigm
● Seamless Integration with existing systems
● Ability to re-user known Patterns for securing,
hardening APIs
● API Economy
7. *
Drivers for API Economy
● Mobile Applications
● Internal Innovation
● Unleash External Developer Innovation
● New Channels
● New Business Models
9. *
Open APIs vs Managed APIs
● Dumb API -> Intelligent API
● Authentication & Authorization
○ Subscription Management
○ Access Provisioning
● How to control access?
○ Throttling
● Monitoring & SLA
10. *
Why Manage Device API?
● Why?
○ Exposing raw device
○ With no control
● Managed API
○ proper access control
○ subscription capabilities
11. *
Devices Need More Capabilities..
● Throttling
● Caching
● Request Routing
● Buffering
● Stats collection & monitoring
● Alerting
● Decision Making
12. *
OAuth
● Standard for Authorization
● Provides client applications with secure,
delegated access to server resources on behalf
of resource owner
● Authorization based on a Token
13. *
Using API Tokens to secure Device
Access
● Device capabilities can be represented as
resources
● OAuth (2.0) tokens can be used to authorize
access to these resources
● Tokens can be easily revoked, refreshed
14. *
OAuth2 Based Model for Securing
Devices
● Registering a new Device Type
● Device Owner Registering a Device
● Device Publishing Sensor Data
● App Accessing Device (Controls)
● Device Polling for Pending Actions
20. *
API Management @ The Edge
● More closer to where device is
● Or inside device itself
● Several patterns
21. *
Pattern #1
End User
App
Device
Device is having full API
Management capabilities.
22. *
Pattern #2
End User
App
Authorization
Manager
Device
Device uses an
authorization server to
authorize access.
23. *
Pattern #3
End User
App
Device
Gateway
Authorization
Manager
Device
Having a Device gateway in
front of device. Device
gateway is exposed to
outside world.
24. *
Pattern #4
End User
App
Device
Gateway
Authorization
Manager
Statistics
Processing
Device
Device gateway publishing
device access statistics to a
separate (scalable)
processing engine.
25. *
Pattern #5
End User
App
Device
Gateway
Mediation/
Routing
Authorization
Manager
Statistics
Processing
Device
Having a mediation &
routing capabilities helps
to transform the messages
going back and forth from
device.
Routing helps to select the
correct device.
26. *
Pattern #6
End User
App
Device
Gateway
Mediation/
Routing
Device Queue
Authorization
Manager
Statistics
Processing
Device
Devices could be busy,
unavailable.
Having a Queue helps to
guarantee message
delivery to/from device.
27. *
Pattern #7
End User
App
Device
Gateway
Mediation/
Routing
Device Queue
Authorization
Manager
Statistics
Processing
Some devices are not built
with sufficient processing
capabilities. They could be
low powered ones.
A Device hub will help such
devices to be connected to
rest of the world.
Device Device
Device
Device Hub
Device
28. *
Pattern #8
End User
App
Device
Gateway
Mediation/
Routing
Device Queue
Authorization
Manager
Statistics
Processing
Device Management helps
to centrally manage large
number of devices
(common policies,etc)
Device Device
Device
Device Hub
Device
Device
Management
29. *
Pattern #9
End User
App
Device
Gateway
Mediation/
Routing
Device Queue
Identity
Management
Authorization
Manager
Statistics
Processing
Devices should also be
connected to existing
identity management
systems.
Device Device
Device
Device Hub
Device
Device
Management
30. *
API Traffic can be MASSIVE
Source : http://blog.programmableweb.com/2011/05/25/who-belongs-to-the-api-billionaires-club/
Source : http://blog.programmableweb.com/2011/05/25/who-belongs-to-the-api-billionaires-club/
31. *
Scaling for Billions of Devices
● Massive number of devices to be connected
● Devices represented as APIs
● Thus the need for scalable API Management