API Managementand

Internet of Things

Sumedha RubasingheDirector, API Architecture

**

Things, Devices, IoT

Source: http://www.control4.com/blog/2014/03/the-internet-of-things-and-the-connected-home

**

Anatomy of a Device

● Piece of hardware● Built for a purpose● Capable of a limited functionality● Control interface● Input/output● Consumes power

**

Anatomy of a Device (Functional)

● Functional Capabilities (Actuators)● Administration Capabilities (Management)● Monitoring Capabilities (Sensor Data)

**

Modeling Device as an API

● Example : HTTP API○ Temperature Sensor

■ http://{ip}/{locationid}/sensors/temperature1 - GET

○ Motor■ http://{ip}/{locationid}/actuators/motor1/rotate/{turns}/

{direction} - GET■ http://{ip}/{locationid}/actuators/motor1/status - GET

**

Benefits - Devices as APIs

● APIs - Standard Integration Pattern○ Heterogenous devices■ protocols, access control mechanisms, data

formats● App Developers - Already familiar

programming paradigm● Seamless Integration with existing systems● Ability to re-user known Patterns for securing,

hardening APIs● API Economy

**

Drivers for API Economy

● Mobile Applications● Internal Innovation● Unleash External Developer Innovation● New Channels● New Business Models

**

Apps & APIs

**

Open APIs vs Managed APIs

● Dumb API -> Intelligent API● Authentication & Authorization○ Subscription Management○ Access Provisioning

● How to control access?○ Throttling

● Monitoring & SLA

**

Why Manage Device API?

● Why?○ Exposing raw device○ With no control

● Managed API○ proper access control○ subscription capabilities

**

Devices Need More Capabilities..

● Throttling● Caching● Request Routing● Buffering● Stats collection & monitoring● Alerting● Decision Making

**

OAuth

● Standard for Authorization● Provides client applications with secure,

delegated access to server resources on behalf of resource owner

● Authorization based on a Token

**

Using API Tokens to secure Device Access● Device capabilities can be represented as

resources● OAuth (2.0) tokens can be used to authorize

access to these resources● Tokens can be easily revoked, refreshed

**

OAuth2 Based Model for Securing Devices● Registering a new Device Type● Device Owner Registering a Device● Device Publishing Sensor Data● App Accessing Device (Controls)● Device Polling for Pending Actions

**

Registering a New Device Type

**

Owner Claiming a Device

**

Device Publishing Sensor Data

**

App Accessing Device

**

Device Polling for Pending Actions

**

API Management @ The Edge

● More closer to where device is● Or inside device itself● Several patterns

**

Pattern #1

App

End User

Device

Device is having full API Management capabilities.

**

Pattern #2

Authorization Manager

App

End User

Device

Device uses an authorization server to authorize access.

**

Pattern #3

Device Gateway

App

End User

Authorization Manager

Device

Having a Device gateway in front of device. Device gateway is exposed to outside world.

**

Pattern #4

Device Gateway

App

End User

Authorization Manager

Statistics Processing

Device

Device gateway publishing device access statistics to a separate (scalable) processing engine.

**

Pattern #5

Mediation/ Routing

Device Gateway

App

End User

Authorization Manager

Statistics Processing

Device

Having a mediation & routing capabilities helps to transform the messages going back and forth from device.

Routing helps to select the correct device.

**

Pattern #6

Device Queue

Mediation/ Routing

Device Gateway

App

End User

Authorization Manager

Statistics Processing

Device

Devices could be busy, unavailable.

Having a Queue helps to guarantee message delivery to/from device.

**

Pattern #7

Device Queue

Mediation/ Routing

Device Gateway

App

End User

Authorization Manager

Statistics Processing

Device

Some devices are not built with sufficient processing capabilities. They could be low powered ones.

A Device hub will help such devices to be connected to rest of the world.

Device Hub

Device

DeviceDevice

**

Pattern #8

Device Queue

Mediation/ Routing

Device Gateway

App

End User

Authorization Manager

Statistics Processing

Device

Device Management helps to centrally manage large number of devices (common policies,etc)

Device Hub

Device

DeviceDevice

Device Management

**

Pattern #9

Device Queue

Mediation/ Routing

Device Gateway

App

End User

Authorization Manager

Statistics Processing

Device

Devices should also be connected to existing identity management systems.

Device Hub

Device

DeviceDevice

Device Management

Identity Management

**

API Traffic can be MASSIVESource : http://blog.programmableweb.com/2011/05/25/who-belongs-to-the-api-billionaires-club/

Source : http://blog.programmableweb.com/2011/05/25/who-belongs-to-the-api-billionaires-club/

**

Scaling for Billions of Devices

● Massive number of devices to be connected● Devices represented as APIs● Thus the need for scalable API Management

**

Barcelona Digital - Case Study

Contact us !