manage your mesh
TRANSCRIPT
Manage Your MeshSecuring Public Cloud IoT APIs, and Building Private Mesh Trust Domains and Enclaves of Privacy to Integrate a Mesh of “Things” with Integrity & Availability
[email protected]: @iryanb
APIs are for any “Thing”and they don’t always belong on the Internet
IoT Mesh
Wiring Things to Arduinos
D1: 2.6 Volt RED LED & 330 Ohm Resistor
A0: 3V Volt Motor & 330 Ohm Resistor
Tinkering With Things
Turn on BuzzerTurn on Motor
Programming Things – Protect the Flash API
The First Step to Managing your Mesh is with an API Gateway
Gateway
Security
Authentication
Protection
IAM Integration
Encryption
Mediation
Quality of
Service
Paging/Caching
Orchestration
Scripting
Public IoT Mesh
Private Mesh
ProTip:Customer Premise Equipment such as a WiFi Router or Cablebox should filter API traffic with an embedded gateway
Logical Mesh Management Architecture
Private Mesh
https://iot.mymesh.net/mynet/status
or
https://skynet.im/status
https://p0st3r.broker.soa.com/v1/skynet/status
Public IoT Mesh
Use Gateways in the Cloud & Privately
Private Mesh“Badge Readers”
Private Mesh“Department X”
Public Mesh
Public, Private, Hybrid
API Policy Configuration Templates
Operational Policies o API Consumer Application Security Policyo API DDoS & Malicious Code Protection o Aggregate Policyo Authentication Policyo Authorization Policyo ICAP Antivirus Integration Policyo Cache Policyo HTTP Security Policyo OAuth Security Policyo Paging Policyo Pipeline Policyo WS-Security Asymmetric Binding Policy o WS-Security Message Policyo WS-Security Supporting Tokens Policyo WS-Security Symmetric Binding Policyo WS-Security Transport Binding Policyo WS-Addressing Policyo WS-Auditing SOAP Message Policyo WS-Auditing SOAP Service Policyo WS-Auditing Service Policyo WS-Auditing Transaction Tracking Policyo XML Policy
Quality Of Service Policieso Bandwidth Quota Policyo Concurrency Quota Policyo Script Policyo Service Level Enforcement Policyo Service Level Policyo Throughput Quota Policyo Timeout Policy
Compliance Policies o Aggregateo Scripto WSI BPo XQuery
Design Complex Process Orchestrations
Execute JavaScript on the API Gateway to Modify Request and Response Data and to invoke APIs with Branching conditions for Content Based Routing and API Response Aggregation
Monitor the Mesh
Manage Mobile App Access To Your Mesh with a Developer Portal
• A social developer engagement platform
• Integrated API documentation• App access provisioning and
monitoring• Integrated discussion and newsfeeds• Trouble ticket management• Search with full content indexing• API and App privacy and group
management – essential for B2B and partner APIs
• Federation to enable new business models
Multisite MeshesInternet Zero Trust (I0T) Architecture
IoT Mesh
IoT MeshIoT Mesh
Demo / Q&A
Restrict IoT API Operations with Scope Mappings
Manage Acceptance of API Legal Agreements
Quickly Test API OAuth Client App Integration
Verify Public Scope Tokens Cannot Access Private Scoped Operations
Enforce SLAs to Throttle Requests Per Minute
Manage IoT API Documentation with Swagger
Generate Self-Service IoT API Usage Reports
Generate Self-Service IoT API Usage Reports
Generate Self-Service IoT API Usage Reports
Generate Self-Service IoT API Usage Reports
Generate Self-Service IoT API Usage Reports
View Alerts and Participate in Discussion Boards