A Cloud-Centric Ecosystem Approach to Ease IoT Development
-
Upload
yujing-wu -
Category
Technology
-
view
451 -
download
3
Transcript of A Cloud-Centric Ecosystem Approach to Ease IoT Development
![Page 1: A Cloud-Centric Ecosystem Approach to Ease IoT Development](https://reader031.fdocuments.in/reader031/viewer/2022030303/587b11251a28abb15c8b66c1/html5/thumbnails/1.jpg)
________________________________________________________________________
#IoTDevCon@artikcloud#IoTDevCon
A cloud-centric ecosystem approach to ease IoT development
www.iot-devcon.com
Yujing WuDeveloper Evangelist
Oleg Gryb Sr. Manager in Security
![Page 2: A Cloud-Centric Ecosystem Approach to Ease IoT Development](https://reader031.fdocuments.in/reader031/viewer/2022030303/587b11251a28abb15c8b66c1/html5/thumbnails/2.jpg)
________________________________________________________________________
#IoTDevCon@artikcloud#IoTDevCon
artik.cloud
As a device developer, you created an innovative thing…
![Page 3: A Cloud-Centric Ecosystem Approach to Ease IoT Development](https://reader031.fdocuments.in/reader031/viewer/2022030303/587b11251a28abb15c8b66c1/html5/thumbnails/3.jpg)
________________________________________________________________________
#IoTDevCon@artikcloud#IoTDevCon
Step 1: Connect the new awesome device to the Internet
artik.cloud
A lot of options to implement a system where this device interacts with apps/things created by YOU
![Page 4: A Cloud-Centric Ecosystem Approach to Ease IoT Development](https://reader031.fdocuments.in/reader031/viewer/2022030303/587b11251a28abb15c8b66c1/html5/thumbnails/4.jpg)
________________________________________________________________________
#IoTDevCon@artikcloud#IoTDevCon
artik.cloud
Step 2: How to make it smart?
o Make it interact with many other things from different vendors
o Customized integration with each of other things is not scalable and not future proof
![Page 5: A Cloud-Centric Ecosystem Approach to Ease IoT Development](https://reader031.fdocuments.in/reader031/viewer/2022030303/587b11251a28abb15c8b66c1/html5/thumbnails/5.jpg)
________________________________________________________________________
#IoTDevCon@artikcloud#IoTDevCon
Today: IoT = collections of silo systems
artik.cloud
![Page 6: A Cloud-Centric Ecosystem Approach to Ease IoT Development](https://reader031.fdocuments.in/reader031/viewer/2022030303/587b11251a28abb15c8b66c1/html5/thumbnails/6.jpg)
________________________________________________________________________
#IoTDevCon@artikcloud#IoTDevCon
New Smart City Service
New Smart Building App
New Home Security Service
Not Yet Invented
artik.cloud
Vision: Connect EVERYTHING and enable …
![Page 7: A Cloud-Centric Ecosystem Approach to Ease IoT Development](https://reader031.fdocuments.in/reader031/viewer/2022030303/587b11251a28abb15c8b66c1/html5/thumbnails/7.jpg)
________________________________________________________________________
#IoTDevCon@artikcloud#IoTDevCon
artik.cloud
Realize vision: IoT Open data exchange platform
Data Sources Applications
New class of applicationsservices
Make connections, not silos.
Any device Any cloudAny data
Rich Open APIs
Devices, apps, and services easily work together cross vendors and vertical markets.Cloud is the best place to achieve this level of interoperability
![Page 8: A Cloud-Centric Ecosystem Approach to Ease IoT Development](https://reader031.fdocuments.in/reader031/viewer/2022030303/587b11251a28abb15c8b66c1/html5/thumbnails/8.jpg)
________________________________________________________________________
#IoTDevCon@artikcloud
artik.cloud
#IoTDevCon
• Three capabilities make interoperability possibleo Device Manifesto Diverse ways to interact with devices and 3rd party
cloudso Powerful cross-silo rule engine
![Page 9: A Cloud-Centric Ecosystem Approach to Ease IoT Development](https://reader031.fdocuments.in/reader031/viewer/2022030303/587b11251a28abb15c8b66c1/html5/thumbnails/9.jpg)
________________________________________________________________________
#IoTDevCon@artikcloud#IoTDevCon
artik.cloud
o Accept diverse type of datao Expose data format/capability of a device type to other
developers
Brings in data from devices: device Manifest
![Page 10: A Cloud-Centric Ecosystem Approach to Ease IoT Development](https://reader031.fdocuments.in/reader031/viewer/2022030303/587b11251a28abb15c8b66c1/html5/thumbnails/10.jpg)
________________________________________________________________________
#IoTDevCon@artikcloud
artik.cloud
#IoTDevCon
Multiple ways for a device to communicate:o RESTo WebSocketo MQTTo CoAP
![Page 11: A Cloud-Centric Ecosystem Approach to Ease IoT Development](https://reader031.fdocuments.in/reader031/viewer/2022030303/587b11251a28abb15c8b66c1/html5/thumbnails/11.jpg)
________________________________________________________________________
#IoTDevCon@artikcloud#IoTDevCon
artik.cloud
o Cloud Connectoro Subscription and
Notificationo Build your
custom integration
Cloud Connector
Brings in data from 3rd party clouds
![Page 12: A Cloud-Centric Ecosystem Approach to Ease IoT Development](https://reader031.fdocuments.in/reader031/viewer/2022030303/587b11251a28abb15c8b66c1/html5/thumbnails/12.jpg)
________________________________________________________________________
#IoTDevCon@artikcloud#IoTDevCon
o Manage rules through use portal o Manage rules programmatically through API calls
Make devices interact: rules engine
![Page 13: A Cloud-Centric Ecosystem Approach to Ease IoT Development](https://reader031.fdocuments.in/reader031/viewer/2022030303/587b11251a28abb15c8b66c1/html5/thumbnails/13.jpg)
________________________________________________________________________
#IoTDevCon@artikcloud#IoTDevCon
artik.cloud
vendor A
vendor B
vendor C
Open data exchange platform
Open Ecosystemo Build comprehensive solutions without integration pain
o Applications from A use devices built by B and Co Devices built by B and C are exposed to developers from other
companieso Each of the players focuses on what they do best
![Page 14: A Cloud-Centric Ecosystem Approach to Ease IoT Development](https://reader031.fdocuments.in/reader031/viewer/2022030303/587b11251a28abb15c8b66c1/html5/thumbnails/14.jpg)
________________________________________________________________________
#IoTDevCon@artikcloud
artik.cloud
#IoTDevCon
RESTwebsocket
mqtt
coap
websocket
Have flexibility when implementing the system to talk to ARTIK Cloud
Cloud ConnectorSubscribe & Notify
![Page 15: A Cloud-Centric Ecosystem Approach to Ease IoT Development](https://reader031.fdocuments.in/reader031/viewer/2022030303/587b11251a28abb15c8b66c1/html5/thumbnails/15.jpg)
________________________________________________________________________
#IoTDevCon@artikcloud#IoTDevCon
Secure Device Registration Protocol
www.iot-devcon.com
Yujing WuDeveloper Evangelist
Oleg Gryb Sr. Manager in Security
![Page 16: A Cloud-Centric Ecosystem Approach to Ease IoT Development](https://reader031.fdocuments.in/reader031/viewer/2022030303/587b11251a28abb15c8b66c1/html5/thumbnails/16.jpg)
________________________________________________________________________
#IoTDevCon@artikcloud#IoTDevCon
Artik Cloud Security Team and Security Process
artik.cloud
![Page 17: A Cloud-Centric Ecosystem Approach to Ease IoT Development](https://reader031.fdocuments.in/reader031/viewer/2022030303/587b11251a28abb15c8b66c1/html5/thumbnails/17.jpg)
________________________________________________________________________
#IoTDevCon@artikcloud#IoTDevCon
Secure Device Registration – Problems we Solve
• Secure device identification• Secure device authentication• Secure user and device paring• Preventing device spoofing by other devices or
HTTP clients
artik.cloud
![Page 18: A Cloud-Centric Ecosystem Approach to Ease IoT Development](https://reader031.fdocuments.in/reader031/viewer/2022030303/587b11251a28abb15c8b66c1/html5/thumbnails/18.jpg)
________________________________________________________________________
#IoTDevCon@artikcloud#IoTDevCon
What we use to solve it:• A private key and a certificate signed by a trusted CA• Certificate associated with the private key
guarantees device authenticity • TLS with mutual authentication prevents spoofing
and provided a reliable device authentication• Each device should have a unique certificate within
a given vendor to achieve our goal• CA certificate should be trusted in Artik Cloud
artik.cloud
![Page 19: A Cloud-Centric Ecosystem Approach to Ease IoT Development](https://reader031.fdocuments.in/reader031/viewer/2022030303/587b11251a28abb15c8b66c1/html5/thumbnails/19.jpg)
________________________________________________________________________
#IoTDevCon@artikcloud#IoTDevCon
Secure User Auth and Pairing w/ Device• User should be authenticated against Artik
Cloud to be able to register a device• Artik Cloud generates a challenge code• User needs to enter this code at Artik Cloud
portal to complete the registration
artik.cloud
![Page 20: A Cloud-Centric Ecosystem Approach to Ease IoT Development](https://reader031.fdocuments.in/reader031/viewer/2022030303/587b11251a28abb15c8b66c1/html5/thumbnails/20.jpg)
________________________________________________________________________
#IoTDevCon@artikcloud#IoTDevCon
artik.cloud
![Page 21: A Cloud-Centric Ecosystem Approach to Ease IoT Development](https://reader031.fdocuments.in/reader031/viewer/2022030303/587b11251a28abb15c8b66c1/html5/thumbnails/21.jpg)
________________________________________________________________________
#IoTDevCon@artikcloud#IoTDevCon
Security Considerations• We use TLS 1.2 with mutual client/server auth• We use GCM block ciphers to avoid CBC
weakness and attacks like beast• Symmetric cipher is AES-128. This is to reduce
the load on device, hash – SHA256• ECDHE with EC brainpoolP256r1
artik.cloud
![Page 22: A Cloud-Centric Ecosystem Approach to Ease IoT Development](https://reader031.fdocuments.in/reader031/viewer/2022030303/587b11251a28abb15c8b66c1/html5/thumbnails/22.jpg)
________________________________________________________________________
#IoTDevCon@artikcloud#IoTDevCon
Demo
artik.cloud
![Page 23: A Cloud-Centric Ecosystem Approach to Ease IoT Development](https://reader031.fdocuments.in/reader031/viewer/2022030303/587b11251a28abb15c8b66c1/html5/thumbnails/23.jpg)
________________________________________________________________________
#IoTDevCon@artikcloud#IoTDevCon
Getting a PINsdrclient -cert artik_dev1.cer -key artik_dev1.key -dtid dtc5ecf0abccaa428c853e144c964ad727 -vdid vd01 –reg s-api.artik.cloud …sdrapi(sdrpost): Sending reg request: sdrclient: Got pin, enter it to a browser: pin=NBSYL5SG
artik.cloud
![Page 24: A Cloud-Centric Ecosystem Approach to Ease IoT Development](https://reader031.fdocuments.in/reader031/viewer/2022030303/587b11251a28abb15c8b66c1/html5/thumbnails/24.jpg)
________________________________________________________________________
#IoTDevCon@artikcloud#IoTDevCon
artik.cloud
![Page 25: A Cloud-Centric Ecosystem Approach to Ease IoT Development](https://reader031.fdocuments.in/reader031/viewer/2022030303/587b11251a28abb15c8b66c1/html5/thumbnails/25.jpg)
________________________________________________________________________
#IoTDevCon@artikcloud#IoTDevCon
To send data you can use a command like this:sdrclient -key artik_dev1.key \-cert artik_dev1.cer -data \ '{"sdid":"9be9867e8ca94125a233e271d7150ff0","data":{"data":"testdata"}}’ \ -token ac63daad3c874a08bdf7c7819c74aea9 -v
artik.cloud
![Page 26: A Cloud-Centric Ecosystem Approach to Ease IoT Development](https://reader031.fdocuments.in/reader031/viewer/2022030303/587b11251a28abb15c8b66c1/html5/thumbnails/26.jpg)
________________________________________________________________________
#IoTDevCon@artikcloud#IoTDevCon
Conclusion• Not all IoT devices are equal security wise• But you do need to think about secure
protocols when data is sensitive (e.g. medical applications)
artik.cloud
![Page 27: A Cloud-Centric Ecosystem Approach to Ease IoT Development](https://reader031.fdocuments.in/reader031/viewer/2022030303/587b11251a28abb15c8b66c1/html5/thumbnails/27.jpg)
________________________________________________________________________
#IoTDevCon@artikcloud#IoTDevCon
Thanks for coming!
Got questions? Talk to us after the presentation
Find us at https://artik.cloud
Follow us on Twitter and LinkedInOfficial twitter account: @artikcloudYujing: @yujingwu https://www.linkedin.com/in/yujingwu
Oleg: @oleggryb https://www.linkedin.com/in/ogryb
artik.cloud