Post on 08-Sep-2014
description
API Managementand
Internet of Things
Sumedha RubasingheDirector, API Architecture
**
Things, Devices
Source: http://www.control4.com/blog/2014/03/the-internet-of-things-and-the-connected-home
**
APIsSource : http://blog.programmableweb.com/2011/05/25/who-belongs-to-the-api-billionaires-club/
Source : http://blog.programmableweb.com/2011/05/25/who-belongs-to-the-api-billionaires-club/
**
Anatomy of a Device
● Piece of hardware● Built for a purpose● Capable of a limited functionality● Control interface● Input/output● Power
**
Apps & APIs
**
Drivers for API Economy
● Mobile Applications● Internal Innovation● Unleash External Developer Innovation● New Channels● New Business Models
**
API Management
● Dumb API -> Intelligent API● Authentication & Authorization○ Subscription Management○ Access Provisioning
● How to control access?○ Throttling
● Monitoring & SLA
**
Devices as APIs
● will provide more creative combinations of Apps
**
Anatomy of a Device (Functional)
● Functional Capabilities● Administration Capabilities● Monitoring Capabilities
**
Need of standard access layer (API)
● Heterogeneous Devices● In large numbers too● Proprietary ...○ Protocols○ Access Control Mechanisms○ Data Models
**
Modeling Device capabilities as HTTP Resources● Temperature Sensor
○ http://{ip}/{locationid}/sensors/temperature1 - GET
● Motor○ http://{ip}/{locationid}/actuators/motor1/rotate/{turns}/
{direction} - GET○ http://{ip}/{locationid}/actuators/motor1/status - GET
**
Using OAuth2 to Authorize Device Access● OAuth2● Token per Sensor endpoint● Token provisioning● Revocation/Refreshing
**
API should be ‘Managed’
● Why?○ Exposing raw device○ With no control
● Managed API○ proper access control○ subscription capabilities
**
Devices need more services..
● Throttling● Caching● Request Routing● Buffering● Stats collection & monitoring● Alerting● Decision Making
**
API Management @ the edge
● More closer to where device is● Or inside device itself● Several patterns
**
Pattern #1
Device
Single device, having all API Management capabilities.
**
Pattern #2
Authorization Manager
Device
1
2
**
Pattern #3
Apps End Users Devices
Device Gateway/Authorization
Device
1
2
4
3
**
Pattern #4
Apps End Users Devices
DeviceGateway
Authorization Manager
Device
Stats Collection & Processing
1
2
3
6
5
4
**
Pattern #5
Apps End Users Devices
DeviceGateway
Mediation/Routing
Authorization Manager
Device
Stats Collection & Processing
1
2
3
4
8
7
6
5
**
Pattern #6Apps End Users Devices
DeviceGateway
Mediation/Routing
Authorization Manager
MessageQueue
Device
Stats Collection & Processing
1
2
3
4
5
9
8
7
6
10
**
Pattern #7Apps End Users Devices
DeviceGateway
Mediation/Routing
Authorization Manager
MessageQueue
Device
Identity Mgt
Stats Collection
& Processing
DeviceManagement
Device Device Device
Register
1
2
3
4
5
9
8
7
6
10
RegisterRegister
Register
**
WSO2 Platform Support
● API Manager● Identity Server● Business Activity Monitor● Complex Event Processor● Enterprise Mobility Manager● Enterprise Service Bus● Support for Cloud
**
Barcelona Digital - Case Study
Contact us !