Skip to content
ziransun edited this page Aug 21, 2018 · 4 revisions

End to End Web IoT Demo: Design Concept and Architecture

Introduction

Imagine that you are on your way to a rented holiday home you have booked. The weather is changing and you might start wondering about temperature settings in the holiday home. A question might pop up in you mind: “Can I change the holiday home settings to my own preference before reaching there?”

The End to end Web IoT demo is designed to allow an authorized user to access “things” that might be owned by another person, locally and remotely. The design of the demo intends to address “Privacy by design” principle that has been advocated by GDPR. GDPR is a new European Regulation on personal privacy. It has come into force across European Union (EU) and the European Economic Area (EEA) since from the 25th of May 2018. GDPR has far-reaching consequences on how personal data is collected, stored and used in the Internet of Things (IoT) world and across the web. Now it is law for IoT solutions to be GDPR compliant in EU and EEA!

Demo Architecture

Overview

The demo has three parts: the home gateway that runs Mozilla gateway framework, Webthings (or “things”) that connect to gateway as "Things" add-ons, and a PWA (Progressive Web Application) to control “things”. Gateway is connected to either Mozilla cloud or your own cloud if you have one. All “things” were designed as add-ons for gateway following Web of Things proposals. To control “things”, we have created a PWA (Progressive Web Application) that runs on mobile devices.

[Insert overview image]

“Things” Add-ons

“Things” Add-ons The “Things Project” has introduced an add-on system, which is loosely modeled after the add-on system in Firefox, to allow for the addition of new features or devices such as an adapter to the Things Gateway.

Mozilla IoT has support for gateway framework on Raspberry Pi 3 and provides a limited number of hardware supports for “things” add-ons. This demo also has been leveraging Mozilla Web-of-things architecture on Samsung devices. From gateway aspect, Artik 710 has been experimented. And at “things” add-on aspect, it created add-ons for Tizen:RT with IoT.js on ARTIK05x,** JubiLinux (A community debian port) on Intel Edison board and Raspbian on Raspberry Pi zero**.

[insert Things add-ons image]

“Privacy by Design”

When making choices on technologies for the demo, we intend to have “privacy awareness” in mind. Some of the security and privacy issues have been or being addressed at gateway and “Things” controller application. The Things Gateway Mozilla “Project Things” aims at “building a decentralized ‘Internet of Things’ that is focused on security, privacy, and interoperability”, as stated by the company.

The framework has provided solution for secure remote access. Secure remote access is achieved using HTTPS via encrypted tunneling. Basically, the “Things Project” provides a TLS tunnelling service via its registration server to allow people to easily set up a secure subdomain during first time setup . An SSL certificate is generated via LetsEncrypt and a secure tunnel from a Mozilla cloud server to the gateway is set up using PageKite.

From privacy aspect, The Things Gateway provides a system for safely authorizing third-party applications using the de-facto authorization standard OAuth 2.0. When a third-party application needs to access or control another person’s Things, it always requires consent from the Things’ owner. The owner can decide the scope of the access token granted to the third-party application. Things’ owner also has options to delete or revoke the tokens that are assigned to the third-party application.

Details on “things” privacy have been discussed at our recent blog “An End-to-End Web IoT Demo Using Mozilla Gateway” and talk “The Complex IoT Equation”. Basically we have created a rental holiday use case to discuss “things” ownership and “things” usership.

Clone this wiki locally