Pervasive Computing

Dr. Muhammad Taha Jilani

Lecture - 11
 IoT Architectures
A typical IoT Network
Perception layer

Gateway Based on
Server & Clients

Pervasive Computing by Dr. M.Taha

APPLICATION LAYER

Pervasive Computing by Dr. M.Taha

 Web Services
The most popular web services can be classified into two types:
Simple Object Access Protocol (SOAP) and
Representational State Transfer (REST).
SOAP is a protocol and REST is an architectural style.
SOAP works on a standard set of rules based on XML (uses different
protocols, such as HTTP, FTP and SMTP) and finds its use in financial,
telecommunication and payment gateways services.
REST doesnt employ any additional messaging layer creating a stateless
service. Only uses HTTP for data transport. It is usually used in social
media, web-chat and other mobile services.
Coupling between the client and server is the major distinguishing factor
between the two; In SOAP the link between client and the server is very
rigid and any change from either side terminate it, whereas in REST, the
protocol is not violated by such changes.
Pervasive Computing by Dr. M.Taha
 SOAP vs REST
In IoT Applications Perspective
CPU and Battery life
An important aspect for smartphones users is to avoid applications which drain
their mobile battery.
It has a real business impact if the mobile user cant complete their work because
the device needs to be constantly recharged.
JSON is lighter than XML, using less memory and less CPU. The more demands you
make of the CPU the quicker you consume battery power and the shorter time you
have between recharges. REST scores over SOAP in battery life.
Scalability
RESTs property of statelessness simplifies component implementation, improves
performance and supports the scalability.
RESTful services have a uniform interface., i.e. using only HTTP make it more easily
manageable than SOAP.

Pervasive Computing by Dr. M.Taha

 SOAP vs REST
In IoT Applications Perspective
Security
As SOAP is based on standardised Web service security and thus better secured
compared to REST which works on HTTP.
But REST developers can generate unique token and validation on each request,
that can be a customised way to enforce user-level authentication.
Server and Network Performance
SOAP-based applications have server side sessions and a stack of different
handlers and parsers while REST bears minimal overhead on top of HTTP.
It is critical in mobile based applications where the server is connected
simultaneously to many devices and a simple mechanism is required. Thus in such
cases REST becomes the obvious choice
Even if you encode your representations in JSON (furthermore as opposed to XML)
you will save many more bytes.

Pervasive Computing by Dr. M.Taha

 SOAP vs REST
In IoT Applications Perspective
Conclusion
IN the veiw of above:
growing popularity of REST due to ease of application,
efficient use of the server, CPU and battery life
SOAP is still reliable in terms of security which makes it useful in designing
enterprise web applications (B2B) and applications which require payment
options such as banking transaction which require security encryption on the
data layer.
In applications, REST employed in Stripe, Facebook. LinkedIn and Twitter
based APIs and SOAP in Salesforce, Sage, Financialforce and eBay based APIs.

Pervasive Computing by Dr. M.Taha

 Application Layer Protocols for IoT
Hypertext Transfer Protocol
HTTP is a request-and-response protocolthat is, clients make requests, and
servers satisfy those requests with a response.
For example a CLIENT access to a WEB-SERVER for a simple transaction, it may
include several methods that are actually implemented in HTTP.
GET method is used to retrieve a resource (URI) from server
HEAD is used to get only meta-information about the resource (not the
actual content)
POST method is used to provide new content to the web server,
PUT method is used to place data for an existing resource on the web
server
DELETE method is used to remove the data
HTTP can not be used for IoT in its true form, due to huge overheads and
cumbersome parsing
Pervasive Computing by Dr. M.Taha
 Application Layer Protocols for IoT
REpresentational State Transfer - REST
RESTful Web service is the explicit use of HTTP methods in a way that
follows the protocol as defined by RFC 2616.
More efficient for resource constrained devices than HTTP
This basic REST design principle establishes a one-to-one mapping
between create, read, update, and delete operations and HTTP methods.
The mapping allows:
To create a resource on the server, use POST.
To retrieve or read a resource, use GET.
To change the state of a resource or to update it, use PUT.
To remove or delete a resource, use DELETE.
The content type can be XML or JSON (JavaScript Object Notation) and
depends on the HTTP server and its configuration.

Pervasive Computing by Dr. M.Taha

REpresentational State Transfer - REST
REST on a network

Pervasive Computing by Dr. M.Taha

 Application Layer Protocols for IoT
REpresentational State Transfer - REST
REST is already an important part of the IoT because it is supported
by all the commercial M2M cloud platforms.
However, it is unlikely that it will become a dominant protocol due
to not being easily implementable.
It uses HTTP which means no compatibility with constrained-
communication devices. This leaves its use for final applications.
Request/response + TCP, affect battery/computation usage
RESTful services use TLS/SSL for security. However, today most
commercial M2M platforms do not support HTTPS requests.
Instead, they provide unique authentication keys that need to be in
the header of each request to achieve some level of security.

Pervasive Computing by Dr. M.Taha

 Application Layer Protocols for IoT
To transfer all the sensor data
collected by a gateway node to a
server, the IoT network requires a
protocol that is
bandwidth-efficient,
energy-efficient
capable of working with limited
hardware resources (i.e., main
memory and power supply)

Pervasive Computing by Dr. M.Taha

 Application Layer Protocols for IoT
Constrained Application Protocol (CoAP)
It is a synchronous request/response application layer protocol that was
designed by the Internet Engineering Task Force (IETF) to target
constrained-recourse devices
Uses the subset of HTTP method / RESTful web-services
CoAP runs over UDP to keep the overall implementation lightweight and
avoid excess TCP overhead.
It uses the HTTP commands GET, POST, PUT, and DELETE to provide
resource-oriented interactions in a client-server architecture.
CoAP supports unicast as well as multicast, as opposed to TCP, which is by
its nature not multicast-oriented

Pervasive Computing by Dr. M.Taha

 Application Layer Protocols for IoT
Constrained Application Protocol (CoAP)
To overcome the unreliability of UDP, CoAP integrated its own mechanisms
for achieving reliability.
Quality of Service (QoS) level implemented by using Two bits in the header
of each packet by puttting the type of message. There are 4 message
types:
Confirmable: A request message that requires an acknowledgement (ACK).
The response can be sent either synchronously (within the ACK) or if it needs
more computational time, it can be sent asynchronously with a separate
message.
Non-Confirmable: A message that does not need to be acknowledged.
Acknowledgment: It confirms the reception of a confirmable message.
Reset: It confirms the reception of a message that could not be processed.
Also a simple Stop-and-Wait retransmission mechanism for confirmable
messages and for detecting duplicates
Pervasive Computing by Dr. M.Taha
 Application Layer Protocols for IoT
Constrained Application Protocol (CoAP)
CoAP QoS based messaging
Confirmable and non-confirmable
modes represent the reliable and
unreliable transmissions, respectively.

Piggyback is used for client/server

direct communication where the
server sends its response directly after
receiving the message, i.e., within the
acknowledgment message.

The separate mode is used when the

server response comes in a message
Confirmable Non- Acknowledge Confirmable separate from the acknowledgment,
Confirmable and may take some time to be sent by
the server.

Pervasive Computing by Dr. M.Taha

 Application Layer Protocols for IoT
Constrained Application Protocol (CoAP)
COAP does not include any built-in security features. The protocol that is
proposed to secure CoAP transactions is the Datagram Transport Layer
Security (DTLS). DTLS runs on top of UDP and is the analogous of TLS for
the TCP.
It provides authentication, data integrity, confidentiality, automatic key
management, and cryptographic algorithms.
Since DTLS was not designed for the IoT, it is not much suitable for it.
Also DTLS does not support multicast which is a prime advantage of CoAP
compared to other application layer protocols.
DTLS handshakes require additional packets that increase the network
traffic, occupy additional computational resources, and shorten the
lifespan of mobile devices that run on batteries, an essential part of the
IoT.
Pervasive Computing by Dr. M.Taha
 Application Layer Protocols for IoT
Constrained Application Protocol (CoAP)
Advantage

Pervasive Computing by Dr. M.Taha