Unit 4
Unit 4
Device discovery :
The Internet of Things (IoT) ecosystem has given consumers access to a world of possibilities, but it
also comes with certain security risks. With IoT devices constantly monitoring and collecting data
concerning the user and device behavior, the probability of malicious or ransomware attacks by
hackers and other ill-intended entities has increased
Device discovery tools and IoT security solutions help address the said security challenges for
consumer-level and industrial applications.
IoT security systems are indeed needed to protect end-users from cyber threats. The former allows the
latter to leverage the power of IoT devices and networks while having complete control over their
sensitive personal data. IT and security professionals need systems that help them discover devices
and effectively mitigate potential threats.
With the increased use of connected gadgets, it has become more obvious that most of them still have
little or no security features in place. They are vulnerable and can easily be compromised by hackers,
giving them remote access to our sensitive personal details.
Dynamic IoT device discovery and profiling automate identifying processes that allow specific
devices on the network. These IoT security solutions offer much-needed protection to your network,
while IoT device discovery forms the critical foundation in establishing security. Both can be
included as modules within routers, gateways, UTMs, and other similar devices that allow inbound
and outbound network traffic because these tools are backed by a knowledge base, which helps detect
new devices even without any foreknowledge of them.
Registering a Device:
The device discovery on the network can become simple if an IoT device initially registers with some
Cloud platform or Network. So that all the traffic generated by it can be monitored by routers, gateways,
UTMs and other similar devices.
Example: Developing a home automation application using AWS requires IoT devices to be registered
with AWS cloud for monitoring and controlling the behavior of the devices. This can be done by adding a
new device to template/dashboard/application.
Deregistering a Device:
Inorder to stop vulnerabilities in network based application, the devices that no longer needed and thought
to be hacked can be deregistered from the cloud.
Every cloud platform has a provision to deregister a device when it is no longer need for an application to
ensure security.
In today’s digital age it is important to understand how data is stored and communicated over the
Internet. This is where cloud storage models and communication APIs come into play.
In truth, cloud computing and IoT are tightly coupled. The growth of IoT and the rapid development of
associated technologies create a widespread connection of things. This has lead to the production of
large amounts of data, which needs to be stored, processed and accessed. Cloud computing as a
paradigm for big data storage and analytics. While IoT is exciting on its own, the real innovation will
come from combining it with cloud computing. The combination of cloud computing and IoT will
enable new monitoring services and powerful processing of sensory data streams. For example,
sensory data can be uploaded and stored with cloud computing, later to be used intelligently for smart
monitoring and actuation with other smart devices. Ultimately, the goal is to be able to transform data
to insight and drive productive, cost-effective action from those insights. The cloud effectively serves
as the brain to improved decision-making and optimized internet-based interactions. However, when
IoT meets cloud, new challenges arise. There is an urgent need for novel network architectures that
seamlessly integrate them. The critical concerns during integration are quality of service (QoS) and
quality of experience (QoE), as well as data security, privacy and reliability. The virtual infrastructure
for practical mobile computing and interfacing includes integrating applications, storage devices,
monitoring devices, visualization platforms, analytics tools and client delivery.
Cloud computing offers a practical utility-based model that will enable businesses and users to access
applications on demand anytime and from anywhere.
Cloud storage models refer to different ways of storing data on remote servers that can be accessed
over the Internet. Communication APIs allow different applications to communicate with each other
over Internet. By using these technologies, businesses can store and access their data from anywhere
in the world and integrate different applications seamlessly.
Deployment models:
Deployment in cloud computing comprises four deployment models: private cloud, public cloud,
community cloud and hybrid cloud.
A cloud storage API is an application program interface that connects a locally-based application to a
cloud-based storage system, so that a user can send data to it and access and work with data stored in it.
To the application, the cloud storage system is just another target device, like tape or disk-based
storage. An application program interface (API) is code that allows two software programs to
communicate with each other. The API defines the correct way for a developer to write a program that
requests services from an operating system (OS) or other application. APIs are implemented by
function calls composed of verbs and nouns. The required syntax is described in the documentation of
the application being called.
Three basic types of APIs
1. Local APIs are the original form, from which the name came. They offer OS or middleware services to
application programs. Microsoft's .NET APIs, the TAPI (Telephony API) for voice applications, and
database access APIs are examples of the local API form.
2. Web APIs are designed to represent widely used resources like HTML pages and are accessed using
a simple HTTP protocol. Any web URL activates a web API. Web APIs are often called REST
(representational state transfer) or RESTful because the publisher of REST interfaces doesn't save any
data internally between requests. As such, requests from many users can be intermingled as they would
be on the internet.
3. Program APIs are based on remote procedure call (RPC) technology that makes a remote
program component appear to be local to the rest of the software. Service oriented architecture
(SOA) APIs, such as Microsoft's WS-series of APIs, are program APIs.
Dealer: Dealer acts a router and routes RPC calls from the Caller to the Callee and routes results from
Callee to Caller.
• Application Code: Application code runs on the Clients (Publisher, Subscriber, Callee or Caller).
Xively Cloud is a powerful platform for IoT that enables easy device management, secure data
storage, and analytics capabilities. It provides a scalable and reliable infrastructure for IoT
applications, allowing developers to focus on building innovative solutions without worrying about
managing the underlying infrastructure.
One of the key advantages of Xively Cloud is its ability to handle large volumes of data from
connected devices in real-time. This allows businesses to gain valuable insights into their operations
and make informed decisions based on data-driven analytics. Xively Cloud also offers advanced
security features, including end-to-end encryption, access controls, and threat detection, ensuring that
sensitive data is protected at all times.
• The services includes data collection, data points, messages and calculation objects.
• The service also provisions for the generation and communication of alerts, triggers and feeds
to the user.
• APIs provides services for logging, sharing and displaying sensor data of all
Xively Support
•The platform supports the REST, WebSockets and MQTT protocols and connects the devices to
Xively Cloud Services
• Native SDKs for Android, Arduino, ARM mbed, Java, PHP, Ruby, and Python languages
• Developers can use the workflow of prototyping, deployment and management through the
tools provided at Xively
Xively APIs
• Enable interface with Python, HTML5, HTML5 server, tornado
• Interface with WebSocket Server and WebSockets
• Interface with an RPC (Remote Procedure Call).
Xively PaaS services
• Enables services
• Business services platform which connects the products, including collaboration products
• Rescue, Boldchat, join.me, and operations to Internet
• Data collection in real-time over Internet
Xively Methods for IoT Devices Data
•Concept of users, feeds, data streams, data points and triggers
• Data feed typically a single location (e.g. a device or devices network),
• Data streams are of individual sensors associated with that location (for example, ambient
lights, temperatures, power consumption).
• Pull or Push (Automatic or Manual Feed)
Xively Data formats and Structures
• Number of data formats and structures enable the interaction, data collection and services
• Support exists for JSON , XML and CSV
• Structures: Tabular, spreadsheet, Excel, Data numbers and Text with a comma-separated values
in file
Xively Uses in IoT/M2M
• Private and Public Data Access
• Data streams, Data points and Triggers
• Creating and Managing Feeds
• Visualizing Data
3. Django
Django is an open source web application framework for developing web applications in Python.
• A web application framework in general is a collection of solutions, packages and best practices
that allows development of web applications and dynamic websites.
• Django is based on the Model-Template-View architecture and provides a separation of the data
model from the business rules and the user interface.
• Django provides a unified API to a database backend.
• Thus web applications built with Django can work with different databases without requiring any
code changes.
• With this flexibility in web application design combined with the powerful capabilities of the
Python language and the Python ecosystem, Django is best suited for cloud applications.
• One of the key features of Django is its ability to handle large amounts of data and traffic,
making it ideal for IoT applications. Additionally django provides built-in security features such
as protection against SQL injection and cross-site scripting attacks.
• Another advantage of using Django is its modularity. Developers can easily add new
functionality to their applications by using pre-built modules or creating their own. This allows
for rapid development of IoT applications. Finally, Django is highly customizable, allowing
developers to tailor their applications to meet specific business needs.
• Django consists of an object-relational mapper, a web templating system and a regular-expression
based URL dispatcher. Django is Model-Template-View (MTV) framework.
Model
• The model acts as a definition of some stored data and handles the interactions with the database. In
a web application, the data can be stored in a relational database, non-relational database, an XML file,
etc. A Django model is a Python class that outlines the variables and methods for a particular type of
data.
Template
• In a typical Django web application, the template is simply an HTML page with a few extra
placeholders. Django’s template language can be used to create various forms of text files (XML,
email, CSS, Javascript, CSV, etc.)
View
• The view ties the model to the template. The view is where you write the code that actually
generates the web pages.
View determines what data is to be displayed, retrieves the data from the database and passes the data
to the template.
4. Designing a RESTful Web API
Consider developing a RESTful Web API using Django REST framework. The REST API allows
you to create, view, update and delete a collection of resources where each resource represents a
sensor data reading from a weather monitoring station. The station model contains four fields-station
name, timestamp, temperature, latitude and longitude. ViewSets are used for the views that allow you
to combine the logic for a set of related views in a single class.
Serializers allow complex data ( such as querysets and model instances) to be converted to native
Python datatypes that can then be easily rendered into JSON,XML or other content types. Serializers
also provide de-serialization, allowing parsed data to be converted back into complex types, after first
validating the incoming data.
Since ViewSets are used instead of views, we can automatically generate the URL conf for our API,
by simply registering the viewsets with a router class. Routers automatically determining how the
URLs for an application should be mapped to the logic that deals with handling incoming requests.
i) Amazon EC2
Amazon Elastic Compute Cloud (EC2) is a scalable cloud computing service that allows users to rent
virtual computers on which they can run their own applications. EC2 provides a flexible, cost-effective
way to host web-scale applications and services in the cloud.
One of the key advantages of using EC2 for IoT is its scalability. EC2 enables users to quickly and easily
scale up or down their computing resources as needed, allowing them to handle large amounts of data and
traffic from IoT devices. Additionally, EC2 offers a wide range of instance types optimized for different
workloads, making it easy to find the right configuration for your specific use case.
A connection to EC2 service is first established by callingboto.ec2.connect_to_region.
• The EC2 region, AWS access key and AWS secret key are passed to this function. After connecting
to
• EC2 , a new instance is launched using the conn.run_instances function.
• The AMI-ID, instance type, EC2 key handle and security group are passed to this function.
• This function returns a reservation. The instances associated with a reservation are obtained using
reservation.instances.
• Finally the status of an instance associated with a reservation is obtained using the instance.update
function.
ii) Amazon AutoScaling
Amazon AutoScaling allows automatically scaling Amazon EC2 capacity uo or dowm according to user
defined conditions. Therefore, with AutoScaling users can increase the number of EC2 instances running
their applications seamlessly during spikes in the application workloads to meet the application
performance requirements and scale down capacity when the workload is low to save costs. AutoScaling
can be used for auto scaling IoT applications and IoT platformsndeployed on amazon EC2.
AutoScaling Service
• A connection to AutoScaling service is first established by calling
boto.ec2.autoscale.connect_to_region function. The EC2 region,AWS access key and AWS secret key are
passed to this function.
Launch Configuration
• After connecting to AutoScaling service, a new launch configuration is created by calling
conn.create_launch_con figuration. Launch configuration contains instructions on how to launch
new instances including the AMI-ID, instance type, security groups, etc.
AutoScaling Group
• After creating a launch configuration, it is then associated with a new AutoScaling group.
AutoScaling group is created by calling conn.create_auto_scaling_group. The
settings for AutoScaling group such as the maximum and minimum number of instances in the group,
the launch configuration, availability zones, optional load balancer to use with the group, etc.
AutoScaling Policies
• After creating an AutoScaling group, the policies for scaling up and scaling down are defined.
• In this example, a scale up policy with adjustment type Change In Capacity and scaling_ad justment =
1 is defined.
• Similarly a scale down policy with adjustment type ChangeInCapacity and scaling_ad justment = -1
is defined.
CloudWatch Alarms
• With the scaling policies defined, the next step is to create Amazon CloudWatch alarms that trigger
these policies.
• The scale up alarm is defined using the CPUUtilization metric with the Average statistic and
threshold greater 70% for a period of 60 sec. The scale up policy created previously is associated
with this alarm. This alarm is triggered when the average CPU utilization of the instances in the
group becomes greater than 70% for more than 60 seconds.
• The scale down alarm is defined in a similar manner with a threshold less than 50%.
Amazon RDS is a web service that allows you to create instances of MySQL, Oracle or Microsoft SQL
Server in the cloud. With RDS, developers can easily setup, operate and scale a relational database in the
cloud.
RDS can serve as a scalable relational datastore for IoT systems. With RDS, IoT system developers can
store any amount of data in scalable relational databases.
A connection to RDS service is first established by calling boto.rds.connect_to_region function. The RDS
region, AWS access key and AWS secret key are passed to this function.
• The input parameters to this function include the instance ID, database size, instance type, database
username, database password, database port, database engine (e.g. MySQL5.1), database name,
security groups, etc.
v) Amazon Dynamo DB
Amazon EMR is a web service that utilizes Hadoop framework running on Amazon EC2 and Amazon S3.
EMR allows processing of massive scale data, hence suitable for IoT applications that generate large
volumes of data that needs to be analyzed. Data processing jobs are formulated with the MapReduce
parallel data processing model.
MapReduce is a parallel data processing model for processing and analysis of massive scale data.
MapReduce has two phases: Map and Reduce. MapReduce programs are written in functional
programming style to create Map and Reduce functions. The input data to the map and reduce phases is in
the form of key-value pairs.
6. SkyNetIoT Messaging Platform.
SkyNet is an open source instant messaging platform for Internet of Things. The single SkyNet API
supports HTTP-REST,WebSockets,MQTT and CoAP protocols for guaranteed message delivery and low
bandwidth satellite communication.. SkyNet allows you to register devices( or nodes) on the Network. A
device can be anything including sensors, smart home devices, cloud resources, drones etc. Each device is
assigned a UUID and a secret token. Devices or client applications can subscribe to other devices and
receive/send messages.
The first step is to create a device on SkyNet. The POST request to create a device returns the
UUID and token of the created device.
Next is updating a device, retrieving last 10 events related to a device, subscribing to a device and
sending message to a device.