IoT in the Home: Cloud-based Gateway Management - Internet of...
1
IoT in the Home: Cloud-based Gateway Management B. Silverajan, M. Vajaranta, R. Itäpuro, A. Kolehmainen Department of Pervasive Computing, Tampere University of Technology Collaborative Management Efforts • Allow expert assistance / co-management by using SDN-like 3-layer model • Allow the management and control interface to be hosted outside the home using cloud-based network management controllers • Smart homes are the convergence points for many new IoT technologies and devices • Home networks are becoming complex, eg IETF HomeNet architecture allows multiple subnets with intra-home routing and automatic service discovery • But the home owner receives little help in managing the network • Difficult to co-operate with expert advisors to jointly manage the network, if all the control resides in the home Managing Complex Home Networks Deploying Homenet- based infrastructure • Fixed and Mobile OpenWRT APs with HNCP and Babel routing protocol • HNCP discovers external links, configures Babel and allocates IP addresses to routers - DHCP and NAT for IPv4 - Prefix delegation for IPv6 • Babel dynamically adjusts selection of next hop links by changes in wireless link quality • Separate the roles and network view of home owners, ISPs and 3 rd party providers • Allows operators and service providers the ability to co-manage homes without remotely accessing CPE. • Service providers get e2e access, can manage their devices and service also inside the home, and gain insight into customer usage • User policies and access control can be easier provisioned • Forwarding and routing policies • Traffic engineering, energy saving profiles • Security policies (firewall configuration, ACLs) • Homenet router configuration and network configuration snapshots stored in the cloud • New business in the form of providing dynamic network provisioning and management service Co-Managed Configuration and Control • Network management tools and apps work with cloud-based data and manipulate configuration resource graph • Parse.com back-end as a service (BaaS) selected for developing scalable cloud-based Homenet remote controller service • The BaaS cloud service interfaces with an intermediate local controller (smartphone/tablet/laptop) to trigger management actions - Introducing local controller allows management of network in case of uplink disruptions • Local control element interfaces to routers and switches in the home using configuration protocol Privacy, Access Control, and Authorisation REST-Based Communication • HTTPS-based communication with BaaS service and apps • Class-level permissions and object-level access control is permitted for cloud data • BaaS-specific user management, access control and views according to user role • Smartphone as a trusted local controller to audit and execute configuration changes on home devices, using SIM-based authentication • Need to be able to ascertain the local controller’s credentials and access rights to manage the home network, but also grant time and role-based access rights to others to co-manage – Combine access control and access rights mechanisms from BaaS systems with ISP-based AAA solutions for privileged operations by smartphone • Cloud controller supports push notifications to mobile apps or alternatively apps can pull data using REST APIs • Resources exposed in the cloud can be retrieved and manipulated by authenticated HTTP/CoAP proxies and clients • Easy integration with other 3rd party IoT or REST-based policy engines for home network management – IFTTT as a possible service-specific controller eg for time-/presence-based energy-savings profiles for Homenet-based routers and Access Points • Communication between local controller and nodes at home uses REST-based API to interact with the Unified Configuration Interface of OpenWRT – CoAP and LWM2M-based management approaches under investigation • Infrastructure consists of both ISP and home network • ISP provided DHCP for IPv4 but supported IPv6 prefix delegation for home routers 130.230.141.192 /28 2001:708:310:7742::/64 .199 ::10/64 DHCP 130.230.141.176 /28 2001:708:310:6090::/60 - 2001:708:310:60f0::/60 ::11/64 .198 130.230.141.176 /28 2001:708:310:6080::/64 ::1/64 .193 .177 ::1/64 Upstream router G0 G1 >2001:708:310:6080::/57< Tlt-iot-isp Tlt-iot-dhcpv6 DHCP Queries 5GHz ”Babelmesh” Adhoc IPv6: Prefix Delegation IPv4: NAT Owrt-1.home OWRT-Master.home Owrt-2.home Owrt-3.home 2.4GHz Client-AP 2.4GHz Client-AP 2.4GHz Client-AP 2.4GHz Client-AP *.homeLAN.OWRT-1.home *.homeLAN.OWRT-2.home *.homeLAN.OWRT-3.home *.homeLAN.OWRT-master.home
Transcript of IoT in the Home: Cloud-based Gateway Management - Internet of...
IoT in the Home:
Cloud-based Gateway Management
B. Silverajan, M. Vajaranta, R. Itäpuro, A. Kolehmainen
Department of Pervasive Computing, Tampere University of Technology
Collaborative Management Efforts
• Allow expert assistance / co-management by using SDN-like 3-layer model
• Allow the management and control interface to be hosted outside the home using
cloud-based network management controllers
• Smart homes are the convergence
points for many new IoT technologies
and devices
• Home networks are becoming
complex, eg IETF HomeNet
architecture allows multiple subnets
with intra-home routing and automatic
service discovery
• But the home owner receives little help
in managing the network
• Difficult to co-operate with expert
advisors to jointly manage the network,
if all the control resides in the home
Managing Complex Home Networks
Deploying Homenet-
based infrastructure
• Fixed and Mobile OpenWRT
APs with HNCP and Babel
routing protocol
• HNCP discovers external links,
configures Babel and allocates
IP addresses to routers - DHCP and NAT for IPv4
- Prefix delegation for IPv6
• Babel dynamically adjusts
selection of next hop links by
changes in wireless link quality
• Separate the roles and network view of home owners, ISPs and 3rd party providers
• Allows operators and service providers the ability to co-manage homes without remotely accessing CPE.
• Service providers get e2e access, can manage their devices and service also inside the home, and gain insight into customer usage
• User policies and access control can be easier provisioned
• Forwarding and routing policies
• Traffic engineering, energy saving profiles
• Security policies (firewall configuration, ACLs)
• Homenet router configuration and network configuration snapshots stored in the cloud
• New business in the form of providing dynamic network provisioning and management service
Co-Managed Configuration and Control • Network management tools and apps work with cloud-based data and
manipulate configuration resource graph
• Parse.com back-end as a service (BaaS) selected for developing
scalable cloud-based Homenet remote controller service
• The BaaS cloud service interfaces with an intermediate local controller
(smartphone/tablet/laptop) to trigger management actions
- Introducing local controller allows management of network in case of uplink
disruptions
• Local control element interfaces to routers and switches in the home
using configuration protocol
Privacy, Access Control,
and Authorisation REST-Based
Communication
• HTTPS-based communication with BaaS service
and apps
• Class-level permissions and object-level access
control is permitted for cloud data
• BaaS-specific user management, access control
and views according to user role
• Smartphone as a trusted local controller to audit
and execute configuration changes on home
devices, using SIM-based authentication
• Need to be able to ascertain the local controller’s
credentials and access rights to manage the home
network, but also grant time and role-based access
rights to others to co-manage
– Combine access control and access rights mechanisms
from BaaS systems with ISP-based AAA solutions for
privileged operations by smartphone
• Cloud controller supports push notifications to mobile apps or alternatively apps can pull data using REST APIs
• Resources exposed in the cloud can be retrieved and manipulated by authenticated HTTP/CoAP proxies and clients
• Easy integration with other 3rd party IoT or REST-based policy engines for home network management – IFTTT as a possible service-specific controller eg
for time-/presence-based energy-savings profiles for Homenet-based routers and Access Points
• Communication between local controller and nodes at home uses REST-based API to interact with the Unified Configuration Interface of OpenWRT – CoAP and LWM2M-based management
approaches under investigation
• Infrastructure
consists of both ISP
and home network
• ISP provided DHCP for
IPv4 but supported
IPv6 prefix delegation
for home routers
130.230.141.192 /282001:708:310:7742::/64
.199
::10/64DHCP
130.230.141.176 /28
2001:708:310:6090::/60
-2001:708:310:60f0::/60
::11/64.198
130.230.141.176 /28
2001:708:310:6080::/64
::1/64.193
.177
::1/64
Upstream router
G0
G1
>2001:708:310:6080::/57<
Tlt-iot-isp Tlt-iot-dhcpv6
DHCP Queries
5GHz ”Babelmesh”Adhoc
IPv6: Prefix DelegationIPv4: NAT
Owrt-1.home
OWRT-Master.home
Owrt-2.home Owrt-3.home
2.4GHz Client-AP
2.4GHz Client-AP 2.4GHz Client-AP2.4GHz Client-AP
*.homeLAN.OWRT-1.home *.homeLAN.OWRT-2.home *.homeLAN.OWRT-3.home
*.homeLAN.OWRT-master.home
![Eclipse IoT stack with Java and the End-to-end IoT solutions...End-to-end IoT? Actuators/Sensors + Gateway + [ Cloud ] + User front-end 1. Sensors/Actuators Sense the physical environment](https://static.fdocuments.us/doc/165x107/5f9f73d4a6911045bd00df1b/eclipse-iot-stack-with-java-and-the-end-to-end-iot-solutions-end-to-end-iot.jpg)
