WSO2Con EU 2015: API Management Strategies and Best Practices
WSO2Con EU 2015: IoT in Finance
-
Upload
wso2 -
Category
Technology
-
view
153 -
download
1
Transcript of WSO2Con EU 2015: IoT in Finance
Finance and IoT-Successful IoT
Industrial Patterns
John Mathon Vice President Enterprise
Evangelism WSO2 Inc.
Publish/Subscribe
Joe Mary Frank Exchange Clearing
This is what I started TIBCO with
Subject Filter Subject Filter Subject Filter Subject Filter Subject Filter
IoT Hardware SegmentaDon • Hardware
– CommunicaDons – Hubs – Devices – ComputaDon – Integrated Devices – Integrators
• SoIware – Embedded SoIware – Hub SoIware – CommunicaDons
IoT SoIware SegmentaDon Industrial
Thousands of Companies already providing So6ware and Services • Device Abstrac=on -‐ taxonomy and descripDon of all IoT devices EVRYTHNG • Data Storage -‐ means to store data from IoT devices DEVICEHUB • Pub Sub pla?orms -‐ M2M or M2C communicaDon PUBNUB • Analysis -‐ analysis of device data INFOBRIGHT • Visualiza=on -‐ mobile device, applicaDon or web app tools FREEBOARD • Integra=on -‐ orchestraDon of real Dme events to perform acDons Pacific
Controls, Trimble, IFTTT • Service -‐ services to individuals, corporaDons, government XIVELY
IoT Ecosystem Driving Personas Enterprise IT - Implementers Gold Seekers - Entrepreneurs Explorers - Curious Hunters - Whatever Works Guns for Hire - Consultants Hobbyists - Makers Moochers - Latchers Mobile Wannabees – Yearners Gamers
Product Extenders - Add connectivity Existing Device /Sensor
Manufacturers Mobile Device Companies Digital Hardware Companies Software Infrastructure Communications Companies Data Companies Existing App Companies
Main Business Drivers IoT
1. Cost Reductions - Consumer, Building, Operations 2. Increased Quality - Operations 3. Convenience - Employee, Consumer 4. Stickiness - Business Top Line 5. New Products / Markets - Business Top Line
Almost Every Business will be interested for some reason
IIoT Best Practices for Enterprise
Build a Great Device
❖ Security ❖ Encrypt Data at rest and in motion ❖ Allow fine grained control of authorization around controls and data visibility ❖ Provide automated upgrade service
❖ Ease of Use ❖ Provide multiple UI mechanisms for cell phones, web, apis and visually on the device itself if it makes sense
❖ Data ❖ Provide Device Management functionality including ability to wipe device, upgrade and configure through Dev Management APIs
❖ Power Management, Failure Detection
❖ Must warn well in advance, Send still alive message and detect failures, tampering
❖ APIs ❖ Provide APIs to everything as Enterprises can build integration
IoT Standards Much LeI To Do • Hardware / Embedded
– CommunicaDons -‐ Zigbee, NF, Zwave, BLE, 802.11ah, Cellular, IEEE 802.15.4 and … – Security, Discovery, ApplicaDon -‐ Allseen Alliance, OIC, IIC, Google Thread, Zigbee,
IEEE P2413, OneM2M
– Hubs -‐ SmartThings, Vera, Insteon, Ninja, Homey, Apple and ...
• Data
– Where is the data? Device, Hub, Local, Cloud, Enterprise, Hybrid
• Security and Device Mgt – Who sees what you have? How do you add? How do you remove? Who can do what?
Who can see what? How do you upgrade? How do you monitor?
– UMA
• Orchestra=on Tools
– ESB, BPM, Rules Engine, IFTTT, other ?
– Where is the control/OrchestraDon? Cloud, Dedicated Device, Cell Phone?
IoT Security Issues • AuthenDcaDon -‐ How do you know the device or user is who they say they
are? • AuthorizaDon -‐ What can that user / device do? • Logging -‐ How do we monitor? • Update -‐ How do we upgrade? • EncrypDon -‐ Always, someDmes, how? • Enforcement Points -‐ Security distributed? • Policies -‐ Establishing automaDon (UMA) for groups of people or devices • API -‐ API keys? More? • Data -‐ Field level security? • Privacy -‐ Who can see?
IoT Security State of Affair ❖ Consumer - Terrible, Terrible, Terrible
❖ No Authentication, Frequently no encryption
❖ No automated upgrading ❖ No control over who can see or do what – Fine Grained
Authorization
❖ Enterprise - Somewhat better ❖ Some devices auto upgrade
❖ Some devices have fine grained authorization ❖ Most devices have encryption data in motion, some for data at rest
IoT IntegraDon Issues • Different CommunicaDon protocols • APIs, SDKs for mobile or servers, Cloud Services, Device level Services, Hub
Services. • How to scale? • Who owns the device? • Privacy • AuthorizaDon • Which OrchestraDon Tools or Products?
IoT Reference Architecture -‐ Building / Factory 1. Devices
a. Reliable, Secure b. Hard Connection c. Device Profile Known
2. Data Caching at local sites 3. Sophisticated Analysis 4. Optimization 5. Diagnosis / Failure Warning 6. Eventing 7. Device Management 8. Integration to Finance,
Accounting, Security
1. Purposes a. Energy - HVAC, Lighting b. Automation – Cost reduction c. Security d. Quality Engineering
Very High Criticality Sophisticated Integration not a
problem May be willing to accept non-
standard if superior security, functionality
IoT Reference Architecture -‐ Employee 1. Devices
a. Secure b. Device Profile Known c. Size / Portability
2. Diagnosis / Failure Warning 3. Flexibility to support small variety
of devices 4. Eventing 5. Device Management 6. Integration with Automation
Systems, Sales, Marketing, Management, Content Management Systems
1. Purposes a. Productivity of Employees b. Convenience
Medium Criticality Some Integration may be done
IoT Reference Architecture -‐ Customer 1. Devices Key Functionalities
required 2. Flexibility to support wide variety
of devices 3. Eventing 4. Store Data 5. Analytics Critical 6. Discovery 7. Good UI 8. Integration with Automation
Systems, Sales, Marketing, Management, Content Management Systems
1. Purposes a. Create Stickiness b. Create Value for Customer c. Inexpensive
Application dependent Criticality High Integration Expected
IoT Reference Architecture -‐ OEM 1. Devices
a. Key Functionalities required 2. Flexibility to support wide variety of
devices 3. Eventing 4. Store Data 5. Analytics Critical 6. Discovery 7. Good UI 8. Integration with Automation Systems,
Sales, Marketing, Management, Content Management Systems
1. Purposes a. Create Stickiness b. Create Value for Customer c. Inexpensive
High Criticality Criticality High Integration Expected
IoT End to End Needs Middle Services Customer Device
OS
Application
Security
Communication / Power Mgt
Visualization / API Visualization
OS
Security / Policy Security
OS
Visualization / API
Data Stream / Storage / Mgt
Eventing/Analysis/Optimize
Orchestration / Integration
Eventing/Analysis/Optimize
Interaction Pattern
UI
IOT Reference Architecture
Device
API Mgt Dev Mgt
Service Bus BPM BigData
Long Term Analysis
Activity Mgt
Cloud
CEP
Cloud Orchestration/Integration
Comm
Prov ider
OS
Application
ESB, Security
OS
ESB, IM, PEP
Data Infrastructure
Hub Orchestration Integration
Rules Engine
Data
Dev Mgt
Rules Engine
User Dashboard
IoT Mgt Dashboard
Event Driven Computing New Era
Platform 3
“How do you share information between users and applications in a connected Social IoT Mobile world?”
Social IoT Mobile Apps
IoT and Mobile Mgt
API Mgt and Reuse
BigData
Mediation / Broker
Micro Services
Analytics
PaaS/DevOps
Security
Perf Mgt Scaling
EDA Publish / Subscribe Mesh Network
IoT
IoT
IoT
IoT
IoT
IoT
IoT
IoT
IoT
Router1
Router2
No Single Point of Failure / Like the Internet Functionality = Combination of all Services Mesh1
Mesh2 Mesh3
IoT
IoT UseCase – Connected Car -‐ Tesla • Tesla
– 60% employees software engineers – Integration of hardware key – User Experience Important – Tesla redesigned the car from the ground up
– Even other electric cars basically look like an ICE car. Not fully integrated. – Feedback to Tesla
• Tesla Connected Car PROVES the case 98-99% customer satisfaction 2 years in a row • Ability to upgrade truly amazing • Smartness of the car astonishes Tesla did more than build an electric car. They have created disruption in:
– Car integration – Safety – broke previous safety ratings – Performance – faster than any production car in the world – Service – upgrades over the air, remote service, no maintenance required – Smartness – knows where to go, how high to go, what temperature, charges anywhere – IOT – connected all the time, data streaming back to the factory
ConnectedCar -‐ FuncDonality
– All hardware systems of the car integrated with digital platform to control, monitor, automate, monitor • Eventually leading to self-driving car
– Integrated Apps in Car - Calendar, GPS, Energy, Settings, Entertainment, Phone, Climate, Profiles • Smart Car - knows when to lift suspension, when to ask me where to go, when to climatize
the car – Always Connected - monitor, find, pre-condition, secure – Unattended Upgrade - Feature improvement, Service Improvements – Feedback to Manufacturer
• Data used to improve service and design decisions, normal use, crash, ... • Data used to optimize function, improve capabilities • Easy bug report
– External Apps - Tesla App iPhone, Android, iWatch... – External API - Open API – 3rd party integration - TeslaApps, Logging and Analysis companies
Connected Car
API Mgt Dev Mgt Upgrade
Cust Svc Service Bus
Design
BPM
BigData Long Term Analysis
Activity Mgt
Service Bus
Polling Logging Events
Brakes Brakes Brakes Brakes
Console
Phone
Watch
3rd Party App / Device 3rd Party App /
Device 3rd Party App / Device
Brakes
Hi Priority
Planning
Lo Priority Apps
Cell Ven Cloud
CEP - Service
The Car
Car Com pany
IOT Use Case – Connected Construction
❖ Management of worksites is difficult. Numerous tools and people are needed and scheduling the expensive tools, people and work can be difficult. Tool breakdowns, changing work plans lead to wasted time and increased costs
❖ IoT the tools, track their usage and location, help contractors manage, track their expensive equipment and plan for their use better
IOT Use Case – Connected Construction
– Tools are instrumented, some with replaceable NFC, some
with active IoT to control, monitor, automate – Cars, trucks, equipment of all sorts even down to hammers
can be actively tracked with bluetooth and cell phones or NFC technology
– Integrated Apps on worksite and dedicated devices to collect information – progress, where things are, requesting tools or services
– Unattended Upgrade - Feature improvement, Service Improvements
– External API - Open API to encourage integration by 3rd parties – Planning tools to help coordinate complex tool needs and
people needs
Connected Construction
API Mgt Dev Mgt
Cust Svc
Service Bus
Design
BPM
BigData Long Term Analysis
Activity Mgt
Phone
Vehicles
Tools
Hi Priority Planning Lo Priority
Cloud
CEP
Building Sites
Vehicles Vehicles
Phone Phone
Tools Tools
Tools
Data Gather Device Data Gather
Devices
Wharehouse Wharehouses
Tools
Data Gather Device
Contractors
Design Contractor Planning
Tool
Connected Construction
Enterprise App Store
API Management SaaS Adoption
Executive Dashboards
PaaS
Mobile Apps
Open Source Adoption
SOA
Cloud Adoption and Automation
Federated Identity
Social Networking
Mobile BYOD
Big Data and Analytics
Complete Enterprise Middleware
ONLY company to ever build a complete middleware stack on-premises, in the cloud and on mobile devices.
SINGLE codebase for all products!
✓ Integration ✓ API Mgt ✓ Shadow IT ✓ App and Device Mgt ✓ Identity and Access Mgt ✓ Enterprise Scale and Quality
o Transport Security: provide the appropriate level of identification, privacy, and integrity to network communication.
❖ Storage Security: provide the appropriate level of protection to persistent data held on the device or within the system.
❖ Software Platform Security and Implementation: select and implement platforms and supporting technologies that provide a robust and layered environment upon which to build the solution easily and quickly.
❖ Functionality Security and Implementation: implement functionality using a technology stack and tools which enable it to be done so in a secure fashion.
❖ Logging, Auditability, and Forensics Enablement: concrete sources of logs from low- level and high-level software components which facilitate investigation of misuse.
❖ Sustainability and Upgradeability: features which facilitate the ability to securely upgrade devices when vulnerabilities are discovered after release.
❖ Hardware Platform Security: ensuring the hardware platform provides the required security features.
❖ Managing and Monitoring: ensuring that IoT devices can be securely managed and monitored.