SlideShare uma empresa Scribd logo

Browser-based Secure Remote Access for the Internet of Things

Günter Obiltschnig
Günter Obiltschnig

Secure remote access to the built-in web server of a device is one of the fundamental building blocks for the Internet of Things. my-devices.net enables easy and secure remote access, even if the device is located behind a NAT router or a firewall and does not have a public IP address.

Internet
1 de 30
Baixar para ler offline
Secure cloud-enabled remote access to IoT devices via web browser, SSH or TCP-based network protocols. my-devices.net
Executive Summary > Remotely manage and monitor your IoT devices securely using a device’s built-in web server, command-line shell (SSH) or other TCP-based protocols. > Securely connect mobile apps to your devices using REST APIs. > Allow your customers to access their devices from anywhere. > Assist your customers setting up or troubleshooting their devices. > Secure your devices against unauthorized access or attacks from the internet. > Don’t worry about firewalls, NAT, proxy servers or mobile routers preventing access to your device. > Avoid insecure port forwarding/dynamic DNS or complex VPNs. > Host on public or private cloud.
Web-based user interfaces are state-of-the-art 
 in network-based embedded systems for 
 configuration, control and monitoring. Thanks to advanced web browsers (even on mobile devices), JavaScript and Ajax technologies, modern web-based user interfaces are powerful, visually attractive and easy to use.
Web-based user interfaces work great … ! … if device and web browser are in the same local network ! … or if the device is exposed to the Internet (a bad idea)
But what if… > the user wants to access a device when away from home? > the device is at a hard to reach remote location? > support staff needs to access the device for trouble shooting?
What about Port Forwarding and Dynamic DNS? > it’s simple and widely supported by internet routers > it allows access to any TCP or UDP-based network service provided by the device (if properly forwarded)
But … > NAT router configuration for port forwarding can be complex, especially if multiple devices must be accessible (every device needs a unique public port number) > a Dynamic DNS service is needed if the NAT router does not have a static public IP address > the device is directly exposed to the internet – very high risk and danger of denial-of-service or other attacks and thus a very bad idea
 (be prepared to find your device on Shodan)
What about VPNs? > the device is directly integrated into a remote network using a secure tunnel through the internet > secure, encrypted connection > proven, standardized and widely available technology
But… > VPNs may be blocked by network provider > necessary network and VPN server infrastructure is difficult to setup and to maintain, especially if lots of devices must be integrated > all clients must have access to VPN in order to access the devices (difficult with a large number of users in consumer markets, e.g. home automation) > additional measures must be taken to isolate devices in the VPN from one another and to prevent users from accessing devices they should not access
A Solution: my-devices.net > uses secure (TLS) WebSocket-based tunneling, initiated by device
 (NAT router, proxy and firewall friendly) > reflector server connects device and client > easy to integrate into a device (especially if Linux based):
 single executable plus configuration file, or library for direct integration into an application > works with any web server > can securely forward almost any TCP-based protocol, including SSH
! SDK DEVICE API REST HTTPS (REST API) HTTPS (Web Page) WebTunnel my-devices.net Reflector Server HTTP SSH etc. How my-devices.net works Browser Mobile App
The my-devices.net Reflector Server > connect clients and devices by transparently forwarding TCP socket connections from client to device > contains a web server and acts as a quasi transparent HTTP proxy > performs user and device authentication > provides a web user interface for managing devices > provides a REST interface for easy integration with other applications > uses wildcard DNS entries to address devices – each device gets its own unique hostname and bookmark-able URL
Tour
Account/Current User Clicking the Account icon or user name takes you to the Account page.
Filter Controls The filter controls allow you to display devices matching given keywords or tags. You can also switch between online, offline or all devices.
Device Name and Description The first column displays the device name and description. Clicking on the device name opens the device website. Clicking on the description opens the properties page for this device. Hovering over the device name or description displays a tooltip showing the device’s unique ID and its domain (the user group it belongs to).
Online/Offline Status This column shows whether the device is currently connected to the reflector server (= online) or not (= offline). If the browser supports WebSockets, this will be updated dynamically as soon as the status changes.
IP Address The externally visible IP address of the device. In most cases this is the address of the NAT router the device uses to connect to the internet.
Properties and Delete Buttons Clicking the Properties button opens the properties page of the device. Clicking the delete button (only shown for offline devices) allows you to delete the device.
Now let’s open a device website.
https://b170daab-c7cd-4412-9f55-0004f303c68d.my-devices.net/ Each device gets its unique host name (based on its unique ID) and bookmark-able URL.
my-devices.net can be used for: > remote access to IoT gateways, data loggers and monitoring devices, e.g. in renewable energy (photovoltaics and wind energy plants), environmental monitoring, traffic and transport, etc. > smart metering (remote access to smart power meters or smart metering gateways) > remote access to mobile devices for data acquisition, tracking, fleet management, etc. > remote maintenance and servicing of consumer electronics, home/building automation and HVAC devices > remote maintenance and servicing of machines and industrial equipment > remote access to IP network cameras and DVRs > remote access to security and access control systems
To get started with my-devices.net: > visit http://www.my-devices.net for more information > read the white paper at 
 http://www.my-devices.net/download/whitepaper/my-devices.net_WhitePaper.pdf > register for a free account and connect up to five of your own devices at
 http://www.my-devices.net/getstarted.html
Applied Informatics Solutions Portfolio
For more information, please visit: ! http://www.my-devices.net http://www.appinf.com Copyright © 2014-2015 by Applied Informatics Software Engineering GmbH. All rights reserved. Applied Informatics Software Engineering GmbH Maria Elend 143 9182 Maria Elend Austria 
 +43 4253 32596 | info@appinf.com

Recomendados

Programming IoT Gateways in JavaScript with macchina.io
Programming IoT Gateways in JavaScript with macchina.ioProgramming IoT Gateways in JavaScript with macchina.io
Programming IoT Gateways in JavaScript with macchina.io
Günter Obiltschnig
 
Programming IoT Gateways with macchina.io
Programming IoT Gateways with macchina.ioProgramming IoT Gateways with macchina.io
Programming IoT Gateways with macchina.io
Günter Obiltschnig
 
Cosmos, Big Data GE Implementation
Cosmos, Big Data GE ImplementationCosmos, Big Data GE Implementation
Cosmos, Big Data GE Implementation
FIWARE
 
Building Your Own IoT Platform using FIWARE GEis
Building Your Own IoT Platform using FIWARE GEisBuilding Your Own IoT Platform using FIWARE GEis
Building Your Own IoT Platform using FIWARE GEis
FIWARE
 
201410 2 fiware-orion-contextbroker
201410 2 fiware-orion-contextbroker201410 2 fiware-orion-contextbroker
201410 2 fiware-orion-contextbroker
FIWARE
 
Whats new in iOS5
Whats new in iOS5Whats new in iOS5
Whats new in iOS5
Paul Ardeleanu
 
iOS Keychain 介紹
iOS Keychain 介紹iOS Keychain 介紹
iOS Keychain 介紹
ShengWen Chiou
 
Security and performance designs for client-server communications
Security and performance designs for client-server communicationsSecurity and performance designs for client-server communications
Security and performance designs for client-server communications
WO Community
 

Recomendados

Programming IoT Gateways in JavaScript with macchina.io
Programming IoT Gateways in JavaScript with macchina.ioProgramming IoT Gateways in JavaScript with macchina.io
Programming IoT Gateways in JavaScript with macchina.io
Günter Obiltschnig
 
Programming IoT Gateways with macchina.io
Programming IoT Gateways with macchina.ioProgramming IoT Gateways with macchina.io
Programming IoT Gateways with macchina.io
Günter Obiltschnig
 
Cosmos, Big Data GE Implementation
Cosmos, Big Data GE ImplementationCosmos, Big Data GE Implementation
Cosmos, Big Data GE Implementation
FIWARE
 
Building Your Own IoT Platform using FIWARE GEis
Building Your Own IoT Platform using FIWARE GEisBuilding Your Own IoT Platform using FIWARE GEis
Building Your Own IoT Platform using FIWARE GEis
FIWARE
 
201410 2 fiware-orion-contextbroker
201410 2 fiware-orion-contextbroker201410 2 fiware-orion-contextbroker
201410 2 fiware-orion-contextbroker
FIWARE
 
Whats new in iOS5
Whats new in iOS5Whats new in iOS5
Whats new in iOS5
Paul Ardeleanu
 
iOS Keychain 介紹
iOS Keychain 介紹iOS Keychain 介紹
iOS Keychain 介紹
ShengWen Chiou
 
Security and performance designs for client-server communications
Security and performance designs for client-server communicationsSecurity and performance designs for client-server communications
Security and performance designs for client-server communications
WO Community
 
Beginning icloud development - Cesare Rocchi - WhyMCA
Beginning icloud development - Cesare Rocchi - WhyMCABeginning icloud development - Cesare Rocchi - WhyMCA
Beginning icloud development - Cesare Rocchi - WhyMCA
Whymca
 
Laporan multi client
Laporan multi clientLaporan multi client
Laporan multi client
ichsanbarokah
 
Architecting Secure and Compliant Applications with MongoDB
Architecting Secure and Compliant Applications with MongoDB Architecting Secure and Compliant Applications with MongoDB
Architecting Secure and Compliant Applications with MongoDB
MongoDB
 
Arduino、Web 到 IoT
Arduino、Web 到 IoTArduino、Web 到 IoT
Arduino、Web 到 IoT
Justin Lin
 
Do you know what your drupal is doing? Observe it!
Do you know what your drupal is doing? Observe it!Do you know what your drupal is doing? Observe it!
Do you know what your drupal is doing? Observe it!
Luca Lusso
 
Cnam azure 2014 mobile services
Cnam azure 2014 mobile servicesCnam azure 2014 mobile services
Cnam azure 2014 mobile services
Aymeric Weinbach
 
Generating cross platform .NET based azure IoTdevice
Generating cross platform .NET based azure IoTdeviceGenerating cross platform .NET based azure IoTdevice
Generating cross platform .NET based azure IoTdevice
Alon Fliess
 
Taking advantage of the Amazon Web Services (AWS) Family
Taking advantage of the Amazon Web Services (AWS) FamilyTaking advantage of the Amazon Web Services (AWS) Family
Taking advantage of the Amazon Web Services (AWS) Family
Ben Hall
 
Hack ASP.NET website
Hack ASP.NET websiteHack ASP.NET website
Hack ASP.NET website
Positive Hack Days
 
Fun Teaching MongoDB New Tricks
Fun Teaching MongoDB New TricksFun Teaching MongoDB New Tricks
Fun Teaching MongoDB New Tricks
MongoDB
 
A.java
A.javaA.java
A.java
JahnaviBhagat
 
Cassandra summit 2013 - DataStax Java Driver Unleashed!
Cassandra summit 2013 - DataStax Java Driver Unleashed!Cassandra summit 2013 - DataStax Java Driver Unleashed!
Cassandra summit 2013 - DataStax Java Driver Unleashed!
Michaël Figuière
 
Networking and Data Access with Eqela
Networking and Data Access with EqelaNetworking and Data Access with Eqela
Networking and Data Access with Eqela
jobandesther
 
Local Authentication par Pierre-Alban Toth
Local Authentication par Pierre-Alban TothLocal Authentication par Pierre-Alban Toth
Local Authentication par Pierre-Alban Toth
CocoaHeads France
 
"Auth for React.js APP", Nikita Galkin
"Auth for React.js APP", Nikita Galkin"Auth for React.js APP", Nikita Galkin
"Auth for React.js APP", Nikita Galkin
Fwdays
 
Jsp/Servlet
Jsp/ServletJsp/Servlet
Jsp/Servlet
Sunil OS
 
dotSwift - From Problem to Solution
dotSwift - From Problem to SolutiondotSwift - From Problem to Solution
dotSwift - From Problem to Solution
soroushkhanlou
 
DEF CON 27 - ALVARO MUNOZ / OLEKSANDR MIROSH - sso wars the token menace
DEF CON 27 - ALVARO MUNOZ / OLEKSANDR MIROSH - sso wars the token menaceDEF CON 27 - ALVARO MUNOZ / OLEKSANDR MIROSH - sso wars the token menace
DEF CON 27 - ALVARO MUNOZ / OLEKSANDR MIROSH - sso wars the token menace
Felipe Prado
 
Introduction to Nodejs
Introduction to NodejsIntroduction to Nodejs
Introduction to Nodejs
Gabriele Lana
 
Build resource server & client for OCF Cloud (2018.8.30)
Build resource server & client for OCF Cloud (2018.8.30)Build resource server & client for OCF Cloud (2018.8.30)
Build resource server & client for OCF Cloud (2018.8.30)
남균 김
 
Virtual Private Network (VPN).
Virtual Private Network (VPN).Virtual Private Network (VPN).
Virtual Private Network (VPN).
Debasis Chowdhury
 
Security and identity management on WebRTC
Security and identity management on WebRTCSecurity and identity management on WebRTC
Security and identity management on WebRTC
Quobis
 

Mais conteúdo relacionado

Mais procurados

Beginning icloud development - Cesare Rocchi - WhyMCA
Beginning icloud development - Cesare Rocchi - WhyMCABeginning icloud development - Cesare Rocchi - WhyMCA
Beginning icloud development - Cesare Rocchi - WhyMCA
Whymca
 
Laporan multi client
Laporan multi clientLaporan multi client
Laporan multi client
ichsanbarokah
 
Do you know what your drupal is doing? Observe it!
Do you know what your drupal is doing? Observe it!Do you know what your drupal is doing? Observe it!
Do you know what your drupal is doing? Observe it!
Luca Lusso
 
Fun Teaching MongoDB New Tricks
Fun Teaching MongoDB New TricksFun Teaching MongoDB New Tricks
Fun Teaching MongoDB New Tricks
MongoDB
 
Cassandra summit 2013 - DataStax Java Driver Unleashed!
Cassandra summit 2013 - DataStax Java Driver Unleashed!Cassandra summit 2013 - DataStax Java Driver Unleashed!
Cassandra summit 2013 - DataStax Java Driver Unleashed!
Michaël Figuière
 
Networking and Data Access with Eqela
Networking and Data Access with EqelaNetworking and Data Access with Eqela
Networking and Data Access with Eqela
jobandesther
 

Mais procurados (20)

Beginning icloud development - Cesare Rocchi - WhyMCA
Beginning icloud development - Cesare Rocchi - WhyMCABeginning icloud development - Cesare Rocchi - WhyMCA
Beginning icloud development - Cesare Rocchi - WhyMCA
 
Laporan multi client
Laporan multi clientLaporan multi client
Laporan multi client
 
Architecting Secure and Compliant Applications with MongoDB
Architecting Secure and Compliant Applications with MongoDB Architecting Secure and Compliant Applications with MongoDB
Architecting Secure and Compliant Applications with MongoDB
 
Arduino、Web 到 IoT
Arduino、Web 到 IoTArduino、Web 到 IoT
Arduino、Web 到 IoT
 
Do you know what your drupal is doing? Observe it!
Do you know what your drupal is doing? Observe it!Do you know what your drupal is doing? Observe it!
Do you know what your drupal is doing? Observe it!
 
Cnam azure 2014 mobile services
Cnam azure 2014 mobile servicesCnam azure 2014 mobile services
Cnam azure 2014 mobile services
 
Generating cross platform .NET based azure IoTdevice
Generating cross platform .NET based azure IoTdeviceGenerating cross platform .NET based azure IoTdevice
Generating cross platform .NET based azure IoTdevice
 
Taking advantage of the Amazon Web Services (AWS) Family
Taking advantage of the Amazon Web Services (AWS) FamilyTaking advantage of the Amazon Web Services (AWS) Family
Taking advantage of the Amazon Web Services (AWS) Family
 
Hack ASP.NET website
Hack ASP.NET websiteHack ASP.NET website
Hack ASP.NET website
 
Fun Teaching MongoDB New Tricks
Fun Teaching MongoDB New TricksFun Teaching MongoDB New Tricks
Fun Teaching MongoDB New Tricks
 
A.java
A.javaA.java
A.java
 
Cassandra summit 2013 - DataStax Java Driver Unleashed!
Cassandra summit 2013 - DataStax Java Driver Unleashed!Cassandra summit 2013 - DataStax Java Driver Unleashed!
Cassandra summit 2013 - DataStax Java Driver Unleashed!
 
Networking and Data Access with Eqela
Networking and Data Access with EqelaNetworking and Data Access with Eqela
Networking and Data Access with Eqela
 
Local Authentication par Pierre-Alban Toth
Local Authentication par Pierre-Alban TothLocal Authentication par Pierre-Alban Toth
Local Authentication par Pierre-Alban Toth
 
"Auth for React.js APP", Nikita Galkin
"Auth for React.js APP", Nikita Galkin"Auth for React.js APP", Nikita Galkin
"Auth for React.js APP", Nikita Galkin
 
Jsp/Servlet
Jsp/ServletJsp/Servlet
Jsp/Servlet
 
dotSwift - From Problem to Solution
dotSwift - From Problem to SolutiondotSwift - From Problem to Solution
dotSwift - From Problem to Solution
 
DEF CON 27 - ALVARO MUNOZ / OLEKSANDR MIROSH - sso wars the token menace
DEF CON 27 - ALVARO MUNOZ / OLEKSANDR MIROSH - sso wars the token menaceDEF CON 27 - ALVARO MUNOZ / OLEKSANDR MIROSH - sso wars the token menace
DEF CON 27 - ALVARO MUNOZ / OLEKSANDR MIROSH - sso wars the token menace
 
Introduction to Nodejs
Introduction to NodejsIntroduction to Nodejs
Introduction to Nodejs
 
Build resource server & client for OCF Cloud (2018.8.30)
Build resource server & client for OCF Cloud (2018.8.30)Build resource server & client for OCF Cloud (2018.8.30)
Build resource server & client for OCF Cloud (2018.8.30)
 

Semelhante a Browser-based Secure Remote Access for the Internet of Things

Virtual Private Network (VPN).
Virtual Private Network (VPN).Virtual Private Network (VPN).
Virtual Private Network (VPN).
Debasis Chowdhury
 
Introduction of firewall slides
Introduction of firewall slidesIntroduction of firewall slides
Introduction of firewall slides
rahul kundu
 
Comparative analysis of traditional scada systems and io t implemented scada
Comparative analysis of traditional scada systems and io t implemented scadaComparative analysis of traditional scada systems and io t implemented scada
Comparative analysis of traditional scada systems and io t implemented scada
IJARIIT
 
EMBEDDED WEB SERVER
EMBEDDED WEB SERVEREMBEDDED WEB SERVER
EMBEDDED WEB SERVER
kavya Reddy
 

Semelhante a Browser-based Secure Remote Access for the Internet of Things (20)

Virtual Private Network (VPN).
Virtual Private Network (VPN).Virtual Private Network (VPN).
Virtual Private Network (VPN).
 
Security and identity management on WebRTC
Security and identity management on WebRTCSecurity and identity management on WebRTC
Security and identity management on WebRTC
 
WebRTC Security
WebRTC SecurityWebRTC Security
WebRTC Security
 
Networking devices
Networking devicesNetworking devices
Networking devices
 
CentralizedSerialWP
CentralizedSerialWPCentralizedSerialWP
CentralizedSerialWP
 
VOIP2DAY 2015: "WebRTC security concerns, a real problem?"
VOIP2DAY 2015: "WebRTC security concerns, a real problem?"VOIP2DAY 2015: "WebRTC security concerns, a real problem?"
VOIP2DAY 2015: "WebRTC security concerns, a real problem?"
 
WebRTC Security Concerns, a real problem?
WebRTC Security Concerns, a real problem?WebRTC Security Concerns, a real problem?
WebRTC Security Concerns, a real problem?
 
Web Technology
Web TechnologyWeb Technology
Web Technology
 
Web Technology
Web TechnologyWeb Technology
Web Technology
 
Web Technology
Web TechnologyWeb Technology
Web Technology
 
Network security
Network securityNetwork security
Network security
 
Ecommerce final ppt
Ecommerce final pptEcommerce final ppt
Ecommerce final ppt
 
Introduction of firewall slides
Introduction of firewall slidesIntroduction of firewall slides
Introduction of firewall slides
 
Mobile Devices & BYOD Security – Deployment & Best Practices
Mobile Devices & BYOD Security – Deployment & Best PracticesMobile Devices & BYOD Security – Deployment & Best Practices
Mobile Devices & BYOD Security – Deployment & Best Practices
 
Comparative analysis of traditional scada systems and io t implemented scada
Comparative analysis of traditional scada systems and io t implemented scadaComparative analysis of traditional scada systems and io t implemented scada
Comparative analysis of traditional scada systems and io t implemented scada
 
REMOVABLE STORAGE CENTRALIZED CONTROL FOR WINDOWS LAN, WAN, OR WORKGROUP
REMOVABLE STORAGE CENTRALIZED CONTROL FOR WINDOWS LAN, WAN, OR WORKGROUPREMOVABLE STORAGE CENTRALIZED CONTROL FOR WINDOWS LAN, WAN, OR WORKGROUP
REMOVABLE STORAGE CENTRALIZED CONTROL FOR WINDOWS LAN, WAN, OR WORKGROUP
 
REMOVABLE STORAGE CENTRALIZED CONTROL FOR WINDOWS LAN, WAN, OR WORKGROUP
REMOVABLE STORAGE CENTRALIZED CONTROL FOR WINDOWS LAN, WAN, OR WORKGROUPREMOVABLE STORAGE CENTRALIZED CONTROL FOR WINDOWS LAN, WAN, OR WORKGROUP
REMOVABLE STORAGE CENTRALIZED CONTROL FOR WINDOWS LAN, WAN, OR WORKGROUP
 
EMBEDDED WEB SERVER
EMBEDDED WEB SERVEREMBEDDED WEB SERVER
EMBEDDED WEB SERVER
 
Final ppt ecommerce
Final ppt ecommerceFinal ppt ecommerce
Final ppt ecommerce
 
Virtual private network
Virtual private networkVirtual private network
Virtual private network
 

Último

一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
ayvbos
 
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
gajnagarg
 
PowerDirector Explination Process...pptx
PowerDirector Explination Process...pptxPowerDirector Explination Process...pptx
PowerDirector Explination Process...pptx
galaxypingy
 
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girlsRussian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
Monica Sydney
 
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
EleniIlkou
 
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
ydyuyu
 
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
ydyuyu
 

Último (20)

"Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency""Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency"
 
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
 
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
 
Nagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime Nagercoil
Nagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime NagercoilNagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime Nagercoil
Nagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime Nagercoil
 
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
 
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrStory Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
 
Trump Diapers Over Dems t shirts Sweatshirt
Trump Diapers Over Dems t shirts SweatshirtTrump Diapers Over Dems t shirts Sweatshirt
Trump Diapers Over Dems t shirts Sweatshirt
 
Vip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac Room
Vip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac RoomVip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac Room
Vip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac Room
 
Best SEO Services Company in Dallas | Best SEO Agency Dallas
Best SEO Services Company in Dallas | Best SEO Agency DallasBest SEO Services Company in Dallas | Best SEO Agency Dallas
Best SEO Services Company in Dallas | Best SEO Agency Dallas
 
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
 
20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdf20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdf
 
PowerDirector Explination Process...pptx
PowerDirector Explination Process...pptxPowerDirector Explination Process...pptx
PowerDirector Explination Process...pptx
 
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
 
Meaning of On page SEO & its process in detail.
Meaning of On page SEO & its process in detail.Meaning of On page SEO & its process in detail.
Meaning of On page SEO & its process in detail.
 
Power point inglese - educazione civica di Nuria Iuzzolino
Power point inglese - educazione civica di Nuria IuzzolinoPower point inglese - educazione civica di Nuria Iuzzolino
Power point inglese - educazione civica di Nuria Iuzzolino
 
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girlsRussian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
 
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
 
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
 
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...
 
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
 

Browser-based Secure Remote Access for the Internet of Things

  • 1. Secure cloud-enabled remote access to IoT devices via web browser, SSH or TCP-based network protocols. my-devices.net
  • 2. Executive Summary > Remotely manage and monitor your IoT devices securely using a device’s built-in web server, command-line shell (SSH) or other TCP-based protocols. > Securely connect mobile apps to your devices using REST APIs. > Allow your customers to access their devices from anywhere. > Assist your customers setting up or troubleshooting their devices. > Secure your devices against unauthorized access or attacks from the internet. > Don’t worry about firewalls, NAT, proxy servers or mobile routers preventing access to your device. > Avoid insecure port forwarding/dynamic DNS or complex VPNs. > Host on public or private cloud.
  • 3. Web-based user interfaces are state-of-the-art 
 in network-based embedded systems for 
 configuration, control and monitoring. Thanks to advanced web browsers (even on mobile devices), JavaScript and Ajax technologies, modern web-based user interfaces are powerful, visually attractive and easy to use.
  • 4. Web-based user interfaces work great … ! … if device and web browser are in the same local network ! … or if the device is exposed to the Internet (a bad idea)
  • 5. But what if… > the user wants to access a device when away from home? > the device is at a hard to reach remote location? > support staff needs to access the device for trouble shooting?
  • 6. What about Port Forwarding and Dynamic DNS? > it’s simple and widely supported by internet routers > it allows access to any TCP or UDP-based network service provided by the device (if properly forwarded)
  • 7. But … > NAT router configuration for port forwarding can be complex, especially if multiple devices must be accessible (every device needs a unique public port number) > a Dynamic DNS service is needed if the NAT router does not have a static public IP address > the device is directly exposed to the internet – very high risk and danger of denial-of-service or other attacks and thus a very bad idea
 (be prepared to find your device on Shodan)
  • 8.
  • 9.
  • 10. What about VPNs? > the device is directly integrated into a remote network using a secure tunnel through the internet > secure, encrypted connection > proven, standardized and widely available technology
  • 11. But… > VPNs may be blocked by network provider > necessary network and VPN server infrastructure is difficult to setup and to maintain, especially if lots of devices must be integrated > all clients must have access to VPN in order to access the devices (difficult with a large number of users in consumer markets, e.g. home automation) > additional measures must be taken to isolate devices in the VPN from one another and to prevent users from accessing devices they should not access
  • 12. A Solution: my-devices.net > uses secure (TLS) WebSocket-based tunneling, initiated by device
 (NAT router, proxy and firewall friendly) > reflector server connects device and client > easy to integrate into a device (especially if Linux based):
 single executable plus configuration file, or library for direct integration into an application > works with any web server > can securely forward almost any TCP-based protocol, including SSH
  • 13. ! SDK DEVICE API REST HTTPS (REST API) HTTPS (Web Page) WebTunnel my-devices.net Reflector Server HTTP SSH etc. How my-devices.net works Browser Mobile App
  • 14. The my-devices.net Reflector Server > connect clients and devices by transparently forwarding TCP socket connections from client to device > contains a web server and acts as a quasi transparent HTTP proxy > performs user and device authentication > provides a web user interface for managing devices > provides a REST interface for easy integration with other applications > uses wildcard DNS entries to address devices – each device gets its own unique hostname and bookmark-able URL
  • 15. Tour
  • 16.
  • 17.
  • 18. Account/Current User Clicking the Account icon or user name takes you to the Account page.
  • 19. Filter Controls The filter controls allow you to display devices matching given keywords or tags. You can also switch between online, offline or all devices.
  • 20. Device Name and Description The first column displays the device name and description. Clicking on the device name opens the device website. Clicking on the description opens the properties page for this device. Hovering over the device name or description displays a tooltip showing the device’s unique ID and its domain (the user group it belongs to).
  • 21. Online/Offline Status This column shows whether the device is currently connected to the reflector server (= online) or not (= offline). If the browser supports WebSockets, this will be updated dynamically as soon as the status changes.
  • 22. IP Address The externally visible IP address of the device. In most cases this is the address of the NAT router the device uses to connect to the internet.
  • 23. Properties and Delete Buttons Clicking the Properties button opens the properties page of the device. Clicking the delete button (only shown for offline devices) allows you to delete the device.
  • 24. Now let’s open a device website.
  • 25.
  • 26. https://b170daab-c7cd-4412-9f55-0004f303c68d.my-devices.net/ Each device gets its unique host name (based on its unique ID) and bookmark-able URL.
  • 27. my-devices.net can be used for: > remote access to IoT gateways, data loggers and monitoring devices, e.g. in renewable energy (photovoltaics and wind energy plants), environmental monitoring, traffic and transport, etc. > smart metering (remote access to smart power meters or smart metering gateways) > remote access to mobile devices for data acquisition, tracking, fleet management, etc. > remote maintenance and servicing of consumer electronics, home/building automation and HVAC devices > remote maintenance and servicing of machines and industrial equipment > remote access to IP network cameras and DVRs > remote access to security and access control systems
  • 28. To get started with my-devices.net: > visit http://www.my-devices.net for more information > read the white paper at 
 http://www.my-devices.net/download/whitepaper/my-devices.net_WhitePaper.pdf > register for a free account and connect up to five of your own devices at
 http://www.my-devices.net/getstarted.html
  • 30. For more information, please visit: ! http://www.my-devices.net http://www.appinf.com Copyright © 2014-2015 by Applied Informatics Software Engineering GmbH. All rights reserved. Applied Informatics Software Engineering GmbH Maria Elend 143 9182 Maria Elend Austria 
 +43 4253 32596 | info@appinf.com