Device to Cloud, Hands-On. Part 3: Safer Commands via a Cloud Gateway

Sign in to queue

Description

In this third episode of my cloud-to-device series, I'm talking in some more detail about why it is a questionable and sometime outright dangerous strategy to let small devices actively listen on a network and, through that, open itself up to unsolicited traffic it needs to triage and secure.

As a counterproposal I'm showing a very simple model for how to create a much safer way (even if not yet truly secure, we'll get to the in future episodes) of exposing a device to public network consumers - through use of a cloud based gateway that acts on behalf of the device and does a lot of the heavy lifting in terms of protocol implementation but also for defense against unwanted traffic.

The code for this episode can be found here: https://github.com/clemensv/D2C-Ep3-LedBlinker

[Part 1] [Part 2] [Part 4] [Part 5]

Tags:

Arduino , IoT

Embed

Download

The Discussion

  • User profile image
    ppatierno

    Are the slides available on the Web ? For all three parts until now.

    Paolo.

  • User profile image
    DaveSn

    I hope it won't be too long before you cover device id verification.
    For example, how do you prevent someone from claiming to the cloud service that they are one of your devices?
    How do you in a scalable and securely fashion, only allow registered users from accessing your device?
    How do you recommend those users gain authenticated access to their own devices?

  • User profile image
    Clemens​Vasters

    I'll get there in one of the next few episodes, Dave. The security intro will likely be a whiteboard session since there'll be a lot of basic to cover.

  • User profile image
    Navneet

    Hi Clemens,

    Today Arduino Yun was released. i believe it will result into revolution in internet of things due to onboard Wifi and full Linux OS.
    Do you know if there are any plans to make Azure Mobile Service APIs available for it? They already seem to various APIS for various social networks and web stacks.
    Are you planning to cover Yun in this series?

    Thanks,
    Navneet (MSFT)

  • User profile image
    adeleke khalid akinkunmi

    dear sir ,i kindly respect your company site view nice to help me permission for me to control my website .order out of device in public.

  • User profile image
    Terry

    Clemens,
    Thanks for these posts. To persist information about your things ("Thngs"), Evrythng.com has a nice, free API. I've started a .NET wrapper for it here: https://github.com/tyoder/Evrythng.Net. I see your use of an Azure cloud gateway + Evrythng as a pretty decent starting point for posting and getting state of your things.

    Terry

Comments closed

Comments have been closed since this content was published more than 30 days ago, but if you'd like to send us feedback you can Contact Us.