Manage Your Mesh Securing Public Cloud IoT APIs, and Building Private Mesh Trust Domains and Enclaves of Privacy to Integrate a Mesh of “Things” with Integrity & Availability
APIs are for any “Thing” and they don’t always belong on the Internet IoT Mesh
Wiring Things to Arduinos D1: 2.6 Volt RED LED & 330 Ohm Resistor A0: 3V Volt Motor & 330 Ohm Resistor
Tinkering With Things Turn on Buzzer Turn on Motor
Programming Things – Protect the Flash API
The First Step to Managing your Mesh is with an API Gateway Gateway Security Authentication Protection IAM Integration Encryption Mediation Quality of Service Paging/Caching Orchestration Scripting Public IoT Mesh Private Mesh ProTip: Customer Premise Equipment such as a WiFi Router or Cablebox should filter API traffic with an embedded gateway
Logical Mesh Management Architecture Private Mesh mynet/status or Public IoT Mesh
Use Gateways in the Cloud & Privately Private Mesh “Badge Readers” Private Mesh “Department X” Public Mesh
Public, Private, Hybrid
API Policy Configuration Templates Operational Policies oAPI Consumer Application Security Policy oAPI DDoS & Malicious Code Protection oAggregate Policy oAuthentication Policy oAuthorization Policy oICAP Antivirus Integration Policy oCache Policy oHTTP Security Policy oOAuth Security Policy oPaging Policy oPipeline Policy oWS-Security Asymmetric Binding Policy oWS-Security Message Policy oWS-Security Supporting Tokens Policy oWS-Security Symmetric Binding Policy oWS-Security Transport Binding Policy oWS-Addressing Policy oWS-Auditing SOAP Message Policy oWS-Auditing SOAP Service Policy oWS-Auditing Service Policy oWS-Auditing Transaction Tracking Policy oXML Policy Quality Of Service Policies oBandwidth Quota Policy oConcurrency Quota Policy oScript Policy oService Level Enforcement Policy oService Level Policy oThroughput Quota Policy oTimeout Policy Compliance Policies oAggregate oScript oWSI BP oXQuery
Design Complex Process Orchestrations Execute JavaScript on the API Gateway to Modify Request and Response Data and to invoke APIs with Branching conditions for Content Based Routing and API Response Aggregation
Monitor the Mesh
Manage Mobile App Access To Your Mesh with a Developer Portal A social developer engagement platform Integrated API documentation App access provisioning and monitoring Integrated discussion and newsfeeds Trouble ticket management Search with full content indexing API and App privacy and group management – essential for B2B and partner APIs Federation to enable new business models
Multisite Meshes Internet Zero Trust (I0T) Architecture IoT Mesh
Demo / Q&A
Restrict IoT API Operations with Scope Mappings
Manage Acceptance of API Legal Agreements
Quickly Test API OAuth Client App Integration
Verify Public Scope Tokens Cannot Access Private Scoped Operations
Enforce SLAs to Throttle Requests Per Minute
Manage IoT API Documentation with Swagger
Generate Self-Service IoT API Usage Reports
View Alerts and Participate in Discussion Boards