Confidential 2010-02-241 Confidential Rev PA11 Access to local device functionality through REST APIs Johan Apelqvist Research Manager R&T Advanced Concepts.

Slides:

Advertisements

Similar presentations

Drybridge Consulting Party Identification Directory Installing the Microsoft Research Service IDEAlliance and Drybridge Consulting – collaborating to deliver.

Advertisements

EVERY CONNECTION has a starting point. EVERY CONNECTION has a starting point. WorldCat Navigator - Authentication Library Hosted Navigator EZproxy and.

Enabling Secure Internet Access with ISA Server

1 The phone in the cloud Utilizing resources hosted anywhere Claes Nilsson.

Service Manager for MSPs

Microsoft Office SharePoint Portal Server 2007 Introduction to InfoPath Forms Services Daryl L. Rudolph.

WP 2 Usability Attributes Affected by Software Architecture Deliverable D2 – Usability Patterns Presenter: Robert Chatley - ICSTM.

Copyright © 2012 Certification Partners, LLC -- All Rights Reserved Lesson 4: Web Browsing.

Extending ForeFront beyond the limit TMGUAG ISAIAG AG Security Suite.

1 Configuring Internet- related services (April 22, 2015) © Abdou Illia, Spring 2015.

Lesson 4: Web Browsing.

DT211/3 Internet Application Development Active Server Pages & IIS Web server.

Fine Granularity Policy Based Device Access Security Claes Nilsson - Sony Ericsson

Web Privacy Topics Andy Zeigler Senior Program Manager, Internet Explorer Microsoft.

InfoPath Foundations Peter Williams, Ibitec AB. Agenda What are Forms? Form Scenarios Fundamentals Enter InfoPath Alternatives Use Forms InfoPath Enterprise.

1 of 7 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2007 Microsoft Corporation.

4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.

Browser and Basics Tutorial 1. Learn about Web browser software and Web pages The Web is a collection of files that reside on computers, called.

CGI Programming: Part 1. What is CGI? CGI = Common Gateway Interface Provides a standardized way for web browsers to: –Call programs on a server. –Pass.

Blogs & feeds Jim des Rivieres Oct. 16, Grappling with question of how to present Jazz/OSLC data resources “Pure” data resources are presentation-

FileSecure Implementation Training Patch Management Version 1.1.

Edwin Sarmiento Microsoft MVP – Windows Server System Senior Systems Engineer/Database Administrator Fujitsu Asia Pte Ltd

Windows.Net Programming Series Preview. Course Schedule CourseDate Microsoft.Net Fundamentals 01/13/2014 Microsoft Windows/Web Fundamentals 01/20/2014.

For more notes and topics visit:

Electronically approve and create Suppliers in Oracle Financials using a combination of APEX and Oracle Workflow. NZOUG Conference 2010 Brad Sayer Team.

CS378 - Mobile Computing Web - WebView and Web Services.

Configuration Management and Server Administration Mohan Bang Endeca Server.

Server-side Scripting Powering the webs favourite services.

MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter Four Configuring Outlook and Outlook Web Access.

Internet Basics Dr. Norm Friesen June 22, Questions What is the Internet? What is the Web? How are they different? How do they work? How do they.

Implementing ISA Server Publishing. Introduction What Are Web Publishing Rules? ISA Server uses Web publishing rules to make Web sites on protected networks.

Riva – Sync SalesLogix and SageCRM to Exchange Reliable contact, calendar, task and integration – no plug-ins required Trevor Poapst VP Marketing.

RECALL THE MAIN COMPONENTS OF KIM Functional User Interfaces We just looked at these Reference Implementation We will talk about these later Service Interface.

USCGrid A (Very Quick) Introduction To PubCookie

Key Management with the Voltage Data Protection Server Luther Martin IEEE P May 7, 2007.

Secure Credential Manager Claes Nilsson - Sony Ericsson

NMED 3850 A Advanced Online Design January 12, 2010 V. Mahadevan.

Phone: Mega AS Consulting Ltd © 2007  CAT – the problem & the solution  Using the CAT - Administrator  Mega.

U.S. Department of Agriculture eGovernment Program July 15, 2003 eAuthentication Initiative Pre-Implementation Status eGovernment Program.

Authentication Training Guide 1 The Red Flag Ruling requires automotive dealerships to detect red flags that are applicable to their operation. After.

Webview and Web services. Web Apps You can make your web content available to users in two ways in a traditional web browser in an Android application,

MEMBERSHIP AND IDENTITY Active server pages (ASP.NET) 1 Chapter-4.

ALBERT WAVERING BOBBY SENG. Welcome  Introductions  Existing knowledge?  Laptops?  Course goals  Introduction to several topics  Encourage creativity.

Web Privacy Topics Andy Zeigler Senior Program Manager, Internet Explorer Microsoft.

Digital Literacy Concepts and basic vocabulary. Digital Literacy Knowledge, skills, and behaviors used in digital devices (computers, tablets, smartphones)

Module: Software Engineering of Web Applications Chapter 2: Technologies 1.

Securing Angular Apps Brian Noyes

ASP. ASP is a powerful tool for making dynamic and interactive Web pages An ASP file can contain text, HTML tags and scripts. Scripts in an ASP file are.

Mobile Service with.NET By – Sharad Varshney. Agenda What is it supposed to do? Goals Applications System Design Future Work / Enhancements.

Craig Pelkie Copyright © 2015, Craig Pelkie ALL RIGHTS RESERVED Use RPG to Mobilize your IBM i.

Securing Web Applications Lesson 4B / Slide 1 of 34 J2EE Web Components Pre-assessment Questions 1. Identify the correct return type returned by the doStartTag()

U.S. Department of Agriculture eGovernment Program eAuthentication Initiative eAuthentication Solution Screens Review Meeting October 7, 2003.

CitiBuy Support January, 2009 This guide will provide you with a quick overview of the new Support Portal for the Baltimore CitiBuy Purchasing System City.

ClickOnce Deployment (One-click Deployment)

ArcGIS for Server Security: Advanced

Distributed Control and Measurement via the Internet

Lesson 4: Web Browsing.

9/14/2018 2:22 AM THR2026 Set up secure and efficient collaboration for your organization with Office 365 Joe Davies Senior Content Developer Brenda Carter.

Advanced Security Architecture for System Engineers Cisco Dumps Get Full Exam Info From: /cisco-question-answers.html.

Integrating with LexisNexis InterAction

Configuring Internet-related services

SharePoint Online Authentication Patterns

Lesson 4: Web Browsing.

Windows API: Network Policy Server Extensions

GT Portal v. 2.0 Data Delivery

Western Mass Microsoft Technology Users Group

ClickOnce Deployment (One-click Deployment)

Presentation transcript:

Confidential Confidential Rev PA11 Access to local device functionality through REST APIs Johan Apelqvist Research Manager R&T Advanced Concepts Claes Nilsson Senior Technology Strategist R&T UI/App/Web Sony Ericsson

Confidential Internet Device Web Application Architecture Browser DAP Web Server Auth Policy Device Resources Device Resources Web Application Device API Device API

Confidential Device Widget Engine Internet Web Widget Architecture Widget Renderer DAP Web Server Auth Policy Device Resources Device Resources Web Widget Device API Device API Widget Installer

Confidential Access Control Chain Authentication method chosen MUST ensure identification between Customer (Web Application) and Provider (DAP Web Server). Policy is an optional component that provides a “prearranged trust relationship” between Web Application and Device Resource – For example validates each request against one or more policy documents to decide access to the protected resource. Device Resources is the API provider interpreting the request, invoking the correct native device API(s) and formatting the response.

Confidential Web Application Scenario 1.The user accesses the application from the browser. 2.Authentication process commence by setting up a (trusted) relation between the DAP Web Server and the server hosting the Web Application. 3.The application asks for permission to a set of Device Resources (as parameters in request or via link to a manifest file). If a “prearranged trust relationship” is provided by a Policy framework the policy framework grants (all or a subset of) the requested resource(s) based on the policy document(s). Alternatively Auth provides user interaction to grant access to requested resources. Once the requested resource(s) are granted the user do not have to clear access next time the application is accessed as long as the resource(s) are not changed. 4.The application requests a resource that is passed through the access control chain for validation until the request is answered and the response is returned to the application.

Confidential Web Widget Scenario 1.The user downloads the widget from the internet ending up in the widget installer subscribing to widget packages. 2.The subsequent steps are identical to web applications described above with the exception of the manifest read from the widget package instead of provided as a link on the content page.

Confidential Management The DAP Web Server must provide a “manager” function. The main task for the “manager” is to allow the user to manually withdraw previously granted permissions for web applications access to Device Resources. In addition the “manager” may provide the possibility for the user to pre-configure an access policy. For example, the user could state that only web applications whose origin is “operator” and “vendor” are allowed to access the contacts API.

Confidential REST-style Contacts Examples Create a new contact: Find contacts: Request /dap/contacts/create.json?...&name=Mr.%20Robert%20Smith%20Jr &nicknames=Bob Request /dap/contacts/create.json?...&name=Mr.%20Robert%20Smith%20Jr &nicknames=Bob Response {name: ‘Mr. Robert Smith Jr’, nicknames: [‘Bob’], phones: [], s: [], addresses: [], impps: [], serviceId: null, categories: []} Response {name: ‘Mr. Robert Smith Jr’, nicknames: [‘Bob’], phones: [], s: [], addresses: [], impps: [], serviceId: null, categories: []} Request /dap/contacts/find.json?...&name=Robert&nicknames=Bob Request /dap/contacts/find.json?...&name=Robert&nicknames=Bob Response [{name: ‘Mr. Robert Smith Jr’, nicknames: [‘Bob’], phones: [], s: [], addresses: [], impps: [], serviceId: null, categories: []}] Response [{name: ‘Mr. Robert Smith Jr’, nicknames: [‘Bob’], phones: [], s: [], addresses: [], impps: [], serviceId: null, categories: []}]