Download presentation
Presentation is loading. Please wait.
Published byDominique Trask Modified over 10 years ago
1
1 The phone in the cloud Utilizing resources hosted anywhere Claes Nilsson
2
2 Software as a Service Cloud Computing ……..
3
3 What about The Phone as a Service GPS Camera MessagingCalendar …………….
4
4 Let us combine this……..
5
5 So, we all agree that…
6
6 The Web is THE application execution platform
7
7 and that ….
8
8 Mobile Devices must be full citizens of the Cloud
9
9 and that….
10
10 Web Applications must be able to consistently utilize Cloud Resources as well as Local Device Resources
11
11 Device APIs Access control framework Web Application Device Capabilities Give Web Applications access to device capabilities in a secure manner GPS Camera Messaging Calendar
12
12 Existing Device API solutions GeoLocation DAP APIs All these solutions define JavaScript APIs for web browsers and web widget engines Example: navigator.geolocation.getCurrentPosition(showMap);
13
13
14
14 One approach is control by some trusted authority
15
15 Existing Device API solutions –Bondi/JIL Security define an access policy control framework based on origin of web application and user interaction Access control policy framework Unknown ? Manufacturer ? Operator ? Web Application Device Capabilities
16
16 Existing Device API solutions – Bondi/JIL policy security model Examples: A Widget whose signature chains to operator root certificate can read and write from the PIM databases A Widget downloaded from weather.com can access geolocation coordinates if the user says its OK Control by a configured access policy
17
17 Another approach is full user control (and responsibility)
18
18 Security – implicit user consent examples Full user control user must press camera shutter user must state granularity of location user must inspect message and press send
19
19 Device APIs – work in progress Device API and Policy (DAP) WG Main SDO for Device APIs SEMC active – support for W3C DAP is our main strategic direction for device APIs Other members; Nokia, Vodafone, Google, Opera, Orange, AT&T, Telefonica, OMTP, Aplix, Intel…... W3C DAP Website
20
20 Device API and Policy WG So far JavaScript interfaces defined Messaging Contacts Calendar File Writer Media Capture System information and Sensors Gallery File Directories System
21
21 Device API and Policy WG In addition an optional generic policy based access control framework is being worked on
22
22 Another approach proposed by Local Resources as Virtual Web Servers HTTP REST APIs Device API and Policy WG – REST APIs Client (Web Browser or Widget Engine) Server (Resource Provider) Server (Resource Provider) http://................
23
23 APIs as URIs: Example: http://localhost/dap/contacts/create.json?... &name=Mr.%20Robert%20Smith%20Jr &nicknames=Bob Access through standard HTTP methods GET, POST, PUT, DELETE More reading Rest IntroductionRest Introduction Device API and Policy WG – REST APIs
24
24 HTTP REST API advantages Language independent A resource can be situated "anywhere In mobile device, in PC, in accessory, in server… A resource can be accessed from anywhere Leverage on existing HTTP access control mechanisms Device API and Policy WG – REST APIs
25
25 Internet Browser In-device Web Server Access Control Web Application Native Device APIs Native Device APIs Device REST Device APIs SEMC - access to local resources through in-device web server Any native API can be bound to a web API New web APIs by upgrading in-device server JS libraries to hide complex REST-coding
26
26 Powerbox Proposed by, SEMC and Mozilla Labs Supports discovery and interaction with resources independent of where these resources are hosted or how they are produced Security and Privacy purely user controlled Device API and Policy WG – Powerbox
27
27 1.Customer Web Application needs a users private image 2.User selects image Provider: Photo sharing web site Local device image gallery Device camera 3.User selects image Device API and Policy WG – Powerbox example scenario
28
28 Device API and Policy WG – Powerbox Provider Registration 1: Web content: Offer URL to Provider Remote Resource Provider (e.g. photo sharing site) Remote Resources …… Local Resource Providers Web Site that offers a Provider 2: Get Provider metadata doc Powerbox enabled browser Pre-registered
29
29 Device API and Policy WG – Powerbox User selects remote Provider Customer Web Site 1: Web Application: Request imageRequest 3: Powerbox sends introduction request to Providerintroduction request 5: Provider provides link to selected image 2: User selects Remote Resource Provider Remote Resource Provider (e.g. photo sharing site) Remote Resources Powerbox enabled browser 4: Provider returns web page that lets user choose image
30
30 Device API and Policy WG – Powerbox User selects device gallery Provider Customer 1: Web Application: Request image 4: Provider lets user choose image 5: Provider provides link to selected image 2: User selects device gallery Provider Powerbox enabled browser Local Resource Providers 3: Powerbox sends introduction request to local gallery Provider
31
31 Device API and Policy WG – Powerbox User selects device camera Provider Customer 1: Web Application: Request image 4: Provider activates camera 6: Link to image provided 2: User selects device camera Provider Powerbox enabled browser Local Resource Providers 5: User takes a picture 3: Powerbox sends introduction request to local camera Provider
32
32 Conclusion
33
33 Use resources hosted anywhere
34
34 We need: Resource discovery User directed resource selection Standardized APIs (HTTP – REST) Access and privacy control
35
35 Thank you !
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.