1 / 35

The phone in the cloud

The phone in the cloud. Utilizing resources hosted anywhere. Claes Nilsson. “Software as a Service” “Cloud Computing” ……. What about “The Phone as a Service”. ……………. GPS. Camera. Calendar. Messaging. Let us combine this……. So, we all agree that….

jamalia-crosby
Télécharger la présentation

The phone in the cloud

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. The phone in the cloud Utilizing resources hosted anywhere Claes Nilsson

  2. “Software as a Service” “Cloud Computing” ……..

  3. What about “The Phone as a Service” ……………. GPS Camera Calendar Messaging

  4. Let us combine this……..

  5. So, we all agree that…

  6. The Web is THE application execution platform

  7. and that ….

  8. Mobile Devices must be full citizens of the Cloud

  9. and that….

  10. Web Applications must be able to consistently utilize Cloud Resourcesas well asLocal Device Resources

  11. Device APIs Give Web Applications access to device capabilities in a secure manner Device Capabilities Web Application GPS Camera Access control framework Calendar Messaging

  12. Existing Device API solutions GeoLocation DAP APIs All these solutions define JavaScript APIs for web browsers and web widget engines Example: navigator.geolocation.getCurrentPosition(showMap);

  13. Security is a tricky beast!

  14. One approach is control by some trusted authority

  15. Existing Device API solutions –Bondi/JIL Security define an access policy control framework based on origin of web application and user interaction Device Capabilities Web Application • Access control policyframework • Unknown ? • Manufacturer ? • Operator ?

  16. Existing Device API solutions – Bondi/JIL policy security model Examples: • “A Widget whose signature chains to operator root certificate can read and write from the PIM databases” • “A Widget downloaded from weather.com can access geolocation coordinates if the user says it’s OK” Control by a configured access policy

  17. Another approach is full user control (and responsibility)

  18. Security – implicit user consent examples • user must press camera shutter • user must state granularity of location • user must inspect message and press “send” Full user control

  19. Device APIs – work in progress Device API and Policy (DAP) WG • Main SDO for Device APIs • SEMC active – support for W3C DAP is our main strategic direction for device APIs • Other members; Nokia, Vodafone, Google, Opera, Orange, AT&T, Telefonica, OMTP, Aplix, Intel…... • W3C DAP Website

  20. Device API and Policy WG So far JavaScript interfaces defined File Writer File DirectoriesSystem Messaging Contacts Media Capture Gallery Calendar System information and Sensors

  21. Device API and Policy WG In addition an optional genericpolicy based access control framework is being worked on

  22. Device API and Policy WG – REST APIs • Another approach proposed by • Local Resources as “Virtual Web Servers” • HTTP REST APIs Server (Resource Provider) Client (Web Browser or Widget Engine) http://................ http://................ Server (Resource Provider)

  23. Device API and Policy WG – REST APIs • APIs as URIs: • Example: http://localhost/dap/contacts/create.json?...&name=Mr.%20Robert%20Smith%20Jr&nicknames=Bob • Access through standard HTTP methods GET, POST, PUT, DELETE • More reading Rest Introduction

  24. Device API and Policy WG – REST APIs • HTTP REST API advantages • Language independent • A resource can be situated "anywhere“ • In mobile device, in PC, in accessory, in server… • A resource can be accessed from “anywhere” • Leverage on existing HTTP access control mechanisms

  25. SEMC - access to local resources through in-device web server Internet Web Application Device Browser JS libraries to hide complex REST-coding Any native API can be bound to a web API RESTDeviceAPIs In-device Web Server Native Device APIs Access Control New web APIs by upgradingin-device server

  26. Device API and Policy WG – Powerbox • Powerbox • Proposed by , SEMC and Mozilla Labs • Supports discovery and interaction with resources independent of where these resources are hosted or how they are produced • Security and Privacy purely user controlled

  27. Device API and Policy WG – Powerbox example scenario • Customer Web Application needs a user’s private image • User selects image Provider: • Photo sharing web site • Local device image gallery • Device camera • User selects image

  28. Device API and Policy WG – Powerbox Provider Registration Remote Resource Provider (e.g. photo sharing site) Web Site that offers a Provider Remote Resources 1: Web content:“Offer URL to Provider” 2: Get Provider metadata doc Local Resource Providers Powerboxenabledbrowser …… “Pre-registered”

  29. Device API and Policy WG – Powerbox User selects remote Provider Remote Resource Provider (e.g. photo sharing site) Customer Web Site Remote Resources 1: Web Application: “Request image” 2: User selects Remote Resource Provider 3: Powerbox sends introduction request to Provider 4: Provider returns web page that lets user choose image Powerboxenabledbrowser 5: Provider provides link to selected image

  30. Device API and Policy WG – Powerbox User selects device gallery Provider Customer 1: Web Application: “Request image” Local Resource Providers Powerboxenabledbrowser 2: User selects device gallery Provider 3: Powerbox sends introduction request to local gallery Provider 4: Provider lets user choose image 5: Provider provides link to selected image

  31. Device API and Policy WG – Powerbox User selects device camera Provider Customer 1: Web Application: “Request image” Local Resource Providers Powerboxenabledbrowser 2: User selects device camera Provider 3: Powerbox sends introduction request to local camera Provider 4: Provider activates camera 5: User takes a picture 6: Link to image provided

  32. Conclusion

  33. Use resources hosted anywhere

  34. We need: • Resource discovery • User directed resource selection • Standardized APIs (HTTP – REST) • Access and privacy control

  35. Thank you !

More Related