Presentation on theme: "1 The phone in the cloud Utilizing resources hosted anywhere Claes Nilsson."— Presentation transcript:
1 The phone in the cloud Utilizing resources hosted anywhere Claes Nilsson
2 Software as a Service Cloud Computing ……..
3 What about The Phone as a Service GPS Camera MessagingCalendar …………….
4 Let us combine this……..
5 So, we all agree that…
6 The Web is THE application execution platform
7 and that ….
8 Mobile Devices must be full citizens of the Cloud
9 and that….
10 Web Applications must be able to consistently utilize Cloud Resources as well as Local Device Resources
11 Device APIs Access control framework Web Application Device Capabilities Give Web Applications access to device capabilities in a secure manner GPS Camera Messaging Calendar
14 One approach is control by some trusted authority
15 Existing Device API solutions –Bondi/JIL Security define an access policy control framework based on origin of web application and user interaction Access control policy framework Unknown ? Manufacturer ? Operator ? Web Application Device Capabilities
16 Existing Device API solutions – Bondi/JIL policy security model Examples: A Widget whose signature chains to operator root certificate can read and write from the PIM databases A Widget downloaded from weather.com can access geolocation coordinates if the user says its OK Control by a configured access policy
17 Another approach is full user control (and responsibility)
18 Security – implicit user consent examples Full user control user must press camera shutter user must state granularity of location user must inspect message and press send
19 Device APIs – work in progress Device API and Policy (DAP) WG Main SDO for Device APIs SEMC active – support for W3C DAP is our main strategic direction for device APIs Other members; Nokia, Vodafone, Google, Opera, Orange, AT&T, Telefonica, OMTP, Aplix, Intel…... W3C DAP Website
21 Device API and Policy WG In addition an optional generic policy based access control framework is being worked on
22 Another approach proposed by Local Resources as Virtual Web Servers HTTP REST APIs Device API and Policy WG – REST APIs Client (Web Browser or Widget Engine) Server (Resource Provider) Server (Resource Provider)
23 APIs as URIs: Example: &name=Mr.%20Robert%20Smith%20Jr &nicknames=Bob Access through standard HTTP methods GET, POST, PUT, DELETE More reading Rest IntroductionRest Introduction Device API and Policy WG – REST APIs
24 HTTP REST API advantages Language independent A resource can be situated "anywhere In mobile device, in PC, in accessory, in server… A resource can be accessed from anywhere Leverage on existing HTTP access control mechanisms Device API and Policy WG – REST APIs
25 Internet Browser In-device Web Server Access Control Web Application Native Device APIs Native Device APIs Device REST Device APIs SEMC - access to local resources through in-device web server Any native API can be bound to a web API New web APIs by upgrading in-device server JS libraries to hide complex REST-coding
26 Powerbox Proposed by, SEMC and Mozilla Labs Supports discovery and interaction with resources independent of where these resources are hosted or how they are produced Security and Privacy purely user controlled Device API and Policy WG – Powerbox
27 1.Customer Web Application needs a users private image 2.User selects image Provider: Photo sharing web site Local device image gallery Device camera 3.User selects image Device API and Policy WG – Powerbox example scenario
28 Device API and Policy WG – Powerbox Provider Registration 1: Web content: Offer URL to Provider Remote Resource Provider (e.g. photo sharing site) Remote Resources …… Local Resource Providers Web Site that offers a Provider 2: Get Provider metadata doc Powerbox enabled browser Pre-registered
29 Device API and Policy WG – Powerbox User selects remote Provider Customer Web Site 1: Web Application: Request imageRequest 3: Powerbox sends introduction request to Providerintroduction request 5: Provider provides link to selected image 2: User selects Remote Resource Provider Remote Resource Provider (e.g. photo sharing site) Remote Resources Powerbox enabled browser 4: Provider returns web page that lets user choose image
30 Device API and Policy WG – Powerbox User selects device gallery Provider Customer 1: Web Application: Request image 4: Provider lets user choose image 5: Provider provides link to selected image 2: User selects device gallery Provider Powerbox enabled browser Local Resource Providers 3: Powerbox sends introduction request to local gallery Provider
31 Device API and Policy WG – Powerbox User selects device camera Provider Customer 1: Web Application: Request image 4: Provider activates camera 6: Link to image provided 2: User selects device camera Provider Powerbox enabled browser Local Resource Providers 5: User takes a picture 3: Powerbox sends introduction request to local camera Provider
33 Use resources hosted anywhere
34 We need: Resource discovery User directed resource selection Standardized APIs (HTTP – REST) Access and privacy control