Simple Web of Things (SWoT) Architecture Model

Introduction

The World Wide Web (WWW, or simply Web) uses relatively simple technologies with sufficient scalability, efficiency and usability. As a result, it has become a remarkable information space of interrelated resources, growing across languages, cultures, and media.

The Web is used as a platform to deliver services to end-users and enables business entities and applications to intercommunicate openly with each other over a network. The web is language-independent, uses message-driven communications and easily bounds to different transport protocols. As a result, web technology allows the exposure of physical devices as resources on the web using a Web of Things (WoT) approach. This approach can provide a standard means of internetworking among WoT resources running on a variety of platforms and/or frameworks.

The Internet of Things (IoT) is a novel paradigm that is rapidly gaining ground in the scenario of modern wireless telecommunications. The basic idea of this concept is the pervasive presence around us of a variety of things or objects – such as Radio-Frequency IDentification (RFID) tags, sensors, actuators, mobile phones, etc. – which, through unique addressing schemes, are able to interact with each other and cooperate with their neighbors to reach common goals.

As similar, in the emerging WoT, the Web is extended from its original document-centric design to an application layer for the real world. Real-world objects like consumer devices are integrated into the WWW by representing them as Web resources, which can be accessed using lightweight APIs based on the REST principle.

Inspide of emerging WoT, overall proposed architecture at the initial stages of WoT research will have a severe bearing on the field itself and needs to be investigated. Most of the work relating to WoT architecture has been from the Web Services/SOA perspective or the wireless sensor network/IoT perspective.

@@TBD@@

This is a note on Introduction part. Here will add some text about what we need to WoT.

Audience of this Document

This document is intended to inform discussions about issues of High-level Web of Things (WoT) Architecture Model. The intended audience for this document includes:

Participants in W3C Activities
Other groups and individuals designing technologies to be integrated within the Web of Things
Implementers of IoT/WoT Product
IoT/WoT service developer

Scope of this Document

This document presents the High-level Web of Things (WoT) Architecture Model.

Terminology

This document uses the following terms defined elsewhere:

Internet of things (IoT): A global infrastructure for the information society, enabling advanced services by interconnecting (physical and virtual) things based on existing and evolving interoperable information and communication technologies. [ITU-T Y.2060]
IRI: Acronym for Internationalized Resource Identifier. An IRI is a sequence of characters from the Universal Character Set (Unicode/ISO 10646) [[rfc3987]]
Resource: Anything that might be identified by a URI or IRI [[!webarch]]
Server: The role adopted by an application when it is supplying resources or resource manifestations. [W3C WACterms]
Thing: With regard to the Internet of things, this is an object of the physical world (physical things) or the information world (virtual things), which is capable of being identified and integrated into communication networks. [ITU-T Y.2060]
Thing Description: Description about a thing - interfaces, data and aspects of a Thing [[!rfc4627]] [[!rfc7159]]
URI: Acronym for Uniform Resource Identifier. A simple and extensible means for identifying a resource. [[!rfc3986]]
User Agent: One type of Web agent; a piece of software acting on behalf of a person. Browsers are examples of user agents, as are web robots that automatically traverse the web collecting information. [[di-gloss]] [[webarch]]
Web agent: A person or a piece of software acting on the information space on behalf of a person, entity, or process. [[!webarch]]
Web of Things (WoT): A way to realize the IoT where (physical and virtual) things are connected and controlled through the World Wide Web. [ITU-T Y.2063]
WoT Client: a logical entity that accesses an WoT Resource on an WoT Server
WoT Functionality: the base/core functionality contained in any WoT Device
World Wide Web: An information space in which the items of interest, referred to as resources, are identified by global identifiers called Uniform Resource Identifiers (URI). [[!webarch]]

Functional Components

A Simple WoT consists of mandatory components (a Thing as WoT enabled device) and interfaces exposed by those components.

WoT Device

a WoT device is a "Thing" which enabled WoT connectivity. a “Thing” in Web of Things (WoT) can be any object that has a unique identifier and which can send/receive web resources (including information and data) over a network. WoT devices are connected any devices to the Web and provide information about themselves or about their surroundings (e.g. information sensed by the connected sensors) over a network (to other devices or servers/storage) or allow actuation upon the physical entities/environment around them remotely.

WoT Server

WoT Server is a component resident in the WoT device and is the entry point to the WoT Enabler for all the requests coming from other component. The WoT Server exposes WOT-1, WOT-2, WOT-3, WOT-4 and WOT-5 interface.

UA(User Agent)

A user agent is any software that retrieves, renders and facilitates end-user interaction with web content. User agents include web browsers, media players, plug-ins, extension and web applications that help in retrieving, rendering and interacting with web content. User Agent is a component resident in the network (outside the device). It has the responsibility for interacting bidirectionally with WoT Device by using WoT-1 interface exposed by the WoT Server.

Service Resources

Service resources (Cloud, Server, Web Resources) are one of the components residing in the network (outside the device) to provide external resources by using WoT-2 interface.

Sensors

Sensors detect and respond to inputs from the physical environment, and exchange sensing information by using WoT-3 interface.

Passive sensors: a device that detects and responds to some type of input(e.g: the detection of vibrations, light, radiation, heat or other phenomena) from the physical environment.
Active sensors: a sensing device that requires an external source of power to operate.

other Thing (other WoT Devices)

An external thing is another WoT device. It uses WOT-4 interface exposed by other WoT Devices for collaboration.

Device Type1: Low performance devices (e.g: Aruino ...)
Device Type2: Middle performance devices (e.g: Beaglebone Black, Rasberry Pi ...)
Device Type3: High performance devices (e.g: Smartphone, Tablet ...)

Event Trigger

It is a component resident in the network (outside the device). Through WoT-5 interface, Event Trigger is responsible for sending push notifications.

Interfaces

This section identifies the functional components and defines the interface between among those components to affect desired properties of the overall architecture.

WOT-1

This interface is exposed by the WoT Server to User Agent. It is used by the UA to interact with the WoT Devices for performing some core functionalities related to web of things application, covering: user authentication, authorization, WoT device management.

WOT-2

This interface is exposed by the Service Resources. It is used by the WoT Server to interact with the external service provider for using external service resources.

WOT-3

This interface is exposed by the WoT Server to Sensors internally/externally connecting with WoT Devices.

WOT-4

This interface is exposed by the WoT Server to other WoT Device for realizing the collaboration between the WoT Devices. This interface is both exposed, and used, by WoT Server.

WOT-5

This interface is exposed by the WoT Server and is used by the Event Trigger to push notification to the WoT Server.

Interface – WOT-1

This interface is exposed by the WoT Server to User Agent.

WoT Server SHALL support the design principle of Web Architecture Model [[!webarch]]
WoT Server and UA SHALL support general web standards (e.g: HTTP, URI/IRI, HTML) [[!rfc2616]] [[!rfc3986]] [[!rfc3987]] [[!html5]]

WoT Server SHOULD use secure HTTP connections (HTTPS)

WoT Server SHALL support RESTful architecture model

WoT Server MUST support GET, POST, PUT, and DELETE HTTP verbs
WoT Server MUST implement HTTP status codes 200, 400, 500
WoT Server SHOULD support additional HTTP status codes as needed
WoT Server SHALL support UTF8 encoding for requests and responses

WoT Server SHALL support JSON as default representation
WoT Server SHALL support web standard based User Interface

Shall provide the offline connectivity
shall provide capabilities to start and monitor all of WoT application feature

WoT Server SHALL support WoT Server functionality such as:

Connectivity down to sensors and existing controllers embedded in the device
Manageability (Device, Sensor, System) and related protocol
Security and privacy
WoT Server may support remote management for fault recovery e.g. firmware update, quarantine device. After this operation of firmware update, the device may reboot to a known and consistent state

WoT Server MAY support WoT Server functionality for legacy business:

Connectivity up to the cloud and enterprise
WoT Server SHALL further support the protocols defined in the following

WoT Server SHALL support [@@@] to ….

Data collection & reporting

The WoT Server SHALL support the reporting from a specific WoT Device or WoT Server or group of WoT Devices or group of IoT Gateways in the way requested by the WoT Application as listed below:

a periodic reporting with the time period being defined by the WoT application,
or an on-demand reporting with two possible modes. One is an instantaneous collecting and reporting of data, the other one is a reporting of the data that were pre-recorded at the indicated specific time period.

Remote control operation

The WoT Server SHALL support the capability to remotely change the state of a WoT Device e.g. enable or disable.

Information collection & delivery to multiple applications

The WoT Server SHALL support the ability for multiple WoT Applications to interact with the same WoT Devices.

Management of multiple WoT Devices

The WoT Application SHALL be able to manage one or multiple WoT Devices, e.g. for information collection, control, either directly or through using capabilities in the WoT Service Capabilities”.

WoT Device Management

WoT Device SHALL support the management capability.

@@TBD

This is a note on WOT-1 interface

WoT-1 interface will describe the protocol between WoT Server and UA. It will cover other web protocol like as WebRTC, SSE and Web notification. [[webrtc]] [[SSE-ed]] [[notifications]]

Interface – WOT-2

This interface is exposed by the Service Resources. It is used by the WoT Server to interact with the external service provider for using external service resources.

WOT-2 covers:

expose an open API to access and exchange data for integration with external service [[!rfc7159]]
Expose an external web resources
allow to synchronize Thing’s status and information.

@@TBD

This is a note on WOT-2 interface

WoT-2 interface will describe the protocol between WoT Server and other external Server/Cloud/Open API and web resources.

Interface – WOT-3

This interface is exposed by the WoT Server to Sensors internally/externally connecting with WoT Devices.

@@TBD

This is a note on WOT-3 interface

WoT-3 interface will describe the protocol between WoT Device and Sensor/HW capabilities. It will cover the peripheral interconnects, whether they are I2C, SPI, USB, UARTs, Bluetooth, whatever.

Interface – WOT-4

This interface is exposed by the WoT Server to other WoT Device for realizing the collaboration between the WoT Devices. This interface is both exposed, and used, by WoT Server.

@@TBD

This is a note on WOT-4 interface

WoT-3 interface will describe the interfaces between WoT Devices and other WoT Devices. It will cover the protocol like as HTTP, Web Socket and CoAP. [[!rfc7252]] [[rfc6455]] [[websockets]]

Interface – WOT-5

This interface is exposed by the WoT Server and is used by the Event Trigger to push notification to the WoT Server.

@@TBD

This is a note on WOT-5 interface

WoT-5 interface will describe the one-way protocol similar as push notification, MQTT and other subscription base protocols. [[MQTT]]

Security Considerations

In this section we elaborate on the security requirements for the WoT System. We expand on the basic requirements of confidentiality, integrity, authentication, and authorization and provide specific examples of potential threats that the system should be protected against.

Authentication

An entity requesting a service may authenticate the peer entity as part of setting up a service and maintaining a service.
The WoT system may support mutual authentication and one-way authentication.
The entity authenticating the peer may choose from different security strengths to ensure appropriate level of security.
Each service shall be able to perform authentication independently.

WoT Device / WoT Server authentication

The WoT System shall be able to authenticate the WoT Device or WoT Server. For WoT Devices supporting authentication and connected via an WoT Server, the authentication may be performed directly to the WoT System or to the authenticated WoT Server.

Authentication of WoT service layer capabilities or WoT applications

When there is a request for data or device access, the WoT Device or WoT Server should be able to mutually authenticate with the WoT Service Capabilities or WoT Applications from which request is received.

Data transfer confidentiality

The WoT System shall support appropriate confidentiality of the data exchange. A particular WoT application may or may not require the use of such confidentiality.

Data integrity

End points of the WoT System shall be able to verify the integrity of the data exchanged.

Prevention of abuse of network connection

WoT security solution should be such that it is not possible to illegally use the WoT Device for unintended applications.

Privacy

The WoT System shall be capable of protecting privacy.

@@TBD@@

This is a note on Security Considerations.

Security Considerations will describe the consideration of various security aspec.

Introduction

Audience of this Document

Scope of this Document

Design Goals and Rationale

Terminology

Conformance

Architecuture Model

Execution model of Web of Things (WoT) applications

Web of Things (WoT) Architecture Model

Functional Components

Interfaces

Interface – WOT-1

Interface – WOT-2

Interface – WOT-3

Interface – WOT-4

Interface – WOT-5

Security Considerations