1

Issues & Architecture from a technical perspective

w w w. w e b i n o s . o r g

by Nick Allott, ImpleoWebinos Technical Coordinator

Innovate in Private

We need communal innovation

Standardise

Innovate Collaboratively

Standardise

Negotiate

Speed and Open Source

We need open governance framework

Where we are in mobile

Chrome: Google dominance Android: Google dominance Webkit: Apple dominance WAC: Operator dominance Meego: Nokia dominance Limo: Samsung dominance

Adoption requires balance

We need to give the web APIs

Browser

APIs

Web is

We need standardised security

Developer App Store Device

App App App

intent intent

signature

intent

signatureintent

signaturepermission

Without standardised security HTML5 will be siloed ecosystem

Cannot port apps between devicesSecurity risk profile will be greater (cognitive load)

We need better offline functionality

Requirements for offline– Native OS level file access– Secure file access– Synchronised file structures– Binary file management

EU cyber-security Agency ENISA flags security fixes - http://bit.ly/pgvuk3 Defcon Abusing HTML5 - http://bit.ly/nYWp9I W3C New browsing group - http://bit.ly/lgABrI

We need better network behaviour

HTTP was not design as a transport for programming messages

XHR is chatty and inefficient Too many TCP Connections Operators Urge Action Against Chatty

Apps http://bit.ly/mR34k0

We need network innovation

Need mutual authentication User authentication Device authentication Application identity

– What is a user agent…….? Platform attestation Safe session IDs

We need our devices to talk to each other

All devices

Talk to each other

Connect when there is no internet

Even M2M – the internet of things

We need to be able to “share” “stuff” “socially” “securely”

I want to share data with “my” social network

With any application I choose Over any service I choose I want to be able to revoke that permission I want to control what I disclose I want access to rich context

Calendar sharing user case is perfect exampleWhy do I need an intermediate service

We need to give consumers control over their data

UsersUsersUsersUsers

Website

Website

Website

Google

Advertisers

Advertisers

Advertisers

Consent

Consent

NOConsen

t

No Consent

GA

GA

GA

We need it all to work together

Interoperability

Ubiquity

WEBINOS ARCHITECTURE

Personal Agent

PZP

PZH

TLS

Sync

Mes

sagi

ng

User TokensAuthentication Certs

App IDsService IDsFriend IDs

PolicyContext

User TokensAuthentication Certs

App IDsService IDsFriend IDs

PolicyContext

JSON-RPCPackets

Sync Packets

Routing

Routing

Personal Agent is you – when your not onlinePZH can receive messages on your behalfPZH is an authority you can authorise yourself againstPZH manages: sync, context, message routing, data and policy

PZP: does what a PZH does when the PZH is not there

Different webinos processors – and bearers

Webinos clientSmart Device with WRT

PZPRouting

WRT

Dumb Device No WRT

PZPRouting

Super Dumb Device No WRT No PZP

API

API

API

Bearers

Wireless

Bluetooth

Zigbe

RFID

USB

Other…

New Networking Model

Client

Server

HTTP

Client

Server

TLS

JSO

N - R

PC

AsymmetricUnilateral authenticationPaddedMultiple connectionsManual javascript bindings

SymmetricMutually authenticatedStreamlinedUser IDDevice IDApp IDMultiplexedIntegrated Javascript bindings

Local and Remote APIs

PZPLo

catio

n-A

PI

File-A

PI

Conta

cts-API

Senso

r-API

Galle

ry-API

JSON RPC

Local BrowserOR

Widget Runtime

Remote BrowserOR

Widget Runtime

Internet of Things

Web Server

Web Browser

PZP

John: PZH

Policy

Policy

JSON RPC

Secure Session

The webinos model gives a lightweight

protocol for “things” to connect to the Internet

(securely) and issue and respond to events

with well defined semantics

Sharing and Distributed Policy

Nick: PZH

Nick: PZP

John: PZH

John: PZP

Policy

Policy Policy

Policy

->GetLocation()

Native OS

Device Side Architecture

API manager

PZP

APIs

APIs

APIs

APIs

APIs

WRTChromium or QT

Javascript EngineV8

Binding WebSocket

Node.js

Native C

Messaging Manager

RPCbindings

Widget Manager

Local Discovery Manager

Context Manager

TLS

Session Manager

Native Discovery Mechanisms

Drivers

Sync Manager

Policy ManagerStorage

Storage Manager

Routing Messaging User Data Device

21

To Follow or Contact webinos Website http://webinos.org/

Contact hello@webinos.org

http://www.linkedin.com/groups/webinos-3387786

http://twitter.com/webinosproject

http://www.facebook.com/webinosproject