Placeholder Image

字幕列表 影片播放

  • Thank you very much for coming.

  • And I first need to introduce myself.

  • I'm Ziran from the UK.

  • And today's talk I would like to walk you through our practices and also our choices

  • of technologies in building endtoend IoT system with privacy in mind.

  • So, to start the talk, I would like to present to you a use case.

  • And we are going to use this use case throughout the talk today.

  • What we are going to do is go behind the scenes of the use case and look at the technology

  • challenges and our solutions.

  • So, first we would like to look at how to build an IoT system okay, our use case basically

  • is holiday homes.

  • Holiday result.

  • I think most of you has spent a holiday, rent a home on a big holiday resort.

  • We're talking about this kind of scenario.

  • So, to start the first step is how to build an IoT system for one single holiday home.

  • So, in our case we are basically using the web of things technology.

  • So, we are going to attach Mozilla IoT platform and the web.

  • Once the IoT is built for one holiday home, we're going to go further.

  • How can we connect all of these homes together?

  • And furthermore, can we introduce some intelligence when we view the holiday when we view the

  • connect the holiday homes together and build the IoT for the whole holiday resort.

  • So, here, and we have the main case is to respect user's privacy.

  • So, here we're going to look at learning.

  • And then we're going to look at the architecture for the whole IoT system and share with you

  • our current work status.

  • So, holiday homes, in this scenario, I think only two main parties.

  • One is the holiday makers.

  • The other is the owner of a holiday resort.

  • The owner could be just like another company or agent.

  • So, what's does the holiday owner have in his mind when building IoT for their holiday

  • resort?

  • I think one essential thing is is the holiday home very smart.

  • Is it controlled and how to provide the services?

  • And then when you build this, it has to be, you know, have to be complying with the legal

  • requirement.

  • Respect the user's privacy.

  • And the last, but not least, so, what is is it a solution that causes the effect here?

  • And does it provide a longterm benefit?

  • And from the holiday maker's point of view, I guess, for us, is just the easy access and

  • easy control over the holiday utilities and the facilities.

  • And also, we want to be relaxed and not being watched.

  • We don't want anyone to monitor how we use our electricity, how many washes we do every

  • day, you know, during holiday time.

  • So, let's look at how to build IoT for one single holiday home.

  • And with privacy in mind.

  • How is privacy doing in IoT?

  • So, how is IoT actually doing with privacy, really?

  • So, the concerns are about the risks that the Internet of things has imposed on data

  • protection and the personal privacy has been raised for many years.

  • And a survey from ICO in 2016 has stated that six in ten Internet of things devices do not

  • properly tell customers how their personal information is being used.

  • This is pretty worrying.

  • The good news is that the government and also the industry, they are taking actions.

  • For example, in the EU, GDPR, I think everyone heard about GDPR here?

  • Yeah.

  • Yeah.

  • So, GDPR came in force in May last year.

  • So, this new EU regulation basically is to protect personal data in law.

  • And also, when you design you know, when you design and create new IoT solutions, we need

  • to have data protection by design in mind.

  • Previously known as privacy by design.

  • So, for for IoT developers, this legislation has a significant impact on how we deploy

  • our technologies and what kind of services we are building.

  • So, we actually are thinking that, well, open web platform actually permits the enhanced

  • privacy compared to other technology stacks.

  • So, we think actually GDPR is not only a challenge for web IoT, but also a very good opportunity.

  • So, we have been talking actually when we build our web of things for when we build

  • our IoT actually and mainly based on web of things tech technology.

  • What is, of things?

  • Web of things let's just quote from Wikipedia.

  • It's a software architectural style and the programming patterns that are along the real-world

  • objective to talk to the worldwide web.

  • It's a tough level.

  • When look at really what issues are in this.

  • If you are in IoT, you know for the major concerns in IoT is interoperability.

  • Because, you know, we have like hardware and software from different vendors and manufacturers.

  • Suddenly we want to connect them together.

  • And they are not nice to follow the same specifications, the same standard.

  • Probably not even talk the same language.

  • So, how do you connect them together?

  • So, web of things basically addresses this issue by providing an application layer solution.

  • So, aside from the difference in the network layer physically.

  • This is an application solution.

  • Which means that which means actually it has to on the Internet of things, it has to talk.

  • So, the scope actually, bearing in mind the scope of IoT is a lot broader.

  • Not everything in IoT nicely connects.

  • So, we would like to think that web of things actually is an option for application layer

  • solutions for the traditional IoT particle stack.

  • So, the web of things basically has been a specification by the W3C and there's some

  • implementation work by Mozilla and Google.

  • And some things are actively involved in this implementation work as well.

  • And standardization works.

  • So, here we have actually a loosely web of things solution for the home.

  • And we actually talk about things.

  • So, can I basically you connect all your things together, manage them and connect to the cloud.

  • And we talk about controlling your things from your smart devices like mobile phone,

  • through progressive application.

  • We talk about to have a new device, a new thing.

  • To connect and embody and connect to your network through web tools.

  • so, now we will look at each of those components in detail.

  • The first is the gateway.

  • I guess any of you attended the Mozilla web of things workshop this morning?

  • Yeah.

  • So, this gentleman, what was your impression on yes.

  • It's actually quite impressive as a platform and it is open sourced.

  • So, this morning actually the workshop, I was there, actually.

  • I think it's mainly talking about a way to stay connected to things.

  • But actually, it's more than that.

  • It's basically three paths.

  • We have the cloud over here.

  • The cloud is a districted collection of cloud services and provided by Mozilla to connect

  • devices across a geographic area.

  • And then we have syncs framework.

  • This syncs framework basically is a collection of reusable components to help you build your

  • own web things.

  • And we should directly expose the web of things API.

  • So, actually Mozilla created this API.

  • They created a document.

  • Look it up, that's what they're following.

  • And coming to the things gateway.

  • The things gateway is an open implementation and which the tool is existing for access

  • to the web.

  • So, we can actually see that the backhand of the things are for JS.

  • This is for JS developers, this is good news.

  • And NodeJS backend talking to the frontend through the API.

  • And through the secure web socket.

  • Apart from JS supported, web of things actually produced another concept called adapter.

  • This adapter is actually a language adapter.

  • It's programming things using another language such as Python.

  • Look at the security side.

  • So, basically the web of the Mozilla things, they gave the framework, actually.

  • They're going to have you establish the HTTPS where Mozilla tunneling is.

  • And also, if you are considered this is a type of structure for the situation.

  • So, actually can tell you how it is actually less encrypted.

  • So, you establish the tunnel from your gateway to your cloud server.

  • And let's consider another situation.

  • So, if you actually not on site, you're offsite.

  • You're actually somewhere remotely.

  • And there you want to access your things at home.

  • In this case, actually Mozilla provides this bike tunnel.

  • Back handed tunnel from your cloud server to your gateway.

  • And the other thing, this is a security side.

  • And the other locater specification authorization is they actually follow you.

  • So, the token, because you can choose a different text token, the token they are using is a

  • JSON web token.

  • Yeah, show this is a snapshot from one of our applications.

  • So, this shows that actually this screen pops up on the owner.

  • What happens is when you go to the applications, you want to exercise your things.

  • So, the things here are mainly like the sensors in your home.

  • And the home screen, you have this pop up.

  • And you can grant the scope for the token.

  • It allows you to access certain things.

  • Or I can actually further you can actually grant a read access.

  • You can grant rights access.

  • An owner cannot only do this, they can also delete and then revoke these tokens.

  • So, this actually is a privacy.

  • We can say, you know, you don't get my content or the scope if you don't ask me.

  • And the whole progress application, I'm sure they are down here.

  • We use the P tab for mainly for mobile phones to control devices.

  • So, P tableau is a website that creates a native app for user experiences.

  • They basically address the issues in the native mobile applications on the write side and

  • this new design concept in APIs.

  • But it's the way I've seen here.

  • Basically, you can add it to the screen to promote it.

  • This is basically a native application feature.

  • And they can do offline features offline functionality.

  • So, although the functionality is limited, it can still show you, you know, what is already

  • historically there.

  • You can still control something.

  • So, this offline connection for us is quite interesting.

  • Because it's actually allowing you to give us the possibility to minimize and install

  • and use the data as much as possible.

  • Also, you have to know give you the possibility to know what data is reserved in my device,

  • what is up there?

  • So, this feature is basically a chip that by I deploy a collection of technologies.

  • A service worker.

  • So, one thing is we need to talk about another aspect of security is you can unleash your

  • page through HTTPS.

  • So, we talk about having a new device.

  • Onboarding with Bluetooth.

  • Bluetooth is basically based on Bluetooth low energy.

  • So, the idea here is that we use the web of Bluetooth APIs to discover and connect another

  • web of Bluetooth devices.

  • And after that, when the authentication is finished, we pass the WiFi information to

  • the new device.

  • And then the new device is connected to the network through WiFi.

  • So, the web, that was the reason we chose it because the other thing is with the server.

  • And we have HTTPS.

  • And the other thing is if we want to start Bluetooth in discovery, you have to do it

  • through a user gesture.

  • This is another aspect of privacy.

  • So, we had we had IoT build out of one single holiday homes.

  • And we were thinking to how to connect them together.

  • Connecting them together is pretty standard.

  • Because you can get the cloud server and you can actually view that cloud connect and cloud

  • server which in this case Mozilla, they have actually prioritized that.

  • Whether we look at the solution, we particularly look at how scalable the solution is.

  • Can we expand what we have in this holiday result use case?

  • Can we extent it to a smart city case with millions and millions of devices?

  • Scalability.

  • And the other thing is that we know data is very, very valuable.

  • So, how do we make a good use of the user data?

  • And then we should respect their privacy.

  • So, with this in mind, actually, we want to use make good use of data.

  • We want to do statics and then we're going to do predictions.

  • With this in mind, we basically are choosing learning.

  • If you have learned about federated learning?

  • Okay.

  • So, we actually made pretty much using federated learning in this IoT solution.

  • So, what happens is the learning is basically a collaborative motion learning without a

  • centralized training data.

  • So, basically the concept was initially proposed and termed by Google Paper two years back.

  • And decentralized.

  • We talk about decentralized because we mentioned that without centralized training data.

  • Which in this case is actually we talk about clients and aggregate server.

  • So, each client has their own local training model.

  • And the privacy.

  • We're going to talk more about pricing the next slide.

  • And the last point is the possible personalization for the user.

  • So, basically, you could have your local trained model and there's a possibility for you to

  • personalize this model for particular users.

  • So, if an IoT scenario, when we talk about privacy, for a client, link and a server.

  • We can talk about them together in conjunction.

  • So, the privacy features in for the learning basically matches the next three points.

  • Selective update.

  • Restrictive law, data update.

  • You don't use the you try not to get updates through raw data.

  • Rather you get through parameters.

  • And you process local data as close as possible to the data results.

  • Let's explain a little more on this in the architecture.

  • So, this is the architecture we have here to build the IoT for the whole holiday resort.

  • So, between things on the IoT gateway Mozilla gave away is enough to do communication.

  • So, we are talking about gateway or in each holiday home to collect with the cloud server.

  • You know, the server in the cloud.

  • And in this case, we called the client.

  • The client is the IoT gateway.

  • And the cloud server is the aggregate data server in the term of federated learning.

  • So, what happens here is the learning model located in each gateway, in each client.

  • And once we have the initial model.

  • So, you have it based on historical data.