DeviceHive is a Machine-to-Machine (M2M) framework designed to provide messaging between smart devices. It delivers a set of services and frameworks including data protocols, server platform and client-side libraries that help you to easily implement projects, where embedded systems are communicating with each other and to other systems e.g.: Clean Tech, Smart Home, remote sensors, telemetry, automation, etc. The DeviceHive server provides core functionality to the whole system.
Some weeks ago Dataart Embedded Competence Center launched a DeviceHive server developed in Java. Previously, only a .NET-based server implementation was available and it required a MS SQL database as a data storage dependency. So, dependency requirements were very strict and as a result the total cost of ownership was pretty high. We received many requests for a Java-based DeviceHive server implementation that requires only open-source dependencies.
There has already been three major .NET-based DeviceHive server releases and three API versions, the current API version is 1.2. We decided to provide a Java-based implementation only for this API as the others are now depreciated.
DeviceHive Java Server 1.2 is built on the new JEE7 platform and it requires a JEE7-compatible application server to be deployed. At the moment we have tested DeviceHive only on Glassfish Server Open Source Edition 4.0 which is the reference implementation of the JEE7 platform. The reason why JEE7 was chosen is simple. The DeviceHive APIs includes both REST and Websocket interfaces and both of them are now included in the JEE stack. We tried to use standard JEE7-provided APIs where possible, but we had to introduce several modules based on the Google GSON library to provide smart JSON mapping of Java objects and used Hibernate as the JPA provider instead of the reference implementation (EclipseLink). Hazelcast 3.0 is used as the second-level cache for Hibernate, and we plan to use it for adding clustering features in the future. PostgreSQL was considered as the data storage, because it is known for being a fast and reliable open-source database server.
The overall result proved that the latest and greatest enterprise Java stack is suitable for production usage.
Since the DeviceHive Java Server is compatible with API version 1.2 which is supported by the existing .NET server implementation, it can act as a drop-in replacement for it and reduce the total cost of ownership.
Plans for 1.3
The current API version 1.2 provides a simple privileges system based on the device network concept. Access privileges for users are granted for the whole network, therefore every device on the network is manageable with the same rights as granted to that user.
We have received many requests to extend the existing user-network-device security approach. Many users want more flexible and granular options to set user privileges. The 1.3 API will contain Access Keys, which will offer flexible permissions definitions, such as IP/subnet restrictions, reference domain restrictions, user action restrictions. For example, a user can receive device notifications, but cannot send commands to that device. An explicit set of allow/deny device/network lists will be also supported with the new privileges system.
As a result, it will be possible to deploy different access keys to different smart embedded devices specifying appropriate permissions, depending on their roles in infrastructure. If an access key is leaked from a device, or the device is stolen, the attacker will get only a limited set of permissions, and it will be a simple matter of revoking that key to resolve the problem.
The 1.3 API will also include OAuth support. In combination with the already existing CORS support it will allow secure embedding of JS-based DeviceHive clients to websites.
Java client Library
In addition to the described security enhancements, our team has plans to implement a Java-based DeviceHive client/device library. At the moment there is only J2ME-based library that covers the device functionality. A new library will cover both client and device functions and will be compatible with the 1.3 API. As a result, we will provide a full Java-based stack of DeviceHive technologies.