These days it seems every aspect of our daily lives is becoming a part of the Cloud as we become more and more connected everywhere we go. Everything from home appliances to diapers, yes Diapers!, is becoming connected. People are no longer satisfied with the manual process of checking on something via visual or physical inspection and are instead favoring instant alerts that inform them via application notifications, SMS, or email. What does it take to connect your diapers or application to your users 24/7?
Your device will need to be connected in some way. WiFi, the most prevalent device connection, is readily available these days in every home and many restaurants and coffee shops due to the rise of mobile computing through phones and tablets. WiFi chips are being manufactured in small form factors with sub $5 cost, making them easy to fit into even the smallest devices. WiFi 802.11 protocol isn’t the only solution although at this time it is currently the most common. You’ve also got Zigbee 802.15.4, Sigfox and, of course, cellular. The intent is the same, connecting the device to the user wherever they might be. There are also some solutions that blend communication over Bluetooth low energy (BLE) to a phone or other device which then is responsible for syncing with the cloud over WiFi or cellular.
Each mechanism uses their own communication protocols, REST, SOAP, sockets, for WiFi or GATT for BLE. Whichever protocol you use you’ll need an Application Programming Interface (API) which specifies how your diapers (or application) communicate with the cloud server. To protect against nefarious users hijacking your diapers, you need to provide secure mechanisms to lock down the traffic. These solutions range from HTTPS for secure communications over WiFi, AES-CCM cryptography for BLE, or even your own proprietary encryption mechanisms. Communications with the server to consume data should be locked down with an authentication and authorization scheme. Depending on how well-secured your data needs to be, two-factor authentication (2fa) might also be a requirement. Most of us have used 2fa in our everyday lives when accessing secure sites or applications such for banking. They require a login via username and password and then a second security code is sent via an email or text message for further verification.
Once communication has been agreed upon and requests are sent to the server there is a layer that handles the requests. This layer can use algorithms to perform analysis on our data before a response is sent back to the application. Using our diapers example, the business logic layer might analyze the data to find biological patterns to predict when your baby might need to be changed or even tell you when a change in frequency that might mean illness.
If your application does not require heavy analysis it is also possible to forego the need for this layer by utilizing what is known as a headless server. Both AWS and Azure offer technologies for headless servers that skip this layer and allow communications directly to and from Data layers, which we’ll discuss in a bit. AWS utilizes AWS Lambda to route requests and responses without the need for a server. This can often radically cut costs by removing the requirement of a server.
Data is the last piece of the application and is generally what people are most interested in. Folks want to be able to store their data and access it from anywhere in the world on their phone, tablet, or computer. They might also want to be able to share it with each other (maybe not in the case of the diaper example). The value of that data is also what makes it the first thing that malcontents want to exploit. It seems every day we’re reading about data breaches. It’s important to protect data by hosting it in a secure data warehouse, with direct cloud access restricted or prohibited completely. Restricting access to private subnets prevents attackers from accessing the data without gaining access to your server itself. For health care applications the data must also be encrypted at rest.
Figure 1 –
Cloud server hosting comes in a variety of forms from physical server hosting, to virtual and headless services as outlined previously. The big players in the space – AWS, Azure, and Google Cloud – all have their own offerings and pricing schemes which can be daunting. However, once you become familiar with these offerings, spinning up a cloud server can become pretty simple. The well-trained user can, within a few hours, have a server launched, application deployed, security systems in place, and server routing configured. Using our smart diapers example and AWS, I can deploy my application using AWS Elastic Beanstalk which will spin up the required server (‘elastic’ meaning it can grow and shrink to handle more requests or less requests), configure access, spin up an AWS RDS DB instance, and I now have a server accepting diaper updates and responding to requests.
Below Is a sample AWS architecture which contains an API gateway that proxies to a server on a private subnet which in turn accesses a DB on that subnet. The two are elastic and have grown to two instances to provide for a greater number of requests. Once you learn how to spin up and configure these instances, this becomes second nature, allowing you to quickly architect and deploy applications in the cloud. At IPS we would handle this and have your cloud services up and running quickly and securely. In addition, we could give you the keys and allow you to manage it on your own, or we could maintain the servers for you.
Figure 2 – Sample AWS Architecture
The power to access data from anywhere 24/7 is becoming a requirement for all aspects of our lives. Folks want to view their bank statements, health documents, social media, and personal media at any time from their phone or in the comfort of their home. The ability to move your data to the cloud is essential to keep your userbase and your company moving forward. The resulting solution is available to all of your global users at any time! If you’d like to know more, or you’d like to contact us, feel free to explore our website.