APIs: Powering The Internet Of Things

Internet Of Things

The term “Internet of Things” (IoT) was coined approximately 15 years ago by RFID technology pioneer Kevin Ashton and refers to how Internet traffic is increasingly based on a system-to-system or an application-to-application approach as opposed to involving humans.

While we’re at the early stages of broad IoT implementation, engineers today are linking objects as diverse as smartphones, cars and household appliances to sensors, each other and the Internet. This growth coincides with another growth area: the growth of Web APIs for integration. Web APIs are the underlying technology enabling IoT.

Today, certain vertical industries, particularly the automotive, home automation and utility sectors, are early adopters in the IoT space. Connected cars, smart meters and home automation appliances all use Web APIs to provide information to the consumer and manufacturer, enabling them to interact with the service provider. This trend is growing to the point that cars, smart meters, and other sensors will soon outnumber mobile apps as

API consumers

Security and Data Privacy An organisation considering an IoT strategy will have concerns regarding security and data privacy. Organisations can address these concerns by implementing an API management strategy to provide the business with API monitoring and visibility capabilities, as well as an audit trail detailing how its APIs are being used.

An effective IoT strategy will also have clear API management policies in place to address privacy and security issues, with the ability to authorize mobile app users, implement security protocols and track the large volumes of data associated with this process.

API Management Strategy It’s clear that APIs are a critical part of the brave new world of IoT. These APIs must be managed to achieve optimal results. While the security of APIs is vital, the API management strategy should also focus on equally important elements including monitoring, analytics, governance, custom reports, developer enablement and policy management. In summary, when implementing an API management strategy an enterprise should ensure the chosen solution provides sufficient levels of visibility and sophisticated diagnostic analysis of its APIs.

Sabotage and Criminal Attack Without effective API management, an organisation’s APIs could potentially become sabotaged or compromised, damaging the brand’s reputation and exposing its users to potential criminal attack. With IoT, the dangers are even greater. To avoid this exposure, the organisation would need to have clear policies around who can access the API.

It would also need to define who has permission to remotely lock and unlock a car, or access information from the home by using identity standards such as OAuth. In short, if an organisation does not have an effective API management strategy it lacks visibility into how its APIs are being used and therefore puts its business and its users at risk.

Where is My API? The Web APIs used in IoT may be used on-premises or in the cloud. Most often however, there is a hybrid approach combining on-premise with cloud. Therefore it is important for an organisation to understand if a vendor’s API management products will work with both cloud based offerings such as Amazon, as well as on-premise solutions, with the ability to link an organisation’s APIs into its internal systems and network.

It is also critical to provide developers with access to an API catalog or registry. In the new world of Web APIs, the lightweight API catalog has replaced heavyweight and restrictive UDDI registries used in the former world of SOA.

If an organisation attempts to build its own API management infrastructure in an ad hoc approach, they may overlook important pieces of the process, such as monitoring, thus lacking full visibility into how the APIs are being used. Organisations that adopt a more structured approach to their API management strategy, via an API management platform, are at an advantage. In fact they are often surprised to receive previously unavailable information, regarding how their APIs are being used, who uses them, and when they are used.

Web APIs: Where to Next With consumers increasingly expecting to use Internet-connected devices, it’s clear the IoT is here to stay. As such, organisations need a way offer an IoT strategy in conjunction with effective API management. An API management strategy which is closely aligned with an organisation’s IoT deployments is the only way to manage APIs and thus avoid data security breaches, privacy issues and loss of business.

Mark O' Neill

Mark O' Neill is the co-founder and CTO at Vordel, now part of Axway. In his new role as VP Emerging Technology, he manages Axway’s Identity and API Management strategy. Vordel’s API Server enables enterprises to connect to Cloud and Mobile.

Our latest thought leaders