The number of IoT (Internet of Things) devices increases rapidly day by
day. According to Gartner Institute, 8.4 billion connected things will be
in use worldwide already this year. It means an increase of more than 30
percent comparing to the previous year. The IT research firms expect that
this number will be much bigger and can result from 21 billion (Gartner) to
37 billion (Cisco) by 2020! To imagine how our world is going to change, it
is worth to mention that all those forecasts do not even include PCs,
tablets and smartphones.

IoT projects contain not only large number of devices but also various
application programming interfaces (APIs) and huge amounts of data. The
easiest and the most efficient way to interact with these are APIs.

IoT devices are connected to data located in cloud-based services. They are
like a sky bridge there „” IoT solutions on one side, data and capabilities
on the other. APIs make IoT useful, turns limited little things into
powerful bridges of possibilities. You can imagine APIs like something as
an inter-connector which provide the interface between the global network
and the Things. APIs expose the data that enables multiple devices to be
combined and connected to solve new and interesting workflows. Because of
that it should be ensured an easy way for communication which will be
managed in an efficient and secure system. It cannot be forgotten that with
new IoT devices it comes big risk which gives hackers and cyber criminals
more possibilities to attack. The nature of electronic devices operated by
the human beings plus the importance of some of the things that connect to
each other (satellites, traffic lights, vehicles) raise critical issues as
well. That is the main reason that APIs need to be more protected.

APIs are a fundamental enabler of the Internet of Things but without
management system, IoT devices can easily lead to catastrophe, especially
when it comes to:

  • versioning and supporting for using devices
  • management developers and device registrations
  • devices visibility and analytics
  • performance and scalability
  • full control of permissions

What is API Management in the IoT area?

It is a set of technologies and processes for creating, managing, securing,
analyzing and scaling the APIs from IoT connected devices. A developer
portal enables companies to provide everything that internal, partner and
third party developers need to be effective and productive building the

The APIs allow devices to talk to each other in a consistent and structured
way that makes it really easy to get them to communicate. Writing about IoT
we need to mention about various of protocols (CoAP, XMPP, MQTT, WAMP, OMG
DDS, Stomp) and frameworks (Web RTC, ASP.NET SignalR,, Couchbase, Socket IO, Meteor) so it leads that IoT API
management system also integrates IoT devices environment. The next very
important issue is the security. API Management system creates secure
user-friendly identity. It ensures secure connections to devices across
mobile and the IoT environment. Besides using a platform it is much easier
to identify and neutralize SQL injection, DoS attacks and other online

Future world example

To prove how important is using API and API Management, let us take a look
at an example. According to Intel predictions the coming flood of data in
autonomous vehicles will reach level of ca 4 000 GB per day. Let“™s add that
„BI Intelligence“ estimated that there will be 10 million self-driving cars
on the road by 2020[1]. Those
information show us how important it will be to ensure right and stable
communication in the IoT world.


Imagine situation that a car needs to send data as soon as possible in case
of accident. The best way for it would be using API solution.

Example payload

Most web applications support RESTful APIs which rely on HTTP methods. The
open source Swagger framework helps to design and maintain APIs. The
framework provides the OpenAPI Specification for creating RESTful API
documentation formatted in JSON or YAML. In this article will be showed
YAML file because it is much easier to read.
Listening 1 An Example of Swagger API documentation.

Thanks to API definition a car can easily communicate with an emergency
center during the accident. It can use the following methods to send data
into datacenter. There are several HTTP methods used to achieve this goal.


Add a new accident to emergency center

Although car processes a lot of data locally it should send only most
valuable of them. The payload shouldn“™t be too big so that it will not slow
down communication and can be processed fast. In this very simple example
let“™s imagine that car is sending the following information:

  • car model
  • car number plates
  • accident time
  • owner name
  • GPS Location
  • Average speed
  • Passenger numbers
  • Status of accident
  • Injury of passengers

Actually a vehicle could send much more data which will be crucial in an
emergency center where artificial intelligence can decide what kind of help
should be sent.

Example Value Model of POST method

  "CarModel": "Toyota Yaris II 2014",
  "carNumberPlates": "D65261",
  "accidentTime": "1985-04-12T23:20:50.52Z",
  "owner": "Wojtek Konowal",
  "location": "[47.4925, 19.0513]",
  "averageSpeed": 110,
  "passangers": 1,
  "status": "registred",
  "injury": "Serious"

After getting the first help, damaged vehicle updates easily and fast it“™s
status, which can indicate when passenger“™s health gets worse so that
medical center should decide for example to send a helicopter to get
injured passenger faster into hospital. This function is ensured by the PUT


Update an existing accident

 "CarModel": "Toyota Yaris II 2014",
 "carNumberPlates": "D65261",
 "accidentTime": "1985-04-12T23:20:50.52Z",
 "owner": "Wojtek Konowal",
 "location": "[47.4925, 19.0513]",
 "averageSpeed": 110,
 "passangers": 1,
 "status": "Service is pending",
 "injury": "Critical"

API solutions can be used also for gathering data by big data center which
later can easily find patterns in tautened of accidents and use machine
learning to train artificial intelligence to send better help to the
accident location next time.


Returns all accidents by status

We need to remember that a right API design cannot be done without implementing the efficient API Managment solutions. The above described example is directly connected with rescuing people“™s life area. Every car should use oAuth2 to authorize
device access. Managed API ensures also proper access control, request
routing, buffering, stats collection, monitoring, alerting and decision


It is obvious that APIs are becoming crucial in the new developing IoT
world but these APIs must be managed to achieve optimal results. The API
management helps company to monitor, analyze, report and use policy
management. Without an effective API management strategy, an organization
cannot take right care of the usage of its APIs. If company neglects this
thing it can be not only a threat to their business but also to their users
and customers.



Alle Beiträge von tjkrajewski

Schreibe einen Kommentar