- This line was added.
- This line was removed.
- Formatting was changed.
The LinkSmart® Border Gateway provides a single point of entry into an "Internet of Things" (IoT-AS) autonomous system consisting of connected devices and , their supporting services and the messaging infrastructure. These are the main functionalities:
- SSL TLS offloading at the edge of the protected autonomous system (HTTPS, SSL/ TLS-encrypted MQTT and SSL/ TLS-encrypted WebSocket).
- Authentication and authorization for HTTP, MQTT and WebSocket requests. Users and their permissions can be defined using an Identity Provider conforming to the OpenID Connect protocol.
- Permissions Access control for HTTP requests can be defined on for the level type of protocol (HTTP or HTTPS), REST endpoints requested resources (or paths) and allowed HTTP methods.
- Permissions Access control for MQTT requests can be defined on the level of topics for topics, wildcards, and MQTT commands (publish, subscribe etc.).
- Permissions Access control for WebSocket connections can be defined on the level of host name and portfor hostnames and ports.
- HTTP request forwarding to internal services according to location definitions (e.g. a request to https://iot.linksmart.eu/<location> can be forwarded to localhost or any other host protected by the Border Gateway on the correct port).
- Address translation for HTTP requests, i.e. internal IoT-AS addresses in HTTP responses are being can be translated to external addresses that the requester can work withis able to connect to.
The Border Gateway can be easily deployed in a Docker container. The basic configuration for a useful deployment is limited to obtaining an SSL requires a TLS certificate for the host and to configure an available OpenID Connect provider.