The LinkSmart® Border Gateway provides a single point of entry into an "Internet of Things" autonomous system consisting of connected devices and their supporting services. These are the main functionalities:
SSL offloading at the edge of the protected autonomous system (HTTPS, SSL/TLS-encrypted MQTT and SSL/TLS-encrypted WebSocket).
Authentication and authorization for HTTP, MQTT and WebSocket requests. Users and their permissions can be defined using an Identity Provider conforming to the OpenID protocol.
Permissions for HTTP requests can be defined on the level of protocol (HTTP or HTTPS), REST endpoints and allowed HTTP methods.
Permissions for MQTT requests can be defined on the level of topics and MQTT commands (publish, subscribe etc.).
Permissions for WebSocket connections can be defined on the level of host name and port.
HTTP request forwarding to internal services according to location definitions (e.g. a request to https://iot.linksmart.eu/<location> can be forwarded to localhost or any other host protected by the Border Gateway on the correct port).
Address translation for HTTP requests, i.e. internal addresses in HTTP responses are being translated to external addresses the requester can work with.
The Border Gateway can be easily deployed in a Docker container. The basic configuration for a useful deployment is limited to obtaining an SSL certificate for the host and to configure an OpenID provider.