The LinkSmart® Border Gateway provides a single point of entry into an "Internet of Things" autonomous system consisting of connected devices and their supporting services. These are the main functionalities:
SSL offloading at the edge of the protected autonomous system (HTTPS and SSL/TLS-encrypted MQTT).
Authentication and authorization for both HTTP and MQTT requests. Users and their permissions can be defined using an Identity Provider conforming to the OpenID protocol.
Permissions for HTTP requests can be defined on the level of REST endpoints and allowed HTTP methods.
Permissions for MQTT requests can be defined on the level of topics and MQTT commands (publish, subscribe etc.).
HTTP request forwarding to internal services according to alias definitions (e.g. a request to https://iot.linksmart.eu/<alias> can be forwarded to localhost or any other host protected by the Border Gateway on the correct port).
Address translation for HTTP requests, i.e. internal addresses in HTTP responses are being translated to external addresses the requester can work with.
The Border Gateway can be easily deployed in a Docker container. The basic configuration for a useful deployment is limited to obtaining an SSL certificate for the host and to configure an OpenID provider.