WIXLIB

Towards the Web of ThingsDave Raggett, W3CUWE WDC, Bristol September 2007Contact: dsr@w3.org1

Contents The origins of the Web and how it has evolvedChallenges posed by the explosion of newkinds of networked devices Changing the way we think about the Web What's wrong with today's hacks More effective approaches based uponseparating out different concernsLooking further out to the future2

Before the Web3

Vannevar Bush Scientific advisor to President Roosevelt“As We May Think” published July 1945 inThe Atlantic MonthlyA conceptual machine (the Memex) that canstore vast quantities of interlinked information Same article describes the Cyclops Camera:"worn on forehead, it would photographanything you see and want to record”4

Douglas Engelbart mid-1960's Inventor of thecomputer mouse, he ledwork on hypertext andgraphical user interfaces atSRI International5

Ted Nelson 1965 coins the term “Hypertext”– in "A File Structure for the Complex, the Changing,and the Indeterminate". 20th National Conference,New York, Association for Computing MachineryProject Xanadu founded in 1960–Goal: a networked pay-per-document hypertextdatabase encompassing all written information6

CERN – birthplace of the Web International researchcentre for high energyphysics located nearGenevaLarge Hadron Collider(LHC) Atlas detectordue to start working inmid 2008Probing conditions atearliest moments ofthe Universe7

Tim Berners-LeeInventor of the World Wide Web Friend of a friend at Oxford, we first meet in '921980 Develops “Enquire” as a simple hypertextsystem whilst consulting for CERN1989 Project proposal for World Wide Web1994 Founds W3C to lead the Web to its fullpotential8

Enquire ENQUIREEnquire V 1.1Hello!Opening file (PSK-PCP)VAC-V1:ENQR.PSB Vacuum Control System--- ------ ------- ------(concept) O [ 1] described-by: Enquiry SystemAn experimental system for which this is a test.[ 2] includes: Vacuum History SystemRecords and displays slow changes in pressure.[ 3] includes: Vacuum equipment modulesPerform all the hardware interface[ 4] includes: Control and status applications programsProvide operator interaction from the consoles.[ 5] described-by: Controle du System a Vide du Booster 11-2-80Operational specification of the software[ 6] includes: PSB Pump Surveillance SystemAllows rapid monitoring of pressure changes[number]PCP 2289

Early Web BrowserBrowser/editor onNextStep workstation10

1990: WWW Architecture11

Only worth a Poster at Hypertext '91Hypertext'91 Conference decides that the WWW is only worth a Poster!12

Initial Simplicity Tim deliberately chose to keep the initialversion of the Web really simple to encouragewidespread adoptionSimple hypertext markup (html) with link types– a href ”http://example.com/book/ch1/”rel ”includes” Chapter 1 /a –Simple protocol (http) with global addressesDesigned to be rendered on wide range ofdevicesImages and other media shown in externalviewers13

Followed by Rapid Evolution Exponential growth in Web traffic Addition of capabilities to HTML and HTTP NCSA Mosaic as first widely used browser Netscape as first Internet boom company Microsoft turns on a dime Browser wars won by Internet Explorer Today: Firefox, Opera and Safari Mobile browsers and XML standards Competition with proprietary formats14

World Wide Web Consortium (W3C) International consortium founded in 1994 with amission to lead the Web to its full potentialDirected by Sir Tim Berners-Lee, inventor of theWebOver 400 members from all across the WorldHosted by Keio University in Japan, ERCIM inEurope and MIT in North America Over 60 staff members 17 regional partners to promote W3C work15

World Wide Web Consortium (W3C) W3C has produced over one hundredRecommendations covering HTML, XML, CSS,Web Services, Semantic Web and many moreOpen process and patent policy designed toenable royalty fee implementations of W3Cspecifications47 Working Groups, 12 Interest Groups, 4Coordination Groups, 4 Incubator Groups,Technical Architecture Group, Advisory Board,and the Advisory Committee with onerepresentative from each W3C Member16

W3C TeamDecember 200617

How I got involved Studied physics/astrophysics at Oxford AI at Edinburgh and Imperial College HP Labs, working on knowledge-based systems Hypertext-based expert system for generatingquotes for HP computer systems Started working with TimBL on WWW in 1992 HTML , HTML 3.0, HTML3.2, HTML4, XHTML HTTP, Math, Forms, Voice, Multimodal and nowthe Ubiquitous Web18

Web of ThingsBarcodes as a way to connectphysical objects to the Web19

RFIDElectronic versions of barcodesbut with extended capabilities20

Microcontrollers Computer on a chipFastest growingsegment of computerindustryAverage home nowcontains around 200Cars between 35 and100 for luxury models21

Uses of Microcontrollers TV sets, TV remote controls, Video recordersprinters, cameras, scanners, fax machinesOvens, toasters, refrigerators, washingmachines, central heating systemsMobile phones, PDAs, MP3 players, computermonitorsCar body electronics, air conditioning, seatcontrol, chassis and safety, infotainment, powertrainThe list goes on and on .22

Web of Things Rapidly diminishing incremental cost fornetworking all kinds of devicesThe challenge for how to integrate devices aspart of distributed applicationsChanging the way we think of the Web–No longer just about viewing websites on desktopbrowsers with big screens–Instead apply Web technologies to ease the task ofdeveloping new kinds of applications across a verywide range of devices23

What's the Value? Improved physical security and peace of mindReduced costs of heating/cooling/lightinghomes and officesPreventative maintenance in advance ofappliances breaking downBetter choices for home entertainment systemsAccess to information services any time, anywhere and on any device you chooseFulfilling the potential for applications thatcombine local and remote services24

Why Standards? Standards are expensive and time consumingto create, why bother?Large and small companies may feel they canjust develop their own solutions, much easier!But standards encourage a bigger market withmany more players and more innovation That means that everyone wins Users are no longer in thrall to single vendors25

Aren't current standards sufficient? Lots of people are building web applicationsusing HTML with lots of client and server-sidescriptingThis is expensive and very specific to desktopbrowsers with poor user experience on mobiledevices Ajax is cool, but too low a level of abstraction The same is true for Web Services Very limited access to local device capabilities Inadequate for harnessing ubiquitous devices26

Home network exampleTV BrowserremoteUI ngSystemUses power line fornetwork connection Use TV remote tocontrol all kinds ofhousehold applianceApplication hosted bywebsite27

Networking Technologies Applications will need to work over a mix ofrapidly evolving networking technologies–Ethernet over twisted pair or coax–DSL over copper phone lines–Ethernet over building power wiring–WiFi and WiMax–Bluetooth–ZigBee sensor networks–GSM and cellular packet radioFurther challenge of different addressingschemes, e.g. peer to peer networks28

Realizing the Potential Initially, just proprietary solutions–end user purchases complete solution–single vendor and single product generationFollowed by narrowly focused industry standards– e.g. Pictbridge as solution for printing direct fromcamera when printer and camera from different vendorsBroader standards follow later, enabling new applications–Traditional programming languages like C and Javaoffer low level control but are costly to develop with–Web technologies will make applications easier andcheaper to develop, enabling a much bigger ecosystem29

Security and Privacy Concerns The Web is a mess when it comes to securityDifferent user name/password for each websiteencourages people to use weak passwordsWide open to phishing attacksCriminal gangs harnessing compromised PCsto send out spam and to launch attacksPrivacy abuses are commonplaceBrowser sandbox model and same-site policyare too weak and work-arounds introduce majorsecurity/privacy holes30

Trust Management Solutions Users tend to click through security relateddialogues that “get in the way” of the taskUsers are often not really informed about thetrustworthiness of a website/applicationWe need to find solutions that offer greatersecurity with improved usabilityImproved security through SIM cards andbiometric techniquesNew ideas for trust management solutionsinvolving a trusted third party31

Trust ManagementwebsitewebsiteTrust Management Service (TMS)Policies &other dataServerInternet ClientPolicies &other data BrowserSecurity PolicyEngine UserSecurity PolicyEngineClient invokes local securitypolicies when applicationrequests access to restrictedcapabilitiesLocal policies may invokeremote TMSClient sends security contextto TMSTMS responds with policiesmatching user's preferences32

Layered Approaches to UI Professional Web applications are developedby teams of people with different roles & skillsFrequent need for redesign as data models,business requirements and branding changesReduce costs and increase re-use throughseparation of concernsAllows team members to focus on what theyeach do bestOutsource tough task of adaptation to particularbrowsers and devices (analogous to compilers)33

Layered UIwith transformations defined between each layer1) Application task and data models2) Dialogues and history event driven state transition models3) Abstract User Interface modality independent, e.g. select 1 from n4) Concrete User Interface modality specific, e.g. radio buttons5) Realization on specific device context may involve markup, scripting and CSS hacks34

Device Coordination How to bind devices and services as part ofdistributed applicationsWeb approach involves–Using markup for describing UI and behaviour–Using URIs to name devices and services–Rich meta-data for describing device capabilitiesand security policies–Expose device/resource as object in local objectmodel–Hides addressing/communication details35

Proxies for accessing entListenerDOM ObjectEventListenerDOM Objecthidden messaging layerDeviceDeviceInternetDOM – XML Document Object Model36

Client or Server?DOMscriptDOMscriptClientServerInternet37

Client or Server?Agent combines client and serverDOMscriptDOMscriptAgentAgentInternet38

Event TransportHow to deliver events to devices? Firewalls are intended to block undesired trafficEvolution of mechanisms to tunnel eventsthrough Network Address Translation– STUN, STUNT, TURN, etc.Bindings to event transport protocols–HTTP, SIP, XMPP39

Tunnelling through NATNAT or 0

Tunnelling through NATProxy may arrange for direct link through NATNAT or ee STUN, TURN and other techniques41

Tunnelling through NATNAT or FirewallDOMscriptNAT or FirewallProxyAgentDOMscriptAgentConnecting devices behind different NATs42

Public and Private AgentsNAT or FirewallNAT or Phone orLaptopLargeWebsiteLargeWebsiteAppliance,Phone orLaptop Private agents may be off-line orpowered down Enabling off-line operation viadata synchronization43

Remote User Interfaces Moving beyond Web browsers to new kinds ofapplications–based upon distributed document object models–application running on one device is coupled to auser interface on another via an exchange of eventsLayered architecture involving mappingsbetween different levels of abstraction–High level events as interpretations of lower levelones–Realizing high level tasks as particular UI behaviour44

Remote User interfacesAn XML grammar forserializing DOM events Remote eventlistenersRemote eventdispatchApplicationscript or SCXMLUI eventsEvent handers thatupdate the DOMMaster DOM Tree(possibly virtual)BrowserSlave DOM TreeMutationeventsUser interactionDOM Document Object Model45

Abstraction layer for EventsSCXML(State onLayerXHTMLEventsLocal orRemoteModality specificXHTML(Visual/Tactile)46