Re: IOTDB: how granting access to value in a device?

Well, no you don't. In fact, part of the whole IOTDB Thing is to be able to
create "cloud free" IoT systems, so that external hackers don't have access
to your house.

A)

So IOTDB - "node-iotdb" itself has no permissions or anything else like it.
It doesn't even have a web API or anything. It is simply Node.JS and
whatever the process can do, the person running the code can do. This is a
very deliberate decision - it is as bare-bones as possible.

B)

HomeStar - which provides management, Web APIs, MQTT interfaces and a bunch
of other stuff - does have the beginnings of a permission system. In
particular, it has authentication that should work against any Twitter-like
OAuth system, including my website homestar.io. Once you have
authenticated, you have basically a URL used as a User ID.

Try the homestar.io authentication system for a laugh. Passwordless.

There are modules that can be installed with HomeStar that provide ACLs on
a per-Thing basis, and there's an interface for putting users in ACL
groups. However, it gets shaky here as this code isn't quite finished.

I'm not putting this ACL authorization system forward as an example of
anything (yet). The last thing the world needs is half-assed permissions
system. When I have more practical experience this may change.


D.

On Tue, Jun 2, 2015 at 4:31 PM, Joachim Lindborg <joachim.lindborg@sust.se>
wrote:

> How do I grant / block access to specific device values
>
> one client can read the temperature another can take the picture
>
> Is it the plan that all devices are fully published on internet? I
> wouldn't like to have my home exposed to internet.
>
>
> *Regards*
> Joachim Lindborg
> CTO, systems architect
>
> Sustainable Innovation  SUST.se
> Barnhusgatan 3 111 23 Stockholm
> Email: Joachim.lindborg@sust.se
> linkedin: http://www.linkedin.com/in/joachimlindborg
> Tel +46 706-442270
>