sqlite – Offloading database joins to IOT devices

Solution as it is right now

I have this solution where I gather information from a proprietary product of a different company in various sites. The solution is based on a single go binary that contains everything needed to run the application (even an embedded sqlite) and is deployed to Windows computers running the proprietary software. All those Windows computers are connected to the Internet and sit behind a firewall that allows all outgoing traffic but incoming traffic is blocked and the owners of the computers don’t have the knowledge to configure their firewalls (to be honest for most of them it is already a demanding task to install the go program)

Users can access the data that is stored in a sqlite database using their mobile device or a different computer (1). The components needed for this are installed on a server that provides its services over the Internet. I created REST webservices (2) that send graphql queries to the computers on the respective site via RPC over NATS (3). The go program installed on the site computers (4) runs those queries against the local sqlite (5) and sends the result back to the NATS queue (6) (7). The result is taken from the NATS queue and returned to the caller by the same REST service that processed the incoming call (8)

enter image description here

Improvement I’m looking for

This setup works fine when I query single sites. But I should also be able to query several sites in parallel and retrieve a single “recordset”.

Here’s a made up example:

Lets assume there is a Persons table available on each site. I can query that table by running SELECT SiteNumber, PersonName FROM Persons

I need to run that query on for example 3 sites and merge/join them into one result that would look like this:

2, Daisy
2, Eve
2, Adam
5, Bob
7, Alice

The SQLs I need to run are much more complicated than this, I would need to do GROUP BY and `ORDER BY´ for example. This excludes approaches where I would for example create three maps and join them into one.

So far I intentionally don’t store or accumulate data on the server. Which are my options to postprocess the data ? I would rather not INSERT all subresults into a temporary table on the server. I found no distributed database that can be embedded into go and works across firewall borders.

iot – Which security protocols are the todays state of the art in WSN?

WSN (Wireless sensor networks) are mostly distributed low power computer with the sensing task that rely on limited battery life and therefore are not able to implement full size security protocols. Depending on the kind of network heterogeneous, homogeneous and the environment they will be used in (likeliness of some attack scenarios) the security means used may depend a lot.

The question relates mostly to networks with homogeneous networks w/o internet connection that rely on some coarse distributed base stations or heterogeneous networks with only slightly differing nodes (towards computational power) that allow clusters to some extend but also heavily rely on coarse distributed base stations.

Does anyone have an idea what todays state of the art protocols are for the different kinds of possible attacks? Key distribution methods, Intrusion detection systems, …?

key management – SSL / TLS communication in a connected device (IoT)

when establishing communication based on SSL / TLS in an integrated device, is it necessary that the device needs to acquire the keys / certificates of a certification authority? I have read that it is also expected that the device will create and use its own key!

What are the possible options and the level of security associated with each option?

Self-signed certificates in an integrated IoT device

I have several IoT devices that will be connected to a cloud-based platform in order to control these devices (IoT node running an SoC arm baremetal).

I would like to know how to configure each IoT node to generate a self-signed certificate and how this element can improve the overall security of the system.

This certificate will only be used when deploying IoT devices and will be used to avoid possible ManInTheMiddle attacks. Is it really useful for this specific case?

Industrial IOT company with opensource Android application for Arduino IOT device

I saw this video:

Sonoff – The $ 5 WiFi smart switch compatible with Alexa and Google Home

I like to build a WIFI IOT socket and for its application, I like to know if there is an industrial application by OpenSource license to use as IOT‌ Android application, which could be updated by the opensource community and add or be able to have controls like Google voice commands and …?

Thank you.

iot – What types of attacks could be made on the CoAP protocol?

I'm a student and I'm studying the security of the CoAP protocol. So, thinking about the attack surface, my thinking was about internal attacks (i.e. inside the network) and external attack (this ; i.e. outside the network). As for them, given the scenario without encryption (i.e. without DTLS), there could be attacks like packet sniffing. So I was also wondering what kind of other attacks could be made?

IoT application development companies

Hakuna Matata Solutions helps industries take advantage of IoT technology to enable devices and humans to communicate with each other via communication media such as Bluetooth, Wi-Fi, NFC, iBeacon, Bluetooth Smart, RFID, etc. to exchange data.

Authentication – Temporary broker credentials for using IoT

I have multiple devices that need to send and receive data from a message broker, in my case RabbitMQ but which are not so relevant for discussion, and I need – as you can Imagine – to provide connectivity in a way that can be considered secure for both the user and the service provider

I know that mutual authentication by SSL certificate is a common way to authenticate devices, but what if I don't want to use the client certificate? Maybe I can't afford a PKI or I work with untrusted devices, so an SSL certificate would be useless as it is not private intentionally

I think it would be great if I could generate temporary, revocable and temporary credentials for each device, maybe after a handshake done with HTTP APIs and based on some sort of hardware secret

But what are the models, tools, state of the art in this subject?

Thanks in advance for the replies

AWS architecture for a huge battery of IOT devices

I started to work on a project where we have a large number of IoT devices transmitting data on their state. I want to design a system where I can see the current values ​​of a particular device in real time (if possible).

What I've tried so far in AWS Cloud: –

AWS IoT Core -> AWS Kinesis Data FireHose -> AWS Kinesis Data Stream -> AWS RedShift and AWS S3 -> AWS lambda -> AWS Aurora -> AppSync -> Web / Mobile

I stored data in Redshift and S3 for backup, then queries the redshift data and merges the data based on the device ID and updates the data in AWS aurora, merging and updating is done in Lambda and for the interface, I used AppSync

I am fairly new to AWS Architecture and that is what I came up with. I'm also talking about this architecture but that doesn't tell me how to merge the data with preexisting data.

Is there a better way to do this or any other service I can use in AWS.

iot – Baby monitor on wifi only, without Internet connection

Are there products that are sold as baby monitors that do not need an internet connection to stream audio and video over a local wifi network?

From a network security perspective and a personal security perspective, I prefer not to have an IoT device connect from my network to the Internet.

I see in previous similar questions from a few years ago someone suggesting using a phone that automatically answers skype phone calls. I neither want nor need remote access, so this is not my favorite solution.

I am concerned that if I buy a product, that the only way to view the feed is online and that it is first downloaded to their servers, so I cannot watch locally while blocking device access to the Internet. Anyone know of any commercial solutions or, if not, does anyone have recommendations on how to configure a USB camera to stream locally securely?