-
Notifications
You must be signed in to change notification settings - Fork 9
Minimal Tutorial
Usually in NDN, when you produce a piece of Data, you first prepare the content, using correct keys to encrypt, and then using correct keys to generate the signature. After all aforementioned, you still need register the prefix to allow Interest coming in. It's no difference with directly using Socket in IP.
Pub/Sub module will do these things and you can focus on the Data production/consumption. To successfully use Pub/Sub, your device should first be successfully bootstrapped.
Each device can be viewed as subscriber and publisher. Pub/Sub module maintain states for both roles. For publisher states, Pub/Sub module keeps and only keep the latest Data of per topic and wait for subscribers' Interests. For subscriber states, the latest Data digests are kept on topic level to avoid duplicate Data (drop them before delivered to you).
Each device is by default allocated into topics /ndn-iot/<Service>/livingroom/<device-id>. For example, if your device get a device ID device-25779, the allocated topics are /ndn-iot/<Service>/livingroom/device-25779, where <Service> refers to the services you're allowed to publish on.
Currently, encryption/decryption keys are managed at service level. In other words, inside one service, all devices use the same key to decrypt and encrypt.
Pub/Sub has two features, DATA Pub/Sub (more recommended) and CMD Pub/Sub. The former refers to general sensor readings, and the latter refers to command in IoT systems.
In DATA Pub/Sub. The publisher registers the prefix for the topics, and replies the Interests with the latest Data. The subscriber periodically send Interests to get Data back. However, in CMD Pub/Sub, the publisher will additionally send a Notification Interest to indicate the command event, and then subscriber sends the Interest to fetch the CMD Data back (Notice: no longer periodic Interest, but notification triggered).
There're three security procedures in Pub/Sub module. They happen in sequence when receiving a new Data
-
Signature Verification: Verify whether the signature of received Data comes from trusted certificates (signed by the same trust anchor)
-
Content Decryption: Decrypt the Data content with corresponding access keys (if have)
-
Policy Check: Check whether the trusted ceritificate are producing overpriviledged Data.
Usually they are explained by logs if you turn the logging on. Common failures are caused by
-
Not bootstrapped
-
Don't have the encryption/decryption keys
-
Cannot pass the policy check
As above mentioned, Pub/Sub module only keep the latest Data per topic. The previous published Data will "lost" when publishing a new one on the same topic. You may need a local Data repository to keep the whole history on certain topics.
The inserter can periodically send Interest on topics insert every new Data into the local database. Data's exact name will be registerd as prefix on the Repo-hosted machine's NFD.
------------ -------------- ---------------
| Database | <----> | NDN-Repo | <----> | Repo Inserter |
------------ -------------- ---------------
| |
| |
| -------------
---------------> | NFD | <---- Pub/Sub ---->
-------------
Download and install NFD and ndn-cxx (please use release version) .
Download and install ndn-iot-controller
Follow the instructions to run the the tutorial-app, which will
- Bootstrap your device to the controller
- Register
NDN_SD_LEDas service hosted - Start Service Discovery
- Subscribe to CMD Data published on
NDN_SD_LEDservice - Publish DATA Data on
NDN_SD_LEDservice every four second.
See the NFD log teriminal and note the newly emerged face id
Then you can use similar ways to run the tutorial-app-sub, which will
- Bootstrap
- Request the key for the
NDN_SD_LED - Subscribe the
NDN_SD_LEDservice - See the NFD log teriminal and note the newly emerged face id
Pub and Sub application are connected to NFD through [Unix face](https://github.com/named-data-iot/ndn-iot-package-over-posix/blob/master/examples/tutorial-app.c#L197, which further set as the default route for Pub and Sub on prefix /ndn-iot. But Interest from Sub application will not be forwarded to the Pub application. NFD receives the Interests and finds no route the it drop. Thus you should set up route for prefix /ndn-ioton NFD so Interests can be forwarded. Command nfdc route add will help. It requires you know the face id of Pub and Sub. You can get them from NFD log (as mentioned above) or ndn-cc.