System Design Description Overview
This System provides the database, which stores information related to the Devices within the Local Cloud.
The purpose of this System is therefore to allow:
- Devices to register themselves, making this announcement available to other Application Systems on the network.
- They are also allowed to remove or update their entries when it is necessary.
- Generate a client certificate which can be used by the Device to register its Systems
This System provides two Core Service: the device registration and de-registration. Further it provides two Onboarding Services: the onboarding with name and onboarding with CSR.
The register method is used to register a device. The device will contain various metadata as well as a physical endpoint. The various parameters are representing the endpoint information that should be registered.
The unregister method is used to unregister device instances that were previously registered in the Registry. The instance parameter is representing the endpoint information that should be removed.
The onboarding methods are used to register a device and to retrieve a device certificate which must be used on the next step of the onboarding procedure.
This System can be secured via the HTTPS protocol. If it is started in secure mode, it verifies whether the Application System possesses a proper X.509 identity certificate and whether that certificate is Arrowhead compliant in its making. This certificate structure and creation guidelines ensure:
- Application System is properly bootstrapped into the Local Cloud
- The Application System indeed belongs to this Local Cloud
- The Application System then automatically has the right to register its Systems in the Registry.
If these criteria are met, the Application System’s registration or removal message is processed. An Application System can only delete or alter entries that contain the Device as the System Provider in the entry.