This document describes the encryption service developed at ITESM as a tool for encrypting and decrypting FIWARE data models.
FIWARE is a curated framework of open source platform components to accelerate the development of Smart solutions. The FIWARE platform provides a rather simple yet powerful set of APIs (Application Programming Interfaces) that ease the development of Smart Applications in multiple vertical sectors.
The main and only mandatory component of any "Powered by FIWARE" platform or solution is the FIWARE Orion Context Broker Generic Enabler, which brings a cornerstone function in any smart solution: the need to manage context information in a highly decentralized and large-scale manner, enabling to perform updates and bring access to context.
FIWARE data models have been harmonized to enable data portability for different applications including, but not limited, to Smart Cities. They are intended to be used together with FIWARE NGSI version 2.
The application can be seen as two stand-alone services, one that uses tokens as a security measure and the second one that uses sessions as a security measure. Both stand-alone services enable the encryption and decryption of all up-to-date available FIWARE data models published in FIWARE Data Models official site.
The encryption service can be installed on any Operative System.
The following software must be previously installed in the server which will hold the encryption service.
Furthermore, the following ports containers are required.
- ngsi_nodejs 8000 (only for the token-based service)
- ngsi_python 2121 (only for the session-based service)
The service requires an active Gmail account. The use of other email accounts will cause the malfunction of the service. In order to allow sending and receiving emails from an external application, it is necessary to enable this option in the selected Gmail account. To configure the Gmail account, please:
- Go to the Gmail account configuration via (https://www.google.com/settings/security/lesssecureapps)
- Enable the option "Allow less secure apps"
First, download or clone the repository to a local directory. Inside each fold of the two implemented services, session-based and token-based, resides a Dockerfile. Open the Dockerfile with a text editor and modify the fourth and fifth lines with your email and the corresponding password, respectively.
4 ENV ngsi_address_send email 5 ENV ngsi_encrypt_pass password_email
For a complete guide, please refer to:
Refer to the User Manual of the Session-based service.
Refer to the User Manual of the Token-based service.