Unknown macro: {style}


Unknown macro: { margin}
Unknown macro: {div}
Kaa releases
Unknown macro: {div}

Page tree
Skip to end of metadata
Go to start of metadata

The endpoint registration is the process of initial communication setup that ensures that the endpoint is registered within the Kaa cluster along with the corresponding security credentials and the endpoint profile. It is not until the endpoint registers on the server that the Kaa framework services become available to the client application. During the process of registration, the Kaa endpoint at first communicates with one or multiple Bootstrap services to obtain a list of available Operations services, and then with the Operations service to submit the endpoint data and complete the registration.

Endpoint registration overview

Registration security

The endpoint SDK generates a security key pair during the initial client boot-up. By default, Kaa uses the RSA algorithm with a 2048-bit key. The key pair is used to ensure the endpoint authenticity and message integrity in different transport implementations. The public key is transferred to the Operations service during the registration to identify and verify endpoint requests.

Resolution request/response

Initially, the Kaa endpoint SDK does not include any information about Operations services for security and load-balancing reasons. Instead, during the SDK generation, a Control service embeds a list of available Bootstrap services into the SDK (using a properties file for Java implementation, a header file for C++, etc.). The endpoint selects a random Bootstrap service from the list and sends a resolution request to the selected Bootstrap service. The resolution request contains the application token that can be used by the Bootstrap service in specific load-balancing strategies. The resolution response from the Bootstrap service contains a prioritized list of Operations services with their connectivity details and is signed with the Bootstrap service private key. The endpoint verifies the signature of the response by using the Bootstrap public key available from the build time parameters and retains the received information.

Registration request/response

The endpoint selects the service with the highest priority from the Operations service list and sends a registration request to that service. If there are several Operations services with the top priority, the endpoint, for load balancing purposes, uses a random one.

The registration request contains the following information.

  • SDK token
  • Endpoint public key
  • Endpoint profile body

The Operations service stores the endpoint profile and sdk token information for processing future requests. Kaa uses the SHA-1 hash of the endpoint public key as the endpoint identifier across the system.

After successful registration, the Operations service responds with a message that contains the current application state information.

Copyright © 2014-2015, CyberVision, Inc.

  • No labels