Crafting a communications software stack tailored to the needs of your Internet of Things design is crucial -- and not necessarily easy, given that options are continually evolving.
Several network topologies are commonly used to link IoT products to the Internet. They all carry protocol requirements in four core areas: security, authentication, message routing, and payload.
Broadcasting data in the open is a recipe for disaster. Encrypting traffic and validating at least your server endpoint is a given to protect against this type of situation.
Despite recent publicity around the Heartbleed defect in TLS/SSL, SSL still remains the preferred encryption solution because it is an established, supported, and highly scrutinized Internet standard. Only extreme circumstances should steer you to a different protocol.
Encryption generally forms the basis for the next requirement, authentication, the act of validating that a device or user is who they say they are. Among the many authentication choices, the simplest approach is to ask a user to enter a printed serial number from his or her device.
Unique SSL certificates programmed at manufacture are a "freebie" with TLS/SSL for at least device authentication. The oAuth standard is a robust choice many websites use. SASL provides a framework for options ranging from basic passwords to more complicated SHA hash methods.
Given the diversity options, you should think through this particular requirement carefully. Most of these methods require some form of user interaction, and that can have an impact on the overall customer experience.
Once an IoT device is authenticated and signed on it will typically begin exchanging messages with a server. Some form of addressing and/or filtering is typically needed.
Your product requirements will largely guide your choice of routing protocols. You might even be able to dispense with this requirement entirely. Two popular standards in this space are MQTT and XMPP.
Next Page: Message routing is the Wild West