3

The company I am working for has decided to create an API for a few of the products we create here (we create physical access control solutions, card readers, key storage, intelligent door locks and stuff).

The problem is management does not exactly know what they want. And there are currently two options I'm tasked with figuring out:

  • Option 1, create a .dll (or similar) file with which 3th party programmers can communicate and create their own software solutions.
  • Options 2, change the current embedded hardware so the product can directly be spoken to over IP.

Even though my preferences goes out to option 1 I'm still trying to explore option 2 as good as I can. Therefore I am trying to find out if there are standardized protocols for exchanging access control specific data. And for what I have found I do not think there is. Competitors, also, seem to use their own thing. However I know very little when it comes to the vast jungle of standardized protocols which is why I'm asking the following question:

Is there a standardized protocol for sending over access control data.

I am not looking for securing the data I am sending (we already use TLS) I am looking for a way to structure the data I want to send.

In the worst case I will simply think of a format and send it over with something like JSON.

techraf
  • 9,141
  • 11
  • 44
  • 62
Vincent
  • 433
  • 3
  • 9
  • `In the worst case I will simply think of a format and send it over with something like JSON.` Why is this the "worst case"? – deviantfan May 25 '16 at 06:55
  • @deviantfan well, i was hoping there'd be something more specific, I don't exactly like Json (which might be because I've rarely used it but still). If it turns out to be Json i'll be fine with it but it still means i'll have to at least think of the right parameter names and how to structure it. but yes worst case might not be the ideal choice of words :P – Vincent May 25 '16 at 06:59
  • Please use a REST-style JSON or XML API. Creating a DLL limits your API to specific platforms and languages unless developers are going to jump through a lot of hoops. A REST-style API that uses either JSON or XML (or both) is much more flexible in terms of what languages and platforms it can be used on. – Moshe Katz May 31 '16 at 18:56
  • Is XACML what you are looking for? Some additional detail about what you mean by access control data would be helpful. – jhash Sep 19 '16 at 22:41
  • @Vincent Did you come to a solution and would you consider providing an answer? – Tom K. Feb 20 '18 at 10:25
  • @TomK. We ended up creating a server to which they have to send Json formatted requests. We've created an installer so the customer can create the server them selves, this so they need as little interaction with us as possible and we've described our own way of formatting the Json. – Vincent Feb 21 '18 at 07:20
  • You can answer your own question with an answer. ;) – Tom K. Feb 21 '18 at 07:55

0 Answers0