Web of Things (WoT) Explained

Updated on October 15,2022

A recap of the Internet of Things (IoT)

As mentioned earlier in a previous article, the idea of the Internet of Things is like that of enchanted objects, objects which can ‘talk back’ to you, as many heresays put it. However true, we should no longer blacken this simple technology under such unexpected ambiguous statements. We have already witnessed what IoT is and what it can do. Better yet,  visions of machines communicating with one another have been around since the early 1800s, back in Industry 1.0. The IoT is not our technology; it is a product of the great minds of the Renaissance, we simply practicalized their thoughts.

The idea is, however, very simple. Take an example of a potted plant and give it the ability to sense (and respond to) its environment through soil humidity sensor and a slickwater pump, then add to it Internet access through Wi-Fi or Zigbee. To finalize its functionality, add to it a processing power through a Microcontroller. The system should be able to send data (the current soil humidity) to a  processing/visualization application. It should then be able to receive commands (say, turn the water pump on) over the Internet. Such is technology. But why brand it with its own name? Why call it the Internet of Things and simply not part of the Internet of Computers? Below are some notable differences.


Differences between the Internet of computers and the IoT

  • In simple thoughts, IoT composes of ‘things’ connected to the Internet as opposed to ‘computers’ of the normal Internet.
  • Computers connected to the Internet mostly run Multi-user and Single-user Operating Systems such as Windows 10, macOS or Linux, whereas IoT systems run on Real-Time operating systems such as Windows CE, OS-9, Symbian, Contiki-Os, PaulOS, and LynxOS. IoT systems also run Embedded OSs.
  • The Internet of Computers is run by the famous protocol suite/stack labeled The Open Systems Interconnect (OSI) model consisting of the likes of HTTP, TLS, HTTPS, FTP, SMTP, etc;  whereas for the IoT, other than being run by its own protocols such as ZigBee, MQTT, HATEOAS, and WoT-a-Mashup, it sits on top of the OSI protocols and is run by some of the protocols therein.
  • The Internet is a mature technology stack on its own while the IoT is yet to mature and is a subset of the Internet thus inseparable. One can simply claim that the IoT is just a set of new protocols and technologies for the Internet.

Problem Statements

To begin with, giving your potted plant an Internet Protocol(IP) address and then giving it access to the Internet is only the first step towards an IoT system. You will, however, need to accomplish the following in order to call it an IoT system.

  • Send and receive data to whoever is concerned
  • The concerned data recipient must be part of the Internet
  • The concerned data recipient must use this data to produce some meaningful information, say, graphical plots.  Most existing IoT projects stop here, but I can assure you that the end of the journey is not yet.
  • A user should be able to access the information (remember data is different from information) through their own devices, say through a mobile app.
  • The complete IoT system and its related info should be indexed in a search engine like the world’s scariest search engine so that one can easily search for any info related to such a system.
  • The IoT system might want to share its data with other similar IoT systems.
  • The IoT system should be able to share its data across social platforms say twitter.

The system should be able to accomplish all of the above. But at every stage, there is a need to solve some critical problems. This is the role of protocols suites like the OSI.

The Web of Things (WoT)

As the Internet of Things is also maturing, it is becoming apparent that it dawns its own protocol suite for the whole architecture. In the ‘70s and ‘80s there existed the Internet, just a large network of computers for exchanging data in whichever form and to keep things synchronized. Then came the genius Tim Bernes Lee, who in 1991 built the World’s largest system: The World Wide Web. The web gave meaning to the data being transmitted over the Internet. At the core of the Web is HTTP. The HyperText  Transfer Protocol that allowed computers to understand what data was being transmitted over the Internet. Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) are for establishing a connection between computers over the Internet and ensuring data is transmitted with minimal loses. HTTP, on the other hand, encodes data for transmission according to the type of data being transmitted, plus other useful information such as source and destination addresses. On the recipient’s end, it decodes that information. This is what enables you to share text, audio, video and other file formats across the Internet. Such is its usefulness. The  Web of Things (WoT) can be thought of as a protocol suite that helps to integrate things to the Web even more intimately hence making those devices more accessible for applications and humans as discussed below.

Layer 0: Networked things

Although it’s not part of the Web, everything begins here. It is where all the network connectivity takes place. Consider your smart IoT potted plant garden. Interconnect your soil humidity sensor, water pump, microcontroller e.g Arduino, and then give it access to the Internet. Protocols in this layer are for connectivity between sensor nodes and the Internet. A sample list is given in the above picture. If you are the mechatronics engineer, in this layer you simply have to google out which physical devices/modules are used to implement the above protocols, and then figure out how to use such device in your system. 

Layer 1: Access

After connecting your potted plant to the Internet, the system should be able to send and receive data to an IoT platform. The problem that arises here is if the IoT understands what type of data you are trying to send. Worse yet, does the IoT understand how to transceive this type of data? This layer is concerned with data transmissions and encoding. HTTP and MQTT are well known for this. Importantly, once data is encoded, this layer is also responsible for turning your physical system into an Application Programming Interface (API). Humans are good with HTML but the system only understands JSON or XML. Henceforth, your physical system will be accessible through Uniform Resource Identifiers/Locators (URI/URL) eg. http://www.thingspeak.com/my-app-id/temperature. This is the role of REST API protocol. To enhance real-time data updates via the API, WebSockets come into the picture. WebSockets is aided by WebHooks which implements auto-polling/auto-updating of your API rather than manual actions from the user such as page refreshes. The user, however, will only see things in HTML format.

Layer 2: Find

Even though you can now access your system through APIs, one thing that makes IoT systems ubiquitous is yet to be solved. Other Web applications should be able to find your IoT application over the Internet. They should also be able to understand what type of an application it is and meaningfully understand the data it sends after which your application and its related information should be indexed in search engines. User Interface generation tools rely on protocols that reside here such as JSON-LD for annotating JSON data. Your application will finally be able to be accessed via search engines.

Layer 3: Share 

Wouldn’t it be amazing if your potted plant can tweet updates on soil humidity to your Twitter handle? This would be very cool. With the advent of security protocols like Transport Layer Security (TLS) for creating a secure layered HTTPS from HTTP and Public-key Infrastructure (PKI) encryption protocols, your data will be secure from man-in-the-middle attacks during transmission. Better yet, delegated web authentication mechanisms like OAuth will ensure that your application seamlessly accesses social platforms like Twitter. Hurray, your application would have joined the Social Web of Things.

Layer 4: Compose

Finally, can you bring all those layers together into one accessible application say an Android or Web app? Can you compose a large-scale, meaningful application for your Web of Things? Here we are concerned with the integration of data and services from diverse Things into an immense ecosystem of web tools such as analytics software and mashup platforms. Physical mashup tools like Node-RED and other JavaScript SDKs that offer higher-level abstractions—to dashboards with both programmable and also drag-and-drop widgets that require no programming skills have risen ostensibly to the occasion. This should be the final goal of each IoT engineer.


In conclusion, we have seen that for a complete Web of Things system, the Thing must be able to access the Web (layer 1), where they can be found by humans and machines (layer 2) and their resources can be shared securely with others (layer 3). With all this in, one can now build a fully-fledged WoT application to bring everything together. We have also seen that the Internet of Things (IoT) is yet to mature and the Web of Things is what will aid it to this maturity.

More in this category: OWASP top 10 by Example: XSS exploits »