Here is my Internet of Thing communications model:
This model tries to cover at least the most IoT situations.
The idea in this model is to describe the IoT communications at suitably accurate level to cover normal situations. A real-life implementation can have all those part or it can have more than one step of the model integrated into one device. In real-life networks there can be less firewall than this model (some of the firewalls are replaced with just routers).
Let’s consider situation where there is an IoT sensor that measures something (for example temperature) and sends the data to IoT cloud where the results can be read or processes.
This model on the left there is the sensor that measures the temperature. Typically the sensors itself do not communicate directly with Internet. The data goes to IoT gateway that converts the sensor data suitable to be sent over Internet. Typically sensors are connected to IoT gateway using a communications channel that does not use TCP/IP. Typical interfaces between sensor with digital interface and IoT gateway are wired serial buses (RS232,RS485,SPI,I2C, etc.) and short range wireless networks (Bluetooth, Zigbee etc..).
The IoT gateway takes the measurement data, converts it to suitable format so that it can be transported over Internet to IoT cloud service. The communications between IoT gateway and IoT cloud typically uses some higher layer protocol (for example XML-RPC, JSON-RPC, RESTful API or a custom made protocol) running over TCP/IP (TCP socket, WebSocket etc.). A typical IoT gateway nowadays is a small embedded computer running Linux. It typically has some form of built-in firewall.
From IoT gateday the data goes to Access Network. That access network is typically wired Ethernet LAN, wireless LAN system (typically WLAN base station + Ethernet network after it), a cellular phone network (GPRS, 3G, 4G) or something similar.
From Access Network the data goes to public Internet. There is a router between Access Network, and typically nowadays there is some sort of firewall functionality in it. Typically in corporate networks this firewall has nowadays passes only some services, has some form of state-full firewall in it (for example allows the connection opened from Access Network to Internet direction) and there can be NAT functionality (allows the connection opened from Access Network to Internet direction and changes IP address and port numbers).
The public Internet carries the data toward IoT cloud service. Typically the cloud service data center has a firewall. This cloud service firewall can be a simple firewall or a complicated firewall that carefully validates data before it enters the IoT cloud servers. Sometimes the firewall can have also built-in load distribution service (distributes incoming data evenly to a cluster of IoT servers). Typically the IoT cloud server collects the incoming data so some form of database (SQL or NoSQL database) where it can be accessed through some API provided by the cloud service provider. Typically the data stored on measurements is the measurement value and time stamp when measurement was made. When you collect data from lots of sensors for a long time you have easily a very huge amount of data (=Big Data).
I plan to use this model in some future postings on IoT. The IoT field is so large and varying that it would be impossible to put all the details on one posting.