“The key to successfully addressing the IoT market is the ability to rapidly build and evolve apps that tap into, analyze and make smart decisions on fast, big data”,
"if we look more closely into the deeply unsexy world of predictive maintenance on industrial equipment, we will have to contend with massive files that are typically buried and inaccessible after years of being shuffled around by the IT department." Big Data Now: 2014 Edition (free ebook from O'Reilly Media)
"Revolution Analytics provides an "enterprise-class platform" for developing and deploying R-based analytic solutions that can scale across large data warehouses and Hadoop systems, and which can integrate with enterprise systems"
IdentityServer is designed as an (Microsoft .NET) OWIN/Katana component. By referencing the library or nuget you get a UseIdentityServer extension method for IAppBuilder that allows setting up IdentityServer in your OWIN host" (and it could run on Linux and Mac)
"Authentication is used by a server when the server needs to know exactly who is accessing their information or site.
Authorization is a process by which a server determines if the client has permission to use a resource or access a file. Authorization is usually coupled with authentication so that the server has some concept of who the client is that is requesting access"
OpenID Connect | OpenID "OpenID Connect 1.0 is a simple identity layer on top of the OAuth 2.0 protocol. It allows Clients to verify the identity of the End-User based on the authentication performed by an Authorization Server, as well as to obtain basic profile information about the End-User in an interoperable and REST-like manner."
OAuth 2.0 — OAuth "OAuth 2.0 focuses on client developer simplicity while providing specific authorization flows for web applications, desktop applications, mobile phones, and living room devices."
ASP.NET 4.5 has options for external authentication by Google, Microsoft Live, Facebook.
That is very useful for human users and web application, but for mobile apps there is a need for access control to Web APIs: access authorization based on tokens.
When there are more than one app or web site granting access to each separately is inconvenient.