‼️  This chapter should be completed by Deadline 1 (see course information at Lovelace)

---

📑  Chapter summary

This chapter must provide a good overview of the Web API that your group is going to develop during the course, and some insight into the (imaginary) microservice architecture it will be a part of. You should not focus in implementation aspects such as database structure, interfaces or the request/responses formats. We recommend that you look into existing APIs (see Related work below) before writing the description for your own API.

Chapter GOALS:

1. Understand what is an API
2. Describe the project topic API
3. Describe how the API would be used as part of a larger architecture

---

✔️     Chapter evaluation (max 5 points)

You can get a maximum of 5 points after completing this Chapter. More detailed evaluation is provided in the evaluation sheet in Lovelace.

---

📑  Content that must be included in the section

Describe the API you are going to implement. Also describe the larger imaginary architecture that would exist around that API - while you do not need to implement these other components, they will be helpful in imagining context for your API. Your API will be a component that stores, and offers an interface to, some important data in the larger ecosystem. Think about a larger system, and then take out one key piece to examine - this will be your API.

Describe the API briefly and comment what is the main functionality that it exposes. Focus in the API not in any specific application that is using this API. Take into account that in the end, a WEB API is an encapsulated functionality as well as the interface to access that functionality. Remember that your API is just one part of a larger machine. It does not need to do everything. There will be other components in the system to do those things. This course focuses on creating a small API in detail - thinking too big from the start will drown you in work later.

A really short version of an overview for the RESTful Web API could be:

“The discussion forum Web API offers different functionalities to structure non-real-time conversations among the people of a group about topics they are interested in certain topic. Messages are grouped in Threads, that at the same time are grouped in Topics. The messages are accessible to anyone, but posts can only be created by providing credentials of a registered user [...] This API could exist as part of an online learning environment system where it is responsible for offering discussion forum features that can be included in other components of the learning environment. For example, a programming task (managed by a different component) can include its own discussion board managed by the discussion forum API[...]“

---

✏️ The Facial Recognition for Access Control API is a specialized component designed for identity verification and access management using facial recognition technology. This API is used as part of a larger security and access control ecosystem, integrating with physical access systems like electronic door locks and surveillance cameras.

The primary function of this API is to process and match facial images against a stored database to authenticate individuals for access control. It does not manage the entire access control system but focuses on the crucial aspect of identity verification through facial recognition. In a broader architecture, this API would interact with other systems that manage user permissions, access logs, and physical control of access points.

For example, in a smart building setup, this API could be integrated with an overarching building management system. It would provide the facial recognition capabilities required for access, while the building management system handles user permissions, access scheduling, and physical security protocols.

---

📑  Content that must be included in the section

Define the main concepts and describe the relations among them textually. Roughly, a concept is a real-world entity that is expected to be of interest to users or other services. This section will be a guideline for choosing your resources to implement in Deadline 3. Students should remember that some of the concepts might not be a resource by themselves, but just a part of it (resource property). In this section, students should not describe the RESTful resources, but identify which are the main ideas of the API. Do not forget to include the relations among the concepts.

A description of the main concepts for the Forum API could be:

"The API permits users send messages. The forum contains a list of categories and a list of users. Each category specifies a name, a description and a thread. A thread is [...]The forum may contain 0 or more categories… Each category may have 0 or more threads… Users can write and read messages to a forum thread. A user has a profile, basic information, activity information (stores, for instance, all the messages sent by a user, the messages marked as favorites). [...]The user history contains information of the last 30 messages sent by the user.[…]"

Include a diagram which shows the relations among concepts.

This section is important because it outlines the concepts that you will later implement. In particular, the diagram defined here will follow you throughout the project report and you will be adding more details to it.

---

✏️ Central to the API, user profiles contain facial data and associated access permissions. They are essential for matching and authenticating users. The core processing unit is Facial Recognition Engine that analyzes and matches facial images with stored profiles. These are access requests from external systems (like door scanners) to authenticate a user based on their facial image. Each user profile has associated permissions defining their access rights, which are checked upon each access request. Records of all access attempts, storing details like time, user identity, and outcome (granted/denied). Each User Profile is linked to specific Access Permissions. Access Requests are evaluated by the Facial Recognition Engine, which references User Profiles. All access attempts are recorded in Access Logs, linked to respective User Profiles.

📑  Content that must be included in the section

Describe at least one client and one service that could use your Web API. You must explain here what is the functionality provided by the client/service, and how it uses the Web API to implement this functionality.

---

✏️

Functionality: The functionality of the app in case of a Secure Building Entry System on the client side is to harness the physical security of office entry points using facial recognition. The entry system could also be used to mark attendance or allow access to secure systems.

Web API Usage:

• Image Capture and API Interaction: The system captures an image of the face as the employee approaches the entry point. It sends the image to your Facial Recognition API.
• Processing and Authentication: The API process the image matching with pre-stored facial profiles in its respective database drawing the inferences that the employee is being identified.
• Access Control Response: Once the API analysis for processing is done, then the response needs to be sent back to the entry system. The indication received in response would signify if the person is an employee/known identity i.e., has been recognized and authorized to enter/ marked attending, or not.
• Security Enforcement: If API proves that the person is an employee, door opens or marked attending. In case of unknown identity, access is denied. Upon that, security can be alerted so they can remain careful enough to stop any attempts of illegitimate entry.

Automated Attendance Tracking (Service Use Case)

Functionality: This is a back-end service designed to automate the attendance tracking of employees, interfacing directly with the Facial Recognition API.

Web API Usage:

• Receiving Authentication Notifications: Once an employee is authenticated at the office entry point by the API, this service is triggered and notification is forwarded to the attendance service.
• Attendance Logging: The service, upon receiving the notification, accesses the API's logs or uses its user verification data to confirm the employee's identity and time of entry.
• Automated Record-Keeping: The attendance tracking system then records this information in the company's attendance database. This process occurs without the need for manual attendance marking, thus streamlining the process and reducing human error.

📑  Content that must be included in the section

Find at least one API that resembles the functionality provided by yours. Explain in detail the functionality provided by the API. Classify the API according to its type (RPC, CRUD REST, pure REST, hypermedia driven ...) justifying your selection. Provide at least one example client that uses this API.

The purpose of this task is to get more familiar with what an API is. This will be helpful in describing your own API. Therefore, it is recommended to do this section after you have decided the topic of your project but before writing your API description.

---

✏️ There are several notable facial recognition APIs in the market that offer functionalities comparable to your system. These APIs are widely used across various industries for their robustness, accuracy, and advanced features. Some of these include:

• Functionality: Microsoft Azure Face API is a cloud-based service that provides a wide range of facial recognition capabilities. It includes functions such as face detection, face recognition, and facial analysis. The API can detect faces in images and videos, and it offers features like finding similar faces, verification, identification, and grouping of faces.

• Type: This API can be classified as a CRUD RESTful API, as it typically follows the principles of Representational State Transfer (REST) in its design. It uses HTTP methods for operations like face detection and recognition.

• Example Client: The Washington State DOL uses Microsoft Azure Face API for identity verification when individuals apply for a driver's license or ID card. The API helps ensure the accuracy of identification documents and prevents identity fraud.

• Functionality: Amazon Rekognition is a cloud-based computer vision service that offers a wide range of facial recognition and analysis capabilities. It can detect and recognize faces in images and videos, perform face comparison for identity verification, estimate attributes like age and gender, and even detect facial landmarks and emotions. Additionally, it offers features like object and scene detection.

• Type: Amazon Rekognition can be classified as a pure RESTful API. It follows REST principles for interactions and uses HTTP methods for operations such as face detection, recognition, and analysis.

• Example Client: The Orlando Police Department uses Amazon Rekognition for facial recognition in surveillance cameras around the city. It aids law enforcement in identifying and tracking suspects in real-time.

• Functionality: Google Cloud Vision API is a cloud-based service that offers a wide range of image analysis capabilities, including facial recognition. It can detect faces in images, extract facial features, and analyze facial attributes such as emotion and gender. However, it does not provide facial recognition for identifying individuals for privacy reasons.

• Type: Google Cloud Vision API can be classified as a pure RESTful API. It follows REST principles for interactions and uses HTTP methods for various image analysis operations.

• Example Client: Pinterest uses Google Cloud Vision API to enhance user experience. It allows users to search for pins and images using natural language queries and visual recognition, making content discovery more intuitive.

• Functionality: IBM Watson Visual Recognition is a cloud-based service that utilizes deep learning algorithms to analyze images and recognize scenes, objects, text, and other content. While it offers various image analysis capabilities, including face detection, it is known for its broader image recognition capabilities beyond facial recognition.

• Type: IBM Watson Visual Recognition can be classified as a pure RESTful API, as it typically follows REST principles in its design and uses HTTP methods for image analysis operations.

• Example Client: Geico, an insurance company, uses IBM Watson Visual Recognition to automate damage assessment during the claims process. Users can submit photos of vehicle damage, and the API helps assess the extent of damage.

• Functionality: Kairos offers a facial recognition API that can detect human faces in photos and images. It provides information on facial features as coordinates on the image. While it offers facial detection and verification capabilities, it also includes features like emotion analysis and digital identity verification.

• Type: Kairos Facial Recognition API is likely a pure RESTful API, as it follows typical REST principles in its design. It uses HTTP methods for various operations, including facial detection and verification.

• Example Client: Rosetta Stone, a language learning platform, uses Kairos Facial Recognition API for user verification during language lessons. It ensures that the person learning the language matches the registered user.

• Functionality: OpenCV (Open Source Computer Vision) is a popular computer vision library known for its wide range of image processing and computer vision capabilities. While it's not a cloud-based service like the others, it provides tools for facial recognition and analysis. OpenCV can detect faces in images and videos, and it includes various facial recognition algorithms and tools.

• Type: OpenCV can be classified as a library for computer vision and image processing. It provides a collection of functions and tools for face detection and recognition, but it's not a traditional API with remote endpoints like the cloud-based services.

• Example Client: Researchers at the University of Washington have used OpenCV for various computer vision applications, including facial recognition in studies related to healthcare and accessibility for visually impaired individuals.

---

Task	Student	Estimated time
Research on project idea	Tharindu Muthukuda Walawwe ([email protected]), shafin Salim ([email protected])	1 hour
Design and plan the project idea	Tharindu Muthukuda Walawwe ([email protected]), shafin Salim ([email protected])	1.5 hour
Update the overview	Tharindu Muthukuda Walawwe ([email protected])	30 min
Main concepts and relations	Tharindu Muthukuda Walawwe ([email protected])	40 min
API use cases	Tharindu Muthukuda Walawwe ([email protected]), shafin Salim ([email protected])	1.5 hr
Research on related works	Tharindu Muthukuda Walawwe ([email protected]), shafin Salim ([email protected])	2 hour