Skip to the main content

Original scientific paper

https://doi.org/10.24138/jcomss.v14i4.604

MQTT-Auth: a Token-based Solution to Endow MQTT with Authentication and Authorization Capabilities

Marco Calabretta ; IQVIA, Milan, Italy
Riccardo Pecori orcid id orcid.org/0000-0002-5948-5845 ; SMARTEST Research Centre, eCampus University, Novedrate,CO, Italy
Massimo Vecchio ; CREATE-NET FBK, OpenIoT Research Unit, 38123 Trento, TN, Italy
Luca Veltri ; University of Parma, Parma, PR, Italy


Full text: english pdf 1.975 Kb

page 320-331

downloads: 1.736

cite


Abstract

Security in the Internet of Things is a current hot topic and it may comprise different aspects such as confidentiality and integrity of personal data, as well as the authentication and the authorization to access smart objects that are spreading more and more in our every-day lives. In this work we focus on MQTT (Message Queue Telemetry Transport), a message-based communication protocol explicitly designed for low-power machine-to-machine communications and based on the publish-subscribe paradigm. First of all, we provide an accurate analysis of some of the most recent security solutions and improvements of MQTT found in the literature. Secondly, we describe in detail a novel secure solution, called MQTT-Auth, to protect specific topics in MQTT. This solution is based on the AugPAKE security algorithm for guaranteeing confidentiality, and onto two tokens which permit to authenticate the usage of a topic and to guarantee authorization in accessing a topic respectively. MQTT-Auth can also be easily extended to a hierarchical structure of topics and entities. Finally, we compare MQTT-Auth with some solutions for securing MQTT being present in the relevant literature, and we provide some details on how MQTT-Auth has been implemented
and successfully tested.

Keywords

Internet of Things; Security; MQTT; Publish-subscribe; token-based authentication; token-based authorization

Hrčak ID:

207546

URI

https://hrcak.srce.hr/207546

Publication date:

3.10.2018.

Visits: 2.913 *