Original scientific paper
https://doi.org/10.24138/jcomss.v14i4.604
MQTT-Auth: a Token-based Solution to Endow MQTT with Authentication and Authorization Capabilities
Marco Calabretta
; IQVIA, Milan, Italy
Riccardo Pecori
orcid.org/0000-0002-5948-5845
; SMARTEST Research Centre, eCampus University, Novedrate,CO, Italy
Massimo Vecchio
; CREATE-NET FBK, OpenIoT Research Unit, 38123 Trento, TN, Italy
Luca Veltri
; University of Parma, Parma, PR, Italy
Abstract
Security in the Internet of Things is a current hot topic and it may comprise different aspects such as confidentiality and integrity of personal data, as well as the authentication and the authorization to access smart objects that are spreading more and more in our every-day lives. In this work we focus on MQTT (Message Queue Telemetry Transport), a message-based communication protocol explicitly designed for low-power machine-to-machine communications and based on the publish-subscribe paradigm. First of all, we provide an accurate analysis of some of the most recent security solutions and improvements of MQTT found in the literature. Secondly, we describe in detail a novel secure solution, called MQTT-Auth, to protect specific topics in MQTT. This solution is based on the AugPAKE security algorithm for guaranteeing confidentiality, and onto two tokens which permit to authenticate the usage of a topic and to guarantee authorization in accessing a topic respectively. MQTT-Auth can also be easily extended to a hierarchical structure of topics and entities. Finally, we compare MQTT-Auth with some solutions for securing MQTT being present in the relevant literature, and we provide some details on how MQTT-Auth has been implemented
and successfully tested.
Keywords
Internet of Things; Security; MQTT; Publish-subscribe; token-based authentication; token-based authorization
Hrčak ID:
207546
URI
Publication date:
3.10.2018.
Visits: 2.913 *