IIT Home Page CNR Home Page

Improving MQTT by Inclusion of Usage Control

Due to the increasing pervasiveness of Internet of Things (IoT) and Internet of Everything (IoE) devices, securing both their communications and operations has become of capital importance. Among the several existing IoT protocols, Message Queue Telemetry Transport (MQTT) is a widely-used general purpose one, usable in both constrained and powerful devices, which coordinates data exchanges through a publish/subscribe approach. In this paper, we propose a methodology to increase the security of the MQTT protocol, by including Usage Control in its operative workflow. The inclusion of usage control enables a fine-grained dynamic control of the rights of subscribers to access data and data-streams over time, by monitoring mutable attributes related to the subscriber, the environment or data itself. We will present the architecture and workflow of MQTT enhanced through Usage Control, also presenting a real implementation on Raspberry Pi 3 for performance evaluation.

The 10th International Conference on Security, Privacy and Anonymity in Computation, Communication and Storage (SpaCCS 2017), Guangzhou, China, 2017

IIT authors:

Antonio La Marra

Foto di Antonio La Marra

Athanasios Rizos

Foto di Athanasios Rizos

Type: Contributo in atti di convegno
Field of reference: Computer Science & Engineering

File: Improving_MQTT_by_inc_of_UCON.pdf

Activity: Sicurezza di dispositivi mobili