Abstract
Message Queuing Telemetry Transport (MQTT) is a de facto standard for various Internet of Things (IoT) and industrial IoT applications. The data produced by a publisher are delivered to several subscribers via an MQTT broker. However, the MQTT standard lacks security-related functionalities, such as mutual authentication, access control, control message security, and end-to-end security. According to a recent report, many security threats and flaws associated with MQTT have been identified worldwide. This paper proposes security architecture and protocols to bootstrap MQTT security in the wireless sensor network. Security bootstrapping for MQTT includes security credential generation and distribution; registration protocol for joining MQTT entities such as publishers, subscribers, and brokers to the security controller; and rekeying protocol for group membership management. Special attention is given to the end-to-end security between the publishers and subscribers because the data from the publishers should not be corrupted by, and exposed to, the compromised broker. Both security analysis and performance evaluation show that our proposed security architecture and protocols for secure MQTT can be a viable solution to enhance MQTT security.
Highlights
Machine-to machine (M2M) protocols are key technology that significantly contribute to the fast development of Internet of Things (IoT) and industrial IoT (IIoT)
M2M technology based on constrained application protocol (CoAP) or message queuing telemetry transport (MQTT) is found in various sectors [3,4,5,6,7], such as manufacturing, public administration, environment, building automation, and healthcare
During the ‘‘Initialization’’ stage, the device certificate is generated and installed into each device including the broker. Both mutual authentication and session key exchange can be performed between each device and the broker for a secure MQTT-SN
Summary
Machine-to machine (M2M) protocols are key technology that significantly contribute to the fast development of Internet of Things (IoT) and industrial IoT (IIoT). During the ‘‘Initialization’’ stage, the device certificate is generated and installed into each device including the broker Based on it, both mutual authentication and session key exchange can be performed between each device and the broker for a secure MQTT-SN. PROPOSED SECURE MQTT-SN PROTOCOL The original MQTT-SN protocol introduced in Section II.A is modified to embed the security features: mutual authentication, access control, control message security, and end-to-end security for the topic data, without employing the TLS/DTLS.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
