Security in MQTT and CoAP Protocols of IOT’s Application Layer

Abstract

The Internet of Things (IoT) is a framework of interconnected computing devices mechanical and digital machines, internationally identifiable physical objects (or things) or people that are have unique identity and the ability to transfer data over a network without human-to-human or human-to-computer interaction., their combination with the Internet, and their representation in the digital world. The accessibility and availability of cheap components of IoT devices enables a extensive range of applications and provide smart environments. These devices perform actuating and sensing tasks and identified through unique addresses. The IoT devices are connected to the Internet and expected to use the Constrained Application Protocol (CoAP) at the application layer as a main web transfer protocol. Message Queuing Telemetry Transport (MQTT) does not enforce the use of a particular security approach for its applications, but instead leaves that to the application designer. Therefore, IoT solutions can be based on application context and specific security requirements. MQTT is a Client Server publish/subscribe messaging transport protocol. It is lightweight, open, uncomplicated, and designed to make implementation more easier. These characteristics of MQTT make it perfect for use in most of the situations, including communication in Machine to Machine (M2M) and Internet of Things (IoT). In IOT there is major use of Wireless Sensor Networks (WSN) which connects virtual world to physical world. In this paper focus is given to application layer of IOT. In application layer two important protocols are MQTT and CoAP. Security mechanism is proposed in the paper for these protocols.