Detail publikace

A Secure Publish/Subscribe Protocol for Internet of Things

MALINA, L. SRIVASTAVA, G. DZURENDA, P. HAJNÝ, J. FUJDIAK, R.

Originální název

A Secure Publish/Subscribe Protocol for Internet of Things

Anglický název

A Secure Publish/Subscribe Protocol for Internet of Things

Jazyk

en

Originální abstrakt

The basic concept behind the emergence of Internet of Things (IoT) is to connect as many objects to the Internet as possible in an attempt to make our lives better in some way. However, connecting everyday objects like your car or house to the Internet can open up major security concerns. In this paper, we present a novel security framework for the Message Queue Transport Telemetry (MQTT) protocol based on publish/subscribe messages in order to enhance secure and privacy-friendly Internet of Things services. MQTT has burst onto the IoT scene in recent years due to its lightweight design and ease of use implementation necessary for IoT. Our proposed solution provides 3 security levels. The first security level suits for lightweight data exchanges of non-tampered messages. The second security level enhances the privacy protection of data sources and data receivers. The third security level offers robust long-term security with mutual authentication for all parties. The security framework is based on light cryptographic schemes in order to be suitable for constrained and small devices that are widely used in various IoT use cases. Moreover, our solution is tailored to MQTT without using additional security overhead.

Anglický abstrakt

The basic concept behind the emergence of Internet of Things (IoT) is to connect as many objects to the Internet as possible in an attempt to make our lives better in some way. However, connecting everyday objects like your car or house to the Internet can open up major security concerns. In this paper, we present a novel security framework for the Message Queue Transport Telemetry (MQTT) protocol based on publish/subscribe messages in order to enhance secure and privacy-friendly Internet of Things services. MQTT has burst onto the IoT scene in recent years due to its lightweight design and ease of use implementation necessary for IoT. Our proposed solution provides 3 security levels. The first security level suits for lightweight data exchanges of non-tampered messages. The second security level enhances the privacy protection of data sources and data receivers. The third security level offers robust long-term security with mutual authentication for all parties. The security framework is based on light cryptographic schemes in order to be suitable for constrained and small devices that are widely used in various IoT use cases. Moreover, our solution is tailored to MQTT without using additional security overhead.

Dokumenty

BibTex


@inproceedings{BUT158411,
  author="Lukáš {Malina} and Gautam {Srivastava} and Petr {Dzurenda} and Jan {Hajný} and Radek {Fujdiak}",
  title="A Secure Publish/Subscribe Protocol for Internet of Things",
  annote="The basic concept behind the emergence of Internet of Things
(IoT) is to connect as many objects to the Internet as possible
in an attempt to make our lives better in some way.
However, connecting everyday objects like your car or house
to the Internet can open up major security concerns. In this
paper, we present a novel security framework for the Message
Queue Transport Telemetry (MQTT) protocol based
on publish/subscribe messages in order to enhance secure
and privacy-friendly Internet of Things services. MQTT has
burst onto the IoT scene in recent years due to its lightweight
design and ease of use implementation necessary for IoT. Our
proposed solution provides 3 security levels. The first security
level suits for lightweight data exchanges of non-tampered
messages. The second security level enhances the privacy protection
of data sources and data receivers. The third security
level offers robust long-term security with mutual authentication
for all parties. The security framework is based on light
cryptographic schemes in order to be suitable for constrained
and small devices that are widely used in various IoT use
cases. Moreover, our solution is tailored to MQTT without
using additional security overhead.",
  address="ACM",
  booktitle="Proceedings of the 14th International Conference on Availability, Reliability and Security (ARES 2019)",
  chapter="158411",
  doi="10.1145/3339252.3340503",
  howpublished="online",
  institution="ACM",
  year="2019",
  month="august",
  pages="1--10",
  publisher="ACM",
  type="conference paper"
}