Securing Publish-Subscribe Services with Dynamic Security Protocol in MQTT Enabled Internet of Things

International Journal of Security and Its Applications Pub Date : 2017-11-30 DOI:10.14257/IJSIA.2017.11.11.05

A. Bashir, A. H. Mir

{"title":"Securing Publish-Subscribe Services with Dynamic Security Protocol in MQTT Enabled Internet of Things","authors":"A. Bashir, A. H. Mir","doi":"10.14257/IJSIA.2017.11.11.05","DOIUrl":null,"url":null,"abstract":"Rapid developments in the field of embedded system, sensor technology, IP addressing and wireless communication are driving the growth of Internet of Things (IoT) in a variety of applications which include environment monitoring, smart manufacturing, e-health and smart agriculture. Due to heterogeneous and constrained nature of IoT nodes, many new security and privacy issues are introduced. IoT devices and systems collect a lot of private data about people, for example an intelligent meter knows when you are home and what devices you use when you are there. This data is shared with other devices and also stored in database or cloud server. Absence of security protocols for these resource constrained smart devices averts their widespread implementation. To address this problem, we propose a mechanism for securing application layer MQTT (Message Queue Telemetry Transport) protocol messages in IoT. The proposed security method for Internet of Things is lightweight in nature and suits well for resource constricted devices. The proposed method counters most of the likely confidentiality attacks in IoT.","PeriodicalId":46187,"journal":{"name":"International Journal of Security and Its Applications","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2017-11-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.14257/IJSIA.2017.11.11.05","citationCount":"5","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Security and Its Applications","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.14257/IJSIA.2017.11.11.05","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 5

Abstract

Rapid developments in the field of embedded system, sensor technology, IP addressing and wireless communication are driving the growth of Internet of Things (IoT) in a variety of applications which include environment monitoring, smart manufacturing, e-health and smart agriculture. Due to heterogeneous and constrained nature of IoT nodes, many new security and privacy issues are introduced. IoT devices and systems collect a lot of private data about people, for example an intelligent meter knows when you are home and what devices you use when you are there. This data is shared with other devices and also stored in database or cloud server. Absence of security protocols for these resource constrained smart devices averts their widespread implementation. To address this problem, we propose a mechanism for securing application layer MQTT (Message Queue Telemetry Transport) protocol messages in IoT. The proposed security method for Internet of Things is lightweight in nature and suits well for resource constricted devices. The proposed method counters most of the likely confidentiality attacks in IoT.

查看原文本刊更多论文

基于MQTT的物联网动态安全协议保护发布-订阅服务

嵌入式系统、传感器技术、IP寻址和无线通信领域的快速发展正在推动物联网（IoT）在各种应用中的增长，包括环境监测、智能制造、电子健康和智能农业。由于物联网节点的异构性和约束性，引入了许多新的安全和隐私问题。物联网设备和系统收集了很多关于人的私人数据，例如，智能电表知道你什么时候在家，以及你在家时使用什么设备。这些数据与其他设备共享，也存储在数据库或云服务器中。缺乏用于这些资源受限的智能设备的安全协议阻碍了它们的广泛实施。为了解决这个问题，我们提出了一种在物联网中保护应用层MQTT（消息队列遥测传输）协议消息的机制。所提出的物联网安全方法本质上是轻量级的，非常适合资源受限的设备。所提出的方法对抗了物联网中大多数可能的保密攻击。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

International Journal of Security and Its Applications COMPUTER SCIENCE, INFORMATION SYSTEMS-

自引率

0.00%

发文量

期刊介绍： IJSIA aims to facilitate and support research related to security technology and its applications. Our Journal provides a chance for academic and industry professionals to discuss recent progress in the area of security technology and its applications. Journal Topics: -Access Control -Ad Hoc & Sensor Network Security -Applied Cryptography -Authentication and Non-repudiation -Cryptographic Protocols -Denial of Service -E-Commerce Security -Identity and Trust Management -Information Hiding -Insider Threats and Countermeasures -Intrusion Detection & Prevention -Network & Wireless Security -Peer-to-Peer Security -Privacy and Anonymity -Secure installation, generation and operation -Security Analysis Methodologies -Security assurance -Security in Software Outsourcing -Security products or systems -Security technology -Systems and Data Security