{"title":"受限物联网设备中基于令牌的MQTT协议认证体系结构设计","authors":"A. Bhawiyuga, Mahendra Data, Andri Warda","doi":"10.1109/TSSA.2017.8272933","DOIUrl":null,"url":null,"abstract":"An effective and secure authentication mechanism is one of the important part in implementation of communication protocol in a Internet of Things (IoT) based system. As one of the popular messaging protocol in IoT world, Message Queue Telemetry Transport (MQTT) offers a basic authentication using username and password. However, this authentication method might possibly have a problem in term of security and scalability. In this paper, we propose the design and implementation of token based authentication of MQTT protocol in constrained devices. The proposed design consists of four components : publisher, subscriber, MQTT broker and token authentication server. Publisher/subscriber first sends its username password to authentication server to get the token. Notice that, the token generating process is only performed at following conditions : 1) when token has not been generated yet and 2) when token has been expired. Once publisher get a valid token, it will store that token in its local storage and use it for further authentication. From usability and performance testing result, the proposed system can perform the authentication of valid and expired token in relatively acceptable time.","PeriodicalId":271883,"journal":{"name":"2017 11th International Conference on Telecommunication Systems Services and Applications (TSSA)","volume":"24 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"43","resultStr":"{\"title\":\"Architectural design of token based authentication of MQTT protocol in constrained IoT device\",\"authors\":\"A. Bhawiyuga, Mahendra Data, Andri Warda\",\"doi\":\"10.1109/TSSA.2017.8272933\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"An effective and secure authentication mechanism is one of the important part in implementation of communication protocol in a Internet of Things (IoT) based system. As one of the popular messaging protocol in IoT world, Message Queue Telemetry Transport (MQTT) offers a basic authentication using username and password. However, this authentication method might possibly have a problem in term of security and scalability. In this paper, we propose the design and implementation of token based authentication of MQTT protocol in constrained devices. The proposed design consists of four components : publisher, subscriber, MQTT broker and token authentication server. Publisher/subscriber first sends its username password to authentication server to get the token. Notice that, the token generating process is only performed at following conditions : 1) when token has not been generated yet and 2) when token has been expired. Once publisher get a valid token, it will store that token in its local storage and use it for further authentication. From usability and performance testing result, the proposed system can perform the authentication of valid and expired token in relatively acceptable time.\",\"PeriodicalId\":271883,\"journal\":{\"name\":\"2017 11th International Conference on Telecommunication Systems Services and Applications (TSSA)\",\"volume\":\"24 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-10-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"43\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2017 11th International Conference on Telecommunication Systems Services and Applications (TSSA)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/TSSA.2017.8272933\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 11th International Conference on Telecommunication Systems Services and Applications (TSSA)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/TSSA.2017.8272933","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Architectural design of token based authentication of MQTT protocol in constrained IoT device
An effective and secure authentication mechanism is one of the important part in implementation of communication protocol in a Internet of Things (IoT) based system. As one of the popular messaging protocol in IoT world, Message Queue Telemetry Transport (MQTT) offers a basic authentication using username and password. However, this authentication method might possibly have a problem in term of security and scalability. In this paper, we propose the design and implementation of token based authentication of MQTT protocol in constrained devices. The proposed design consists of four components : publisher, subscriber, MQTT broker and token authentication server. Publisher/subscriber first sends its username password to authentication server to get the token. Notice that, the token generating process is only performed at following conditions : 1) when token has not been generated yet and 2) when token has been expired. Once publisher get a valid token, it will store that token in its local storage and use it for further authentication. From usability and performance testing result, the proposed system can perform the authentication of valid and expired token in relatively acceptable time.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
