物联网环境下MQTT协议可扩展透明物对物安全增强

2019 Global IoT Summit (GIoTS) Pub Date : 2019-06-01 DOI:10.1109/GIOTS.2019.8766412

Wei-Tsung Su, Wei-Cheng Chen, Chao-Chun Chen

{"title":"物联网环境下MQTT协议可扩展透明物对物安全增强","authors":"Wei-Tsung Su, Wei-Cheng Chen, Chao-Chun Chen","doi":"10.1109/GIOTS.2019.8766412","DOIUrl":null,"url":null,"abstract":"Message Queue Telemetry Transport (MQTT) is widely accepted as a data exchange protocol in Internet of Things (IoT) environment. For security, MQTT supports Transport Layer Security (MQTT-TLS). However, MQTT-TLS provides thing-to-broker channel encryption only because data can still be exposed after MQTT broker. In addition, ACL becomes impractical due to the increasing number of rules for authorizing massive IoT devices. For solving these problems, we propose MQTT Thing-to-Thing Security (MQTT-TTS) which provides thing-to-thing security which prevents data leak. MQTT-TTS also provides the extensibility to include demanded security mechanisms for various security requirements. Moreover, the transparency of MQTT-TTS lets IoT application developers implementing secure data exchange with less programming efforts. Our MQTT-TTS implementation is available on https://github.com/beebit-sec/beebit-mqttc-sdk for evaluation.","PeriodicalId":149504,"journal":{"name":"2019 Global IoT Summit (GIoTS)","volume":"69 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"25","resultStr":"{\"title\":\"An Extensible and Transparent Thing-to-Thing Security Enhancement for MQTT Protocol in IoT Environment\",\"authors\":\"Wei-Tsung Su, Wei-Cheng Chen, Chao-Chun Chen\",\"doi\":\"10.1109/GIOTS.2019.8766412\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Message Queue Telemetry Transport (MQTT) is widely accepted as a data exchange protocol in Internet of Things (IoT) environment. For security, MQTT supports Transport Layer Security (MQTT-TLS). However, MQTT-TLS provides thing-to-broker channel encryption only because data can still be exposed after MQTT broker. In addition, ACL becomes impractical due to the increasing number of rules for authorizing massive IoT devices. For solving these problems, we propose MQTT Thing-to-Thing Security (MQTT-TTS) which provides thing-to-thing security which prevents data leak. MQTT-TTS also provides the extensibility to include demanded security mechanisms for various security requirements. Moreover, the transparency of MQTT-TTS lets IoT application developers implementing secure data exchange with less programming efforts. Our MQTT-TTS implementation is available on https://github.com/beebit-sec/beebit-mqttc-sdk for evaluation.\",\"PeriodicalId\":149504,\"journal\":{\"name\":\"2019 Global IoT Summit (GIoTS)\",\"volume\":\"69 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2019-06-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"25\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2019 Global IoT Summit (GIoTS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/GIOTS.2019.8766412\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 Global IoT Summit (GIoTS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/GIOTS.2019.8766412","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 25

摘要

消息队列遥测传输(MQTT)作为物联网(IoT)环境中被广泛接受的数据交换协议。对于安全性，MQTT支持传输层安全性(MQTT- tls)。但是，MQTT- tls仅提供从事物到代理的通道加密，因为数据仍然可以在MQTT代理之后公开。此外，由于大量物联网设备的授权规则越来越多，ACL变得不切实际。为了解决这些问题，我们提出MQTT物对物安全(MQTT- tts)，它提供物对物安全，防止数据泄露。MQTT-TTS还提供了可扩展性，以包含各种安全需求所需的安全机制。此外，MQTT-TTS的透明性使物联网应用程序开发人员能够以更少的编程工作实现安全的数据交换。我们的MQTT-TTS实现可在https://github.com/beebit-sec/beebit-mqttc-sdk上进行评估。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

An Extensible and Transparent Thing-to-Thing Security Enhancement for MQTT Protocol in IoT Environment

Message Queue Telemetry Transport (MQTT) is widely accepted as a data exchange protocol in Internet of Things (IoT) environment. For security, MQTT supports Transport Layer Security (MQTT-TLS). However, MQTT-TLS provides thing-to-broker channel encryption only because data can still be exposed after MQTT broker. In addition, ACL becomes impractical due to the increasing number of rules for authorizing massive IoT devices. For solving these problems, we propose MQTT Thing-to-Thing Security (MQTT-TTS) which provides thing-to-thing security which prevents data leak. MQTT-TTS also provides the extensibility to include demanded security mechanisms for various security requirements. Moreover, the transparency of MQTT-TTS lets IoT application developers implementing secure data exchange with less programming efforts. Our MQTT-TTS implementation is available on https://github.com/beebit-sec/beebit-mqttc-sdk for evaluation.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2019 Global IoT Summit (GIoTS)

自引率

0.00%

发文量