A Lightweight Multi-tier S-MQTT Framework to Secure Communication between low-end IoT Nodes

The evolution and expansion of networking technologies have managed to create large scale connectivity among versatile devices and applications that led to the jargon internet of things (IoT). IoT has evolved due to the convergence of wireless sensor networks (WSN) and internet technologies with a view to approaching towards smart city prospects. In IoT, for maintaining device to device communication, HTTP protocol has been used for remote monitoring and analysis of data from large number of sensing elements but it consumes more power, have comparatively lesser efficiency of transmission and cannot utilize system bandwidth efficiently as well. Thus the protocols MQTT (Message Queuing Telemetry Transport), AMQP and CoAP are quite capable of handling wireless sensor traffic under very low bandwidth and constrained network conditions. Security is also another major concern as IoT applications collect private data and allow access to various control functions over the internet. Therefore, in this paper, we discuss a detailed analysis of data & devices security issues and present an enhanced security model with a view to improving the security issues. We propose a secure version of MQTT protocol modifying and enhancing the existing MQTT protocol based on Key/Cipher text Policy Attribute Based Encryption(KP/CP-ABE) using lightweight Elliptic Curve cryptosystem. We also introduced a multi-tier authentication system for secure communication and an extra security layer to prevent the data theft.

[1]  Jingcheng Wang,et al.  A novel mutual authentication scheme for Internet of Things , 2011, Proceedings of 2011 International Conference on Modelling, Identification and Control.

[2]  Antonio F. Skarmeta,et al.  A decentralized approach for security and privacy challenges in the Internet of Things , 2014, 2014 IEEE World Forum on Internet of Things (WF-IoT).

[3]  Abdur Rahman,et al.  Low cost RF based online patient monitoring using web and mobile applications , 2016, 2016 5th International Conference on Informatics, Electronics and Vision (ICIEV).

[4]  Wei-Kuan Shih,et al.  A Robust Mutual Authentication Protocol for Wireless Sensor Networks , 2010 .

[5]  Ioannis G. Askoxylakis,et al.  Which IoT Protocol? Comparing Standardized Approaches over a Common M2M Application , 2016, 2016 IEEE Global Communications Conference (GLOBECOM).

[6]  Dimitris Mourtzis,et al.  Industrial Big Data as a Result of IoT Adoption in Manufacturing , 2016 .

[7]  Vanga Odelu,et al.  An Efficient CP-ABE with Constant Size Secret Keys using ECC for Lightweight Devices , 2015, IACR Cryptol. ePrint Arch..

[8]  Shen Guicheng,et al.  Application of Elliptic Curve Cryptography in Node Authentication of Internet of Things , 2013, 2013 Ninth International Conference on Intelligent Information Hiding and Multimedia Signal Processing.

[9]  Hong Linh Truong,et al.  MQTT-S — A publish/subscribe protocol for Wireless Sensor Networks , 2008, 2008 3rd International Conference on Communication Systems Software and Middleware and Workshops (COMSWARE '08).

[10]  Sherali Zeadally,et al.  An Analysis of RFID Authentication Schemes for Internet of Things in Healthcare Environment Using Elliptic Curve Cryptography , 2015, IEEE Internet of Things Journal.

[11]  nbspK .Aparna Reddy,et al.  Securing IOT for Smart Home System , 2016 .

[12]  Zurina Mohd Hanapi,et al.  Comparison of ECC and RSA Algorithm in Resource Constrained Devices , 2013, 2013 International Conference on IT Convergence and Security (ICITCS).

[13]  Shanto Roy,et al.  Combined approach of tokenization and mining to secure and optimize big data in cloud storage , 2017, 2017 IEEE Region 10 Humanitarian Technology Conference (R10-HTC).

[14]  William E. Burr,et al.  Recommendation for Key Management, Part 1: General (Revision 3) , 2006 .

[15]  Jeetendra Shenoy,et al.  IOT in agriculture , 2016, 2016 3rd International Conference on Computing for Sustainable Global Development (INDIACom).

[16]  Abdelouahed Zakari,et al.  New approach for securing communication over MQTT protocol A comparaison between RSA and Elliptic Curve , 2016, 2016 Third International Conference on Systems of Collaboration (SysCo).

[17]  Rajkumar Buyya,et al.  A survey on vehicular cloud computing , 2014, J. Netw. Comput. Appl..

[18]  Ethiopia Nigussie,et al.  An Elliptic Curve-based Mutual Authentication Scheme for RFID Implant Systems , 2014, ANT/SEIT.

[19]  Özgür B. Akan,et al.  Energy Harvesting Cognitive Radio Networking for IoT-enabled Smart Grid , 2018, Mob. Networks Appl..

[20]  P. Balamuralidhar,et al.  Secure MQTT for Internet of Things (IoT) , 2015, 2015 Fifth International Conference on Communication Systems and Network Technologies.