论文信息 - Authorization mechanism for MQTT-based Internet of Things

Authorization mechanism for MQTT-based Internet of Things

This paper presents the design and implementation of an authorization mechanism for MQTT-based Internet of Things (IoT). The design is based on OAuth 1.0a, which is an open authorization standard for web applications. Some redesign and modification have been made to the based framework to fit it within the MQTT environment. Several considerations are taken into account, including limited node resources, lack of node's user interface, and key/secret distribution and management. The design is implemented on a real MQTT-based IoT service platform and demonstrated that it works as intended. Authorization delay and message overhead are minimal. Security issues are analyzed along with discussion for future work.

[1] Benjamin Aziz,et al. Federated Identity and Access Management for the Internet of Things , 2014, 2014 International Workshop on Secure Internet of Things.

[2] Dick Hardt,et al. The OAuth 2.0 Authorization Framework , 2012, RFC.

[3] Carsten Bormann,et al. The Constrained Application Protocol (CoAP) , 2014, RFC.

[4] Eric Rescorla,et al. Datagram Transport Layer Security Version 1.2 , 2012, RFC.

[5] Eric Rescorla,et al. The Transport Layer Security (TLS) Protocol Version 1.2 , 2008, RFC.

[6] Tero Kivinen,et al. Signature Authentication in the Internet Key Exchange Version 2 (IKEv2) , 2015, RFC.

[7] Dave Evans,et al. How the Next Evolution of the Internet Is Changing Everything , 2011 .

[8] Christopher Allen,et al. The TLS Protocol Version 1.0 , 1999, RFC.

[9] Giovanni Emanuele Corazza,et al. Introducing the QEST broker: Scaling the IoT by bridging MQTT and REST , 2012, 2012 IEEE 23rd International Symposium on Personal, Indoor and Mobile Radio Communications - (PIMRC).

[10] Ludwig Seitz,et al. Access Control Framework for Constrained Environments , 2014 .

[11] Eran Hammer-Lahav,et al. The OAuth 1.0 Protocol , 2010, RFC.