Menu
Publications
2024
2023
2022
2021
2020
2019
2018
2017
2016
2015
2014
2013
2012
2011
2010
2009
2008
2007
2006
2005
2004
2003
2002
2001
Editor-in-Chief
Nikiforov
Vladimir O.
D.Sc., Prof.
Partners
doi: 10.17586/2226-1494-2019-19-1-109-117
MQTT DATA PROTOCOL IN REMOTE ACCESS CONTROL MANAGEMENT MODEL FOR INTERNET NETWORKS
Read the full article
';
Article in Russian
For citation:
Abstract
For citation:
Dikii D.I., Artemeva V.D. MQTT data protocol in remote access control management model for Internet networks. Scientific and Technical Journal of Information Technologies, Mechanics and Optics , 2019, vol. 19, no. 1, pp. 109–117 (in Russian). doi: 10.17586/2226-1494-2019-19-1-109-117
Abstract
The paper deals with security issues in the environment of "Internet of things" and, in particular, the management of safety access control at MQTT protocol application. We analyzed the most widespread data transfer protocols, CoAP and MQTT, and carried out the analysis of safety methods and means for the MQTT protocol being realized in it or maintained by it. The protocol implements authentication by login and password and allows for cryptographic transformations over the transmitted information via TLS protocol. Third-party services via OAuth protocol and others can be applied for authentication. The authentication takes place by the setting of ACL files or the third-party services and databases. A model is proposed for remote access control management of devices for machine-to-machine interaction under the MQTT protocol based on the Harrison-Ruzzo-Ullman model. The model provides six operators: addition and removal of the subject, addition and removal of the object, addition and deletion of access rights. The proposed model has the form of an access matrix and includes three types of rights: reading, writing and holding. The model is implemented with the result that it is compatible with the version v3.1 of MQTT protocol widely used at the moment. The change of access rights is performed on the basis of the types of messages available in MQTT protocol. An algorithm is considered for service data block creation so that this block can be easily recognized in the message body. The proposed model application gives the possibility to minimize administrator's participation by determination of access rights via the devices themselves without human involvement. Recommendations are given for security policy during information traffic management under MQTT protocol.
Keywords: Internet of things, communication, access control model, security, MQTT, access matrix
References
References
1. Machines get in touch. Rossiiskaya Gazeta, 2016, no. 7086. Available at: https://rg.ru/2016/09/27/chislo-podkliuchennyh-k-seti-ustrojstv-k-2020-godu-dostignet-25-milliardov.html (accessed: 21.10.2018).
2. de Carvalho Silva J., Rodrigues J.J.P.C., Alberti A.M., Solic P., Aquino A.L.L. LoRaWAN – a low power WAN protocol for Internet of Things: a review and opportunities. Proc. 2nd Int. Multidisciplinary Conference on Computer and Energy Science. Split, Croatia, 2017.
3. Granjal J., Monteiro E., Sa Silva J. Security for the Internet of Things: a survey of existing protocols and open research issues. IEEE Communication Surveys and Tutorials, 2015, vol. 17, no. 3, pp. 1294–1312. doi: 10.1109/comst.2015.2388550
4. Bormann C., Castellani A.P., Shelby Z. CoAP: an application protocol for billions of tiny Internet nodes. IEEE Internet Computing, 2012, vol. 16, no. 2, pp. 62–67. doi: 10.1109/comst.2015.2388550
5. Goikhman V., Abramenkova D. CoAP Internet of Things protocol. Communication Technologies and Equipment, 2017, no. 4, pp. 20–24. (in Russian)
6. MQTT Version 3.1.1 OASIS Standard. 2014.
7. Pticek M., Cackovic V., Pavelic M., Kusek M., Jezic G. Architecture and functionality in M2M standards. Proc. 38th Int. Convention on Information and Communication Technology, Electronics and Microelectronics. Opatija, Croatia, 2015. doi: 10.1109/mipro.2015.7160306
8. Perrone G., Vecchio M., Pecori R., Giaffreda R. The day after mirai: a survey on MQTT security solutions after the largest cyber-attack carried out through an army of IoT devices. Proc. 2nd Int. Conf. on Internet of Things, Big Data and Security, 2017, pp. 246–253. doi: 10.5220/0006287302460253
9. Fremantle P., Aziz B., Kopecky J., Scott P. Federated identity and access management for the Internet of Things. International Workshop on Secure Internet of Things, 2014. doi: 10.1109/siot.2014.8
10. Soni D., Makwana A. A survey on MQTT protocol for the Internet of Things. Proc. Int. Conf. on Telecommunication, Power Analysis and Computing Techniques, 2017.
11. Eclipse Mosquitto™. mosquitto.conf - the configuration file for Mosquitto. Available at: https://mosquitto.org/man/mosquitto-conf-5.html (accessed: 21.10.2018).
12. Documentation. CloudMQTT. Available at: https://www.cloudmqtt.com/docs.html (accessed: 21.10.2018).
13. Cruz-Piris L., Rivera D., Marsa-Maestre I., de la Hoz E., Velasco J.R. Access control mechanism for IoT environments based on modelling communication procedures as resources. Sensors, 2018, vol. 18, no. 3, p. 917. doi:10.3390/s18030917
14. User Guide EMQ 2.2. Available at: http://emqtt.io/docs/v2/ guide.html (accessed: 21.10.2018).
15. Harrison М.A., Ruzzo W.L., Ullman J.D. Protection in operating systems. Communication of ACM, 1976, vol. 19, no. 8, pp. 461–471. doi: 10.1145/360303.360333
16. Shcheglov A.Yu. Models, Methods and Means for Access Control of Computing System Resources. St. Petersburg, ITMO University Publ., 2014, 95 p. (in Russian)
17. Moquette Java MQTT lightweight broker. Available at: https://github.com/andsel/moquette (accessed: 21.10.2018).
2. de Carvalho Silva J., Rodrigues J.J.P.C., Alberti A.M., Solic P., Aquino A.L.L. LoRaWAN – a low power WAN protocol for Internet of Things: a review and opportunities. Proc. 2nd Int. Multidisciplinary Conference on Computer and Energy Science. Split, Croatia, 2017.
3. Granjal J., Monteiro E., Sa Silva J. Security for the Internet of Things: a survey of existing protocols and open research issues. IEEE Communication Surveys and Tutorials, 2015, vol. 17, no. 3, pp. 1294–1312. doi: 10.1109/comst.2015.2388550
4. Bormann C., Castellani A.P., Shelby Z. CoAP: an application protocol for billions of tiny Internet nodes. IEEE Internet Computing, 2012, vol. 16, no. 2, pp. 62–67. doi: 10.1109/comst.2015.2388550
5. Goikhman V., Abramenkova D. CoAP Internet of Things protocol. Communication Technologies and Equipment, 2017, no. 4, pp. 20–24. (in Russian)
6. MQTT Version 3.1.1 OASIS Standard. 2014.
7. Pticek M., Cackovic V., Pavelic M., Kusek M., Jezic G. Architecture and functionality in M2M standards. Proc. 38th Int. Convention on Information and Communication Technology, Electronics and Microelectronics. Opatija, Croatia, 2015. doi: 10.1109/mipro.2015.7160306
8. Perrone G., Vecchio M., Pecori R., Giaffreda R. The day after mirai: a survey on MQTT security solutions after the largest cyber-attack carried out through an army of IoT devices. Proc. 2nd Int. Conf. on Internet of Things, Big Data and Security, 2017, pp. 246–253. doi: 10.5220/0006287302460253
9. Fremantle P., Aziz B., Kopecky J., Scott P. Federated identity and access management for the Internet of Things. International Workshop on Secure Internet of Things, 2014. doi: 10.1109/siot.2014.8
10. Soni D., Makwana A. A survey on MQTT protocol for the Internet of Things. Proc. Int. Conf. on Telecommunication, Power Analysis and Computing Techniques, 2017.
11. Eclipse Mosquitto™. mosquitto.conf - the configuration file for Mosquitto. Available at: https://mosquitto.org/man/mosquitto-conf-5.html (accessed: 21.10.2018).
12. Documentation. CloudMQTT. Available at: https://www.cloudmqtt.com/docs.html (accessed: 21.10.2018).
13. Cruz-Piris L., Rivera D., Marsa-Maestre I., de la Hoz E., Velasco J.R. Access control mechanism for IoT environments based on modelling communication procedures as resources. Sensors, 2018, vol. 18, no. 3, p. 917. doi:10.3390/s18030917
14. User Guide EMQ 2.2. Available at: http://emqtt.io/docs/v2/ guide.html (accessed: 21.10.2018).
15. Harrison М.A., Ruzzo W.L., Ullman J.D. Protection in operating systems. Communication of ACM, 1976, vol. 19, no. 8, pp. 461–471. doi: 10.1145/360303.360333
16. Shcheglov A.Yu. Models, Methods and Means for Access Control of Computing System Resources. St. Petersburg, ITMO University Publ., 2014, 95 p. (in Russian)
17. Moquette Java MQTT lightweight broker. Available at: https://github.com/andsel/moquette (accessed: 21.10.2018).
