Regulating IoT Messages

  • Alban GabillonEmail author
  • Emmanuel Bruno
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11125)


The MQTT (Message Queuing Telemetry Transport) protocol is becoming the main protocol for the Internet of Things (IoT). In this paper, we define a highly expressive ABAC (Attribute-Based Access Control) security model for the MQTT protocol. Our model allows us to regulate not only publications and subscriptions but also distribution of messages to subscribers. We can express various types of contextual security rules, (temporal security rules, content-based security rules, rules based on the frequency of events etc.).


Security policy MQTT ABAC IoT First-order logic 


  1. 1.
    ISO/IEC 20922:2016: Information Technology – Message Queuing Telemetry Transport (MQTT) v3.1.1. [En ligne]. Disponible sur: Consulté le: 12 janv 2018
  2. 2.
    Banks, A., Gupta, R.: MQTT version 3.1.1. OASIS Standard, vol. 29 (2014)Google Scholar
  3. 3.
    Neisse, R., Steri, G., Fovino, I.N., Baldini, G.: SecKit: a model-based security toolkit for the internet of things. Comput. Secur. 54, 60–76 (2015)CrossRefGoogle Scholar
  4. 4.
    Rizzardi, A., Sicari, S., Miorandi, D., Coen-Porisini, A.: AUPS: an open source AUthenticated publish/subscribe system for the internet of things. Inf. Syst. 62, 29–41 (2016)CrossRefGoogle Scholar
  5. 5.
    Sciancalepore, S., et al.: Attribute-based access control scheme in federated IoT platforms. In: Podnar Žarko, I., Broering, A., Soursos, S., Serrano, M. (eds.) InterOSS-IoT 2016. LNCS, vol. 10218, pp. 123–138. Springer, Cham (2017). Scholar
  6. 6.
    Sicari, S., Rizzardi, A., Miorandi, D., Coen-Porisini, A.: Security towards the edge: sticky policy enforcement for networked smart objects. Inf. Syst. 71, 78–89 (2017)CrossRefGoogle Scholar
  7. 7.
    Phung, P.H., Truong, H.-L., Yasoju, D.T.: P4SINC-an execution policy framework for IoT services in the edge. In: 2017 IEEE International Congress on Internet of Things (ICIOT), pp. 137–142 (2017)Google Scholar
  8. 8.
    Sicari, S., Rizzardi, A., Miorandi, D., Coen-Porisini, A.: Dynamic policies in internet of things: enforcement and synchronization. IEEE Internet Things J. 4(6), 2228–2238 (2017)Google Scholar
  9. 9.
    Wang, C., Carzaniga, A., Evans, D., Wolf, A.L.: Security issues and requirements for internet-scale publish-subscribe systems. In: Proceedings of the 35th Annual Hawaii International Conference on System Sciences, HICSS 2002, pp. 3940–3947 (2002)Google Scholar
  10. 10.
    Choi, S., Ghinita, G., Bertino, E.: A privacy-enhancing content-based publish/subscribe system using scalar product preserving transformations. In: Bringas, P.G., Hameurlain, A., Quirchmayr, G. (eds.) DEXA 2010. LNCS, vol. 6261, pp. 368–384. Springer, Heidelberg (2010). Scholar
  11. 11.
    Yuan, E., Tong, J.: Attributed based access control (ABAC) for web services. In: 2005 Proceedings of the IEEE International Conference on Web Services, ICWS 2005 (2005)Google Scholar
  12. 12.
    Moses, T., et al.: Extensible access control markup language (XACML) version 2.0. OASIS Standard, vol. 02 (2005)Google Scholar
  13. 13.
    Becker, M.Y., Fournet, C., Gordon, A.D.: SecPAL: design and semantics of a decentralized authorization language. J. Comput. Secur. 18(4), 619–665 (2010)CrossRefGoogle Scholar
  14. 14.
    Wielemaker, J., Ss, S., Ii, I.: SWI-Prolog 2.7-Reference Manual (1996)Google Scholar
  15. 15.
    Horrocks, I., et al.: SWRL: a semantic web rule language combining OWL and RuleML. W3C Member Submiss. 21, 79 (2004)MathSciNetGoogle Scholar
  16. 16.
    W3C OWL Working Group, et al.: OWL 2 Web Ontology Language Document Overview (2009)Google Scholar

Copyright information

© Springer Nature Switzerland AG 2018

Authors and Affiliations

  1. 1.Université de la Polynésie FrançaisePunaauia, Faa’aFrench Polynesia
  2. 2.Université de Toulon, CNRS, LIS, UMR 7020La GardeFrance

Personalised recommendations