Advertisement

Introducing Usage Control in MQTT

  • Antonio La Marra
  • Fabio Martinelli
  • Paolo Mori
  • Athanasios Rizos
  • Andrea Saracino
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10683)

Abstract

MQTT is a widely-used general purpose IoT application layer protocol, usable in both constrained and powerful devices, which coordinates data exchanges through a publish/subscribe approach. In this paper we propose a methodology to increase the security of the MQTT protocol, by including Usage Control in its operative workflow. The inclusion of Usage Control enables a fine-grained dynamic control of the rights of subscribers to access data and data-streams over time, by monitoring mutable attributes related to the subscriber, the environment or data itself. We will present the architecture and workflow of MQTT enhanced through Usage Control, also presenting a real implementation on Raspberry Pi 3 for performance evaluation.

References

  1. 1.
    Al-Fuqaha, A., Guizani, M., Mohammadi, M., Aledhari, M., Ayyash, M.: Internet of Things: a survey on enabling technologies, protocols, and applications. IEEE Commun. Surv. Tutorials 17(4), 2347–2376 (2015)CrossRefGoogle Scholar
  2. 2.
    Carniani, E., D’Arenzo, D., Lazouski, A., Martinelli, F., Mori, P.: Usage control on cloud systems. Future Gener. Comput. Syst. 63(C), 37–55 (2016)CrossRefGoogle Scholar
  3. 3.
    Chen, D., Varshney, P.K.: QoS support in wireless sensor networks: a survey. In: International Conference on Wireless Networks, vol. 233, pp. 1–7 (2004)Google Scholar
  4. 4.
    Colitti, W., Steenhaut, K., De Caro, N., Buta, B., Dobrota, V.: Evaluation of constrained application protocol for wireless sensor networks. In: 2011 18th IEEE Workshop on Local Metropolitan Area Networks (LANMAN), pp. 1–6, October 2011Google Scholar
  5. 5.
    Fysarakis, K., Askoxylakis, I., Soultatos, O., Papaefstathiou, I., Manifavas, C., Katos, V.: Which IoT protocol? Comparing standardized approaches over a common M2M application. In: 2016 IEEE Global Communications Conference (GLOBECOM), pp. 1–7. IEEE (2016)Google Scholar
  6. 6.
    Karagiannis, V., Chatzimisios, P., Vzquez-Gallego, F., Alonso-Zrate, J.: A survey on application layer protocols for the Internet of Things. Trans. IoT Cloud Comput. 1(1), 11–17 (2015)Google Scholar
  7. 7.
    Lazouski, A., Martinelli, F., Mori, P.: Usage control in computer security: a survey. Comput. Sci. Rev. 4(2), 81–99 (2010)CrossRefGoogle Scholar
  8. 8.
    Lesjak, C., Hein, D., Hofmann, M., Maritsch, M., Aldrian, A., Priller, P., Ebner, T., Ruprechter, T., Pregartner, G.: Securing smart maintenance services: hardware-security and TLS for MQTT. In: 2015 IEEE 13th International Conference on Industrial Informatics (INDIN), pp. 1243–1250, July 2015Google Scholar
  9. 9.
    Luzuriaga, J.E., Perez, M., Boronat, P., Cano, J.C., Calafate, C., Manzoni, P.: A comparative evaluation of AMQP and MQTT protocols over unstable and mobile networks. In: 2015 12th Annual IEEE Consumer Communications and Networking Conference (CCNC), pp. 931–936, January 2015Google Scholar
  10. 10.
    La Marra, A., Martinelli, F., Mori, P., Saracino, A.: Implementing usage control in Internet of Things: a smart home use case. In: 2017 IEEE Trustcom/BigDataSE/ICESS, Sydney, Australia, 1–4 August 2017, pp. 1056–1063 (2017)Google Scholar
  11. 11.
    Martinelli, F., Mori, P.: On usage control for grid systems. Future Gener. Comput. Syst. 26(7), 1032–1042 (2010)CrossRefGoogle Scholar
  12. 12.
    Thangavel, D., Ma, X., Valera, A., Tan, H.X., Tan, C.K.Y.: Performance evaluation of MQTT and CoAP via a common middleware. In: 2014 IEEE Ninth International Conference on Intelligent Sensors, Sensor Networks and Information Processing (ISSNIP), pp. 1–6. IEEE (2014)Google Scholar
  13. 13.
    Villari, M., Celesti, A., Fazio, M., Puliafito, A.: Alljoyn lambda: an architecture for the management of smart environments in IoT. In: 2014 International Conference on Smart Computing Workshops, pp. 9–14, November 2014Google Scholar

Copyright information

© Springer International Publishing AG 2018

Authors and Affiliations

  • Antonio La Marra
    • 1
  • Fabio Martinelli
    • 1
  • Paolo Mori
    • 1
  • Athanasios Rizos
    • 1
    • 2
  • Andrea Saracino
    • 1
  1. 1.Istituto di Informatica e TelematicaConsiglio Nazionale delle RicerchePisaItaly
  2. 2.Department of Computer ScienceUniversity of PisaPisaItaly

Personalised recommendations