Abstract
In the Internet of Things (IoT) paradigm, boundless solutions have been designed and implemented to do effective and secure communication among it’s smart objects and it’s network. The outcome of effective and secure communication always relies on which IoT protocol has been used at the application layer. Generally IoT devices communicates using various IoT push protocols such as XMPP (Extensible Messaging and Presence Protocol), MQTT (Message Queuing Telemetry Transport), AMQP (Advanced Message Queuing Protocol) among which MQTT protocol is widely used protocol within IoT platform because it requires nominal resources as it’s lightweight and efficient, it also support bi-directional communication among smart objects and cloud and MQTT also guarantees and support reliable message delivery through 3 Quality of Service (QoS) levels. This research paper focuses on key concepts on MQTT protocol architecture, basic security fundamentals such as identity, authentication, authorization and MQTT advance security fundamentals which includes X.509 client certification authentication, OAuth 2.0 and payload encryption.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Kawaguchi R, Bandai M (2020) Edge based MQTT broker architecture for geographical IoT applications. In: 2020 International conference on information networking (ICOIN), IEEE
Gruener S, Koziolek H, Rückert J (2021) Towards resilient IoT messaging: an experience report analyzing MQTT brokers. In: 2021 IEEE 18th international conference on software architecture (ICSA), IEEE
Bellavista P, Foschini L, Ghiselli N, Reale A (2019) MQTT-based middleware for container support in fog computing environments. In: 2019 IEEE symposium on computers and communications (ISCC), IEEE
Park, C-S, Nam H-M (2020) Security architecture and protocols for secure MQTT-SN. IEEE 8
Hunkeler U, Truong HL, Stanford-Clark A (2008) MQTT-S—a publish/subscribe protocol for Wireless Sensor Networks. In: 2008 3rd international conference on communication systems software and middleware and workshops (COMSWARE ‘08), pp 791–798. https://doi.org/10.1109/COMSWA.2008.4554519
Al-Fuqaha A, Guizani M, Mohammadi M, Aledhari M, Ayyash M (2015) Internet of things: a survey on enabling technologies, protocols, and applications. IEEE Commun Surv & Tutor 17(4):2347–2376, Fourthquarter 2015. https://doi.org/10.1109/COMST.2015.2444095
Naik N (2017) Choice of effective messaging protocols for IoT systems: MQTT, CoAP, AMQP and HTTP. IEEE Int Syst Eng Symp (ISSE) 2017:1–7. https://doi.org/10.1109/SysEng.2017.8088251
Kayal P, Perros H (2017) A comparison of IoT application layer protocols through a smart parking implementation. In: 2017 20th conference on innovations in clouds, internet and networks (ICIN), pp 331–336. https://doi.org/10.1109/ICIN.2017.7899436
Karagiannis V, Chatzimisios P, Vazquez-Gallego F, Alonso-Zarate J (2015) A survey on application layer protocols for the internet of things. Trans IoT Cloud Comput 3:11–17
Sadio O, Ngom I, Lishou C (2019) Lightweight security scheme for MQTT/MQTT-SN protocol. In: 2019 sixth international conference on internet of things: systems, management and security (IOTSMS), pp 119–123. https://doi.org/10.1109/IOTSMS48152.2019.8939177
Shi H, Niu L, Sun J (2020) Construction of industrial internet of things based on MQTT and OPC UA protocols. In: 2020 IEEE international conference on artificial intelligence and computer applications (ICAICA), IEEE
Longo E, Redondi AEC, Cesana M, Arcia-Moret A, Manzon P (2020) MQTT-ST: a spanning tree protocol for distributed MQTT broker. In: ICC 2020—2020 IEEE international conference on communications (ICC), IEEE
Vukasović M, Veselinović B, Stanisavljević Ž (2017) A development of a configurable system for handling X509 certificates. In: 2017 25th telecommunication forum (TELFOR), IEEE
Oh S-R, Kim Y-G (2019) Interoperable OAuth 2.0 Framework. In: 2019 international conference on platform technology and service (PlatCon), IEEE
Eason G, Noble B, Sneddon IN (1955) On certain integrals of Lipschitz-Hankel type involving products of Bessel functions. Phil Trans Roy Soc London A247, 529–551
Li X, Xu J, Zhang Z, Lan X, Wang Y (2020) Modular security analysis of OAuth 2.0 in the three-party setting. In: 2020 IEEE European symposium on security and privacy (EuroS&P), IEEE
Nicole R (in press) Title of paper with only first word capitalized. J Name Stand Abbrev
Laurent-Maknavicius, M (2007) A PKI approach targeting the provision of a minimum security level within internet, Fourth European Conference on Universal Multiservice Networks (ECUMN'07), Toulouse, France, pp. 433–438, https://doi.org/10.1109/ECUMN.2007.3
Rigazzi G, Tassi A, Piechocki RJ, Tryfonas T and Nix A (2017) Optimized certificate revocation list distribution for secure V2X communications, IEEE 86th vehicular technology conference (VTC-Fall), Toronto, ON, Canada, pp. 1–7. https://doi.org/10.1109/VTCFall.2017.8288287
Alrawais A, Alhothaily A, Cheng X (2015) X.509 check: a tool to check the safety and security of digital certificates. In: 2015 international conference on identification, information, and knowledge in the internet of things (IIKI), pp 130–133. https://doi.org/10.1109/IIKI
Triartono Z, Negara RM, Sussi (2019) Implementation of role-based access control on OAuth 2.0 as authentication and authorization system. In: 2019 6th international conference on electrical engineering, computer science and informatics (EECSI), pp 259–263. https://doi.org/10.23919/EECSI48112.2019.8977061
Clerk Maxwell J (1892) A treatise on electricity and magnetism, 3rd ed, vol 2. Clarendon, Oxford, 68–73
Jacobs IS, Bean CP (1963) Fine particles, thin films and exchange anisotropy. In: Rado GT, Suhl H (eds) Magnetism, vol III. Academic, New York, pp 271–350
Manimegalai R, Priyadharshini A (2018) Privacy preserving public auditing with data storage security in cloud computing: an overview. Int J Comput Sci Eng 6(5), 532–534
Oh S, Kim Y (2019) Interoperable OAuth 2.0 Framework. In: 2019 international conference on platform technology and service (PlatCon), pp 1–5. https://doi.org/10.1109/PlatCon.2019.8668962
Vachhani SK, Nimavat D, Kalyani FK, A comparitive analysis of different algorithms used in IOT based smart car parking systems. In: 2018 international research journal of engineering and technology (IRJET), 3244–3248
Collina M, Corazza GE, Vanelli-Coralli A (2012) Introducing the QEST broker: scaling the IoT by bridging MQTT and REST. In: 2012 IEEE 23rd international symposium on personal, indoor and mobile radio communications—(PIMRC), 2012, pp 36–41. https://doi.org/10.1109/PIMRC.2012.6362813
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Nimavat Dhaval, M., Raiyani Ashwin, G. (2023). A Study on MQTT Protocol Architecture and Security Aspects Within IoT Paradigm. In: Balas, V.E., Semwal, V.B., Khandare, A. (eds) Intelligent Computing and Networking. Lecture Notes in Networks and Systems, vol 632. Springer, Singapore. https://doi.org/10.1007/978-981-99-0071-8_6
Download citation
DOI: https://doi.org/10.1007/978-981-99-0071-8_6
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-99-0070-1
Online ISBN: 978-981-99-0071-8
eBook Packages: EngineeringEngineering (R0)