A MQTT-API-compatible IoT security-enhanced platform

Chien, Hung Yu; Chen, Yi Jui; Qiu, Guo Hao; Liao, Jian; Hung, Ruo Wei; Lin, Pei Chih; Kou, Xi An; Chiang, Mao-Lun; Su, Chunhua

doi:10.1504/ijsnet.2020.104463

Cited by 26 publications

(17 citation statements)

References 16 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In contrast to the CoAP Request/response approach, it employs the publish/subscribe mechanism, which is better suited for the IoT. Furthermore, despite the availability of newer protocols, such as MQTT [ 112 ], it is an early internet protocol that has been supported. It is based on the Internet Engineering Task Force (IETF) standards for cross messaging, telepresence, and video and audio calling [ 113 ].…”

Section: Iomt Architecture Systemmentioning

confidence: 99%

A survey on COVID-19 impact in the healthcare domain: worldwide market implementation, applications, security and privacy issues, challenges and future prospects

Shakeel

Habib

Boulila

et al. 2022

Complex Intell. Syst.

View full text Add to dashboard Cite

Extensive research has been conducted on healthcare technology and service advancements during the last decade. The Internet of Medical Things (IoMT) has demonstrated the ability to connect various medical apparatus, sensors, and healthcare specialists to ensure the best medical treatment in a distant location. Patient safety has improved, healthcare prices have decreased dramatically, healthcare services have become more approachable, and the operational efficiency of the healthcare industry has increased. This research paper offers a recent review of current and future healthcare applications, security, market trends, and IoMT-based technology implementation. This research paper analyses the advancement of IoMT implementation in addressing various healthcare concerns from the perspectives of enabling technologies, healthcare applications, and services. The potential obstacles and issues of the IoMT system are also discussed. Finally, the survey includes a comprehensive overview of different disciplines of IoMT to empower future researchers who are eager to work on and make advances in the field to obtain a better understanding of the domain.

show abstract

Section: Iomt Architecture Systemmentioning

confidence: 99%

A survey on COVID-19 impact in the healthcare domain: worldwide market implementation, applications, security and privacy issues, challenges and future prospects

Shakeel

Habib

Boulila

et al. 2022

Complex Intell. Syst.

View full text Add to dashboard Cite

show abstract

“…All included MQTT clients can send and receive messages within a related channel, named a topic. The MQTT broker(s), on the other hand, is responsible for distributing messages coming from publisher clients to the subscriber clients (and to other devices, if any), depending on the topics they are interested in [20]. Mosca JS, an MQTT brokerage system, is preferred for broker implementation due to its simplicity and ease of use (as well as potential performance benefits).…”

Section: Message Transmission Protocolmentioning

confidence: 99%

Data immutability and event management via blockchain in the Internet of things

ALTAŞ,

DALKILIÇ,

ÇABUK

2022

Turkish Journal of Electrical Engineering and Computer Sciences

View full text Add to dashboard Cite

The Internet of things (IoT) is the key enabler of the smart systems used in many areas, from agriculture to aviation, industrial automation to autonomous vehicles. Most IoT deployments employ cost-efficient lightweight devices with limited resources (e.g., bandwidth, energy, storage). Although an IoT network must be built in its simplest form, engineers include more sophisticated devices like gateways and servers to provide web-based services and benefit from cloud systems. So that, although the nodes can be widely distributed geographically or topologically, the system becomes centralized, which causes bottlenecks and single-points-of-failure. Furthermore, providing data integrity, non-repudiation, and event management becomes tricky. In most IoT scenarios, data usually flows from sensors to storage and processing units, whereas event-driven commands and triggers flow from these units to actuators, if any. Therefore, an attacker who gained access to parts of the centralized systems may leak, alter, or remove critical data and may exploit event handling features. This is where blockchain technology can be extremely useful. Using a decentralized ledger as the data storage unit provides integrity, immutability, and non-repudiation for any IoT deployment. And a customized smart contract lets the IoT deployment benefit from decentralized and immutable (i.e., non-manipulatable) event management features, too. Further, decentralization provides resilience against availability attacks to a large extent. With this motivation, we introduced a novel IoT architecture that incorporates an Ethereum-based private (Quorum) blockchain running a unique ad-hoc smart contract and a message queue telemetry transport (MQTT) based communication scheme between sensor and actuator nodes. The scheme, the ledger, and the smart contract have also been implemented with several nodes, a broker, and a server all on a PC using Docker containers, where the server was running a forest fire risk detection algorithm as the use case scenario. The proof-of-concept successfully validates the abovesaid functionality, scalability, and efficiency for the given IoT scenario (and some others). Moreover, performance tests showed that an instance of the system with 1000 nodes could stably process and record incoming (sensor) data up to 12.5 transactions per second (TPS) and distribute commands up to 4 TPS, whereas higher TPS is achievable depending on the network conditions and tolerance to losses. The scheme was shown to have polynomial message and time complexity.

show abstract

“…Some proposals like [40] propose authenticated key agreement schemes for MQTT systems. Chien et al [41] proposed a two-phase authentication framework in which any secure key agreement scheme can be performed in the first phase, and then the hash value of the session key is supplied as a password in the second phase MQTT CONNECT API. Chien [35] proposed an anonymous IoT protocol in the MQTT 3.11 CONNECT API.…”

Section: Related Workmentioning

confidence: 99%

“…In this section, we describe how we can apply our proposed D2S anonymous scheme in the MQTT 5.0 context. Chien et al [41] has shown how to implement their two-phase challenge-response protocol for enhancing the MQTT authentication, using the MQTT v3.1 [43] CONNECT API. The new MQTT standards v5.0 [5] has extended the MQTT v.3.1 API to incorporate a new feature called the enhanced authentication.…”

Section: Using Our D2s Anonymous Scheme In the Mqtt 50 Contextmentioning

confidence: 99%

Two-Level-Composite-Hashing Facilitating Highly Efficient Anonymous IoT and D2D Authentication

Chien

2021

Electronics

View full text Add to dashboard Cite

Resource limitation is quite popular in many Internet of Things (IoT) devices and eavesdropping on the identities of IoT devices could reveal the sensitive information; therefore, high efficiency (computation and communication) and anonymity protection are two desirable properties in IoT authentication and in device-to-device (D2D) authentication. Conventionally, dynamic pseudonyms are widely adopted to protect the device identity privacy in IoT authentication and in D2D communications; however, the conventional mechanisms of pseudonym-renewing and pseudonym-bound-public-keys updating could be very costly or be vulnerable to the desynchronization-based denial-of-service (DoS) attacks. In this paper, we propose a novel 2-level composite hashing (2LCH) mechanism to mitigate the problems, and propose the 2LCH-based anonymous IoT and D2D authentication schemes. The schemes simultaneously achieve high efficiency and strong anonymity for such environments; once two devices successfully complete one instance of the server-assist anonymous authentication, they can run several instances of the direct D2D anonymous authentication without the involvement of the server. The merits of the schemes include: (1) high efficiency in terms of computation and communication; (2) easy and efficient generation/synchronization of dynamic pseudonyms; (3) robustness to both desynchronization-based DoS attacks and the unreliable connections; (4) easy application to the existent IoT architectures and standards; and (5) formal security verification.

show abstract

A MQTT-API-compatible IoT security-enhanced platform

Cited by 26 publications

References 16 publications

A survey on COVID-19 impact in the healthcare domain: worldwide market implementation, applications, security and privacy issues, challenges and future prospects

A survey on COVID-19 impact in the healthcare domain: worldwide market implementation, applications, security and privacy issues, challenges and future prospects

Data immutability and event management via blockchain in the Internet of things

Two-Level-Composite-Hashing Facilitating Highly Efficient Anonymous IoT and D2D Authentication

Contact Info

Product

Resources

About