An Experimental Evaluation of MQTT Authentication and Authorization in IoT

Michaelides, Michael; Sengul, Cigdem; Patras, Paul

doi:10.1145/3477086.3480838

Cited by 11 publications

(3 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Michaelides et al delved into the security aspects of MQTT in [26], although they did not specifically assess the delay. Like our approach, they employed a Raspberry Pi in their testbed and characterized the energy consumption.…”

Section: Related Workmentioning

confidence: 99%

A Performance Analysis of Security Protocols for Distributed Measurement Systems Based on Internet of Things with Constrained Hardware and Open Source Infrastructures

Gentile,

Macrì,

Carnì

et al. 2024

Sensors

View full text Add to dashboard Cite

The widespread adoption of Internet of Things (IoT) devices in home, industrial, and business environments has made available the deployment of innovative distributed measurement systems (DMS). This paper takes into account constrained hardware and a security-oriented virtual local area network (VLAN) approach that utilizes local message queuing telemetry transport (MQTT) brokers, transport layer security (TLS) tunnels for local sensor data, and secure socket layer (SSL) tunnels to transmit TLS-encrypted data to a cloud-based central broker. On the other hand, the recent literature has shown a correlated exponential increase in cyber attacks, mainly devoted to destroying critical infrastructure and creating hazards or retrieving sensitive data about individuals, industrial or business companies, and many other entities. Much progress has been made to develop security protocols and guarantee quality of service (QoS), but they are prone to reducing the network throughput. From a measurement science perspective, lower throughput can lead to a reduced frequency with which the phenomena can be observed, generating, again, misevaluation. This paper does not give a new approach to protect measurement data but tests the network performance of the typically used ones that can run on constrained hardware. This is a more general scenario typical for IoT-based DMS. The proposal takes into account a security-oriented VLAN approach for hardware-constrained solutions. Since it is a worst-case scenario, this permits the generalization of the achieved results. In particular, in the paper, all OpenSSL cipher suites are considered for compatibility with the Mosquitto server. The most used key metrics are evaluated for each cipher suite and QoS level, such as the total ratio, total runtime, average runtime, message time, average bandwidth, and total bandwidth. Numerical and experimental results confirm the proposal’s effectiveness in foreseeing the minimum network throughput concerning the selected QoS and security. Operating systems yield diverse performance metric values based on various configurations. The primary objective is identifying algorithms to ensure suitable data transmission and encryption ratios. Another aim is to explore algorithms that ensure wider compatibility with existing infrastructures supporting MQTT technology, facilitating secure connections for geographically dispersed DMS IoT networks, particularly in challenging environments like suburban or rural areas. Additionally, leveraging open firmware on constrained devices compatible with various MQTT protocols enables the customization of the software components, a crucial necessity for DMS.

show abstract

Section: Related Workmentioning

confidence: 99%

A Performance Analysis of Security Protocols for Distributed Measurement Systems Based on Internet of Things with Constrained Hardware and Open Source Infrastructures

Gentile,

Macrì,

Carnì

et al. 2024

Sensors

View full text Add to dashboard Cite

show abstract

“…To define authorisation policies, we use a capabilitybased approach which has been extensively studied for authorisation in the IoT context [5]. Also, the latest implementation of authentication and authorisation for MQTT [6] advocates the use of OAuth 2.0 2 , which is a capability based authorisation delegation protocol.…”

Section: A Authorisation Tokensmentioning

confidence: 99%

A Trust-Based Approach for Data Sharing in the MQTT Environment

Chen,

Vidalis,

Yang

2023

2023 20th Annual International Conference on Privacy, Security and Trust (PST)

View full text Add to dashboard Cite

Internet of Things (IoT) is considered as a giant network of connected devices who collect data and share them with each other. There has been extensive developments on IoT standards and protocols that enable IoT devices to exchange data in a structured and meaningful way. Message Queuing Telemetry Transport (MQTT) is one of such developments receiving widely adoption for industrial applications. It is designed as a lightweight messaging protocol based on the publish-subscribe model by which clients publish messages to a broker who is responsible for distributing the messages to subscribed clients. MQTT is often deployed in a hostile environment in which IoT devices and brokers are vulnerable to attacks. While security for MQTT has received great attention, it does not adequately address the authorisation issues within a decentralised MQTT environment. Existing work adopts policy-based approaches to regulate data sharing across multiple brokers, which we believe, are unlikely to scale well. In this paper we propose a trust-based approach that can be easily incorporated into the existing implementation of MQTT broker. We introduce a way of computing trust rating of brokers and develop two means of using the trust ratings to control data flow across multiple broker domains. Our approach is capable of detecting and blocking malicious clients and brokers from sending false or malicious messages into the system.

show abstract

“…Michaelides et al. focus on security aspects of MQTT in [ 34 ]. They do not assess the delay, but they also use Raspberry Pi in their testbed, as well as an approach similar to ours to characterize energy consumption.…”

Section: Related Workmentioning

confidence: 99%

Delay and Energy Consumption of MQTT over QUIC: An Empirical Characterization Using Commercial-Off-The-Shelf Devices

Jeddou

Fernandez

Díez

et al. 2022

Sensors

View full text Add to dashboard Cite

The QUIC protocol, which was originally proposed by Google, has recently gained a remarkable presence. Although it has been shown to outperform TCP over a wide range of scenarios, there exist some doubts on whether it might be an appropriate transport protocol for IoT. In this paper, we specifically tackle this question, by means of an evaluation carried out over a real platform. In particular, we conduct a thorough characterization of the performance of the MQTT protocol, when used over TCP and QUIC. We deploy a real testbed, using commercial off-the-shelf devices, and we analyze two of the most important key performance indicators for IoT: delay and energy consumption. The results evince that QUIC does not only yield a notable decrease in the delay and its variability, over various wireless technologies and channel conditions, but it does not hinder the energy consumption.

show abstract

An Experimental Evaluation of MQTT Authentication and Authorization in IoT

Cited by 11 publications

References 9 publications

A Performance Analysis of Security Protocols for Distributed Measurement Systems Based on Internet of Things with Constrained Hardware and Open Source Infrastructures

A Performance Analysis of Security Protocols for Distributed Measurement Systems Based on Internet of Things with Constrained Hardware and Open Source Infrastructures

A Trust-Based Approach for Data Sharing in the MQTT Environment

Delay and Energy Consumption of MQTT over QUIC: An Empirical Characterization Using Commercial-Off-The-Shelf Devices

Contact Info

Product

Resources

About