The Internet of Things (IoT) is playing a key role in consumer and business environments. Due to the sensitivity of the information IoT devices collect and share, and the potential impact a data breach can have in people's lives, securing communication and access to data in IoT has become a critical feature. Multiple application layer protocols are used nowadays in IoT, with the Constrained Application Protocol (CoAP) and the Message Queue Telemetry Transport (MQTT) being two of the most widely popular. In this paper, we propose a solution to increase security of both CoAP and MQTT based on the distributed Usage Control (UCON) framework. The inclusion of UCON provides dynamic access control to the data shared using these protocols. This occurs by monitoring mutable attributes related to the local protocol nodes and also by sharing data values between remote nodes via the distributed instances of UCON. We present the architecture and the workflow of our approach together with a real implementation for performance evaluation purposes.
Distributed UCON in CoAP and MQTT Protocols
The work described in this website has been conducted within the project NeCS. This project has received funding from the European Union’s Horizon 2020 (H2020) research and innovation programme under the Grant Agreement no 675320. This website and the content displayed in it do not represent the opinion of the European Union, and the European Union is not responsible for any use that might be made of its content.
Author (ESR):
Athanasios Rizos (Consiglio Nazionale Delle Ricerche)
Links:
Venue:
5th Workshop On The Security Of Industrial Control Systems & Of Cyber-Physical Systems (CyberICPS 2019) In Conjunction With ESORICS 2019
Date:
Friday, September 27, 2019