Distributed UCON in CoAP and MQTT Protocols

Author (ESR): 
Athanasios Rizos (Consiglio Nazionale Delle Ricerche)
Daniel Bastos (ESR 11)
Andrea Saracino
Fabio Martinelli

The Internet of Things (IoT) is playing a key role in consumer and business environments. Due to the sensitivity of the information IoT devices collect and share, and the potential impact a data breach can have in people's lives, securing communication and access to data in IoT has become a critical feature. Multiple application layer protocols are used nowadays in IoT, with the Constrained Application Protocol (CoAP) and the Message Queue Telemetry Transport (MQTT) being two of the most widely popular. In this paper, we propose a solution to increase security of both CoAP and MQTT based on the distributed Usage Control (UCON) framework. The inclusion of UCON provides dynamic access control to the data shared using these protocols. This occurs by monitoring mutable attributes related to the local protocol nodes and also by sharing data values between remote nodes via the distributed instances of UCON. We present the architecture and the workflow of our approach together with a real implementation for performance evaluation purposes.

5th Workshop On The Security Of Industrial Control Systems & Of Cyber-Physical Systems (CyberICPS 2019) In Conjunction With ESORICS 2019
Friday, September 27, 2019