CFP last date
20 January 2025
Reseach Article

Efficient and Robust Security Architecture for Enhancing Security of Message Queue Telemetry Transport Protocol in Internet of Things Applications

by Atul Oak, R.D. Daruwala
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 185 - Number 18
Year of Publication: 2023
Authors: Atul Oak, R.D. Daruwala
10.5120/ijca2023922898

Atul Oak, R.D. Daruwala . Efficient and Robust Security Architecture for Enhancing Security of Message Queue Telemetry Transport Protocol in Internet of Things Applications. International Journal of Computer Applications. 185, 18 ( Jun 2023), 22-29. DOI=10.5120/ijca2023922898

@article{ 10.5120/ijca2023922898,
author = { Atul Oak, R.D. Daruwala },
title = { Efficient and Robust Security Architecture for Enhancing Security of Message Queue Telemetry Transport Protocol in Internet of Things Applications },
journal = { International Journal of Computer Applications },
issue_date = { Jun 2023 },
volume = { 185 },
number = { 18 },
month = { Jun },
year = { 2023 },
issn = { 0975-8887 },
pages = { 22-29 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume185/number18/32796-2023922898/ },
doi = { 10.5120/ijca2023922898 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-07T01:26:59.156589+05:30
%A Atul Oak
%A R.D. Daruwala
%T Efficient and Robust Security Architecture for Enhancing Security of Message Queue Telemetry Transport Protocol in Internet of Things Applications
%J International Journal of Computer Applications
%@ 0975-8887
%V 185
%N 18
%P 22-29
%D 2023
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Internet of Things (IoT) technology is one of the contributors to Industry 4.0 revolution. IoT is a system of interconnected devices called as things or nodes. Data is shared between such two physical devices like a sensor and a smart mobile phone using an existing internet and different types of network infrastructures. IoT systems are usually deployed using special protocols called light weight protocols which are different from the traditional internet based communication protocols. There are many constraints on devices used in IoT system such as use of low end micro-controllers with limited computing power, limited power consumption, and use of unreliable networks with low bandwidth. To work with and manage such devices with constraints, different types of light weight protocols have been developed and used in the IoT systems. Message Queue Telemetry and Transport (MQTT) is machine to machine (M2M) light weight data protocol most commonly used in the deployment of IoT systems and for sharing and delivery of data at application layer. When data is shared in the IoT system between the two physical devices with MQTT protocol, the security of data is a very critical requirement for reliability and adaptation of IoT systems. MQTT protocol being a light weight protocol does not provide any built in powerful and robust security techniques and it only supports very basic security mechanism like a password authentication. When used, this password is also shared in a clear text and it may be visible to the intruders. Due to the weak security features in MQTT protocol, many times the data is compromised and it is vulnerable to different types of malicious attacks like sniffing attack. Most common way to provide security to the MQTT based IoT application is at the transport layer by using an existing Transport Layer Security (TLS) protocol. TLS protocol may be suitable for internet applications like web applications and browsing but it is not suitable and designed for use with constrained IoT devices which works with light weight protocols.TLS protocol demands lots of complex computations and it needs more powerful resources like high end microprocessors and large memory which are only available with general computing machines like laptop or desktop computers. TLS approach may not provide end to end security in IoT applications since MQTT is asynchronous protocol. To achieve end to end security independent of TLS, robust security architecture is proposed in the IoT systems for MQTT protocol. These researches aims at developing efficient security architecture for MQTT protocol and improve the security of MQTT protocol.

References
  1. Jie Li, Wei Yu, Nan Zhang, Xinyu Yang, Hanlin Zhang and Wei Zhao, “A Survey on Internet of Things: Architecture, Enabling Technologies, Security and Privacy, and Applications”, IEE Internet of Things Journal 2016.
  2. Sye Loong Keoh, Sandeep S. Kumar, and Hannes Tscho, “Securing the Internet of Things: A Standardization Perspective”, IEEE Internet of Things Journal, Vol. 1, No. 3, June 2014.
  3. Jatinder Singh, Thomas Pasquier, Jean Bacon, Hajoon Ko, and David Eyers, “Twenty Security Considerations for Cloud Supported Internet of Things”, IEEE Internet of Things Journal, Vol. 3, No. 3, June 2016.
  4. Arsalan Mohsen Nia, Student Member, IEEE and Niraj K. Jha, Fellow, IEEE, “A Comprehensive Study of Security of Internet- of-Things”, IEEE Transactions on Emerging Topics in Computing.
  5. Yixian Yang, Haipeng Peng, Lixiang Li and Xinxin Niu, “General Theory of Security and a Study Case in Internet of Things”, IEEE Internet of Things Journal 2015.
  6. https://www.gartner.com/imagesrv/books/iot/ iotEbook_digita .pdf
  7. S. Sicari, A.Rizzardi, L.A.Grieco and A.Coen-Porisini, “Security,privacy and trust in Internet of Things: The road ahead”, Elsevier journal on Computer Networks 2014.
  8. Jorge Granjal, Edmundo Monteiro and Jorge Sa’silva, “Security of Internet of Things: A survey of existing protocols and open research issues”, IEEE communications surveys and tutorials, 2015.
  9. Aimaschana Niruntasukrat, Chavee Issariyapat, Panita Pongpaibool, Koonlachat Meesublak, Pramrudee Aiumsupucgul and Anun Panya “Authorization Mechanism for MQTT based IoT”, IEEE 2016 workshop on IoT.
  10. Satya Sankar Sahoo, “Getting Started With MQTT A Practical Guide”.
  11. https://www.google.co.in/search?q=impact+of+iot ++ forec ast+2020 &source=lnm
  12. Journal of Physics: Conference series “IoT real time data acquisition using MQTT Protocol”, R.A. Atmoko et el. 2017 J physics: conf ser 853012003
  13. https://iot-analytics.com/iot-market-data/global-iot-enterprise-spending/
  14. Abdessamad Mektoubi et al., “New Approach for a Securing Communication Over MQTT Protocol, A comparison between RSA and Elliptic Curve”, IEEE 2016.
  15. Mario FRUSTACI et al., “Evaluating critical security issues of the IoT world: Present and Future challenges”, IEEE Internet of Things DOI 10.1109/JIOT.2017.2767291.
  16. Tara Salman and Raj Jain, “A Survey of Protocols and Standards for Internet of Things”, Department of Computer Science and Engineering, Washington University,
  17. Sejal Gupta et. al., “Energy-efficient dynamic Homomorphic Security scheme for fog computing in IoT networks”, Journal of Information Security and Applications 2021.
  18. https://mqtt.org/
  19. A. R. Alkhafajee et. al., “Security and Performance Analysis of MQTT Protocol with TLS in IoT Networks”, IEEE 2021.
  20. Lukas Malina et. al., “A Secure Publish/Subscribe Protocol for Internet of Things”, ACM 2019.
Index Terms

Computer Science
Information Sciences

Keywords

Internet of Things Protocol MQTT Security Architecture