Abstract
Internet of Things (IoT) is considered as a giant network of connected devices who collect data and share them with each other. There has been extensive developments on IoT standards and protocols that enable IoT devices to exchange data in a structured and meaningful way. Message Queuing Telemetry Transport (MQTT) is one of such developments receiving widely adoption for industrial applications. It is designed as a lightweight messaging protocol based on the publish-subscribe model by which clients publish messages to a broker who is responsible for distributing the messages to subscribed clients. MQTT is often deployed in a hostile environment in which IoT devices and brokers are vulnerable to attacks. While security for MQTT has received great attention, it does not adequately address the authorisation issues within a decentralised MQTT environment. Existing work adopts policy-based approaches to regulate data sharing across multiple brokers, which we believe, are unlikely to scale well. In this paper we propose a trust-based approach that can be easily incorporated into the existing implementation of MQTT broker. We introduce a way of computing trust rating of brokers and develop two means of using the trust ratings to control data flow across multiple broker domains. Our approach is capable of detecting and blocking malicious clients and brokers from sending false or malicious messages into the system.
Original language | English |
---|---|
Title of host publication | 2023 20th Annual International Conference on Privacy, Security and Trust (PST) |
Publisher | Institute of Electrical and Electronics Engineers (IEEE) |
Pages | 1-5 |
Number of pages | 5 |
ISBN (Electronic) | 9798350313871 |
ISBN (Print) | 9798350313888 |
DOIs | |
Publication status | Published - 22 Nov 2023 |
Event | 2023 20th Annual International Conference on Privacy, Security and Trust (PST) - Copenhagen, Denmark Duration: 21 Aug 2023 → 23 Aug 2023 |
Conference
Conference | 2023 20th Annual International Conference on Privacy, Security and Trust (PST) |
---|---|
Period | 21/08/23 → 23/08/23 |