AUPS: An Open Source AUthenticated Publish/Subscribe system for the Internet of Things

The arising of the Internet of Things (IoT) is enabling new service provisioning paradigms, able to leverage heterogeneous devices and communication technologies. Efficient and secure communication mechanisms represent a key enabler for the wider adoption and diffusion of IoT systems. One of the mos...

Full description

Saved in:
Bibliographic Details
Published in:Information systems (Oxford) 2016-12, Vol.62, p.29-41
Main Authors: Rizzardi, Alessandra, Sicari, Sabrina, Miorandi, Daniele, Coen-Porisini, Alberto
Format: Article
Language:English
Subjects:
Devices
Freeware
Internet
Internet of Things
Licenses
Messages
Middleware
MQTT
Policies
Protocol (computers)
Prototype
Publish & Subscribe
Security
Source code
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:The arising of the Internet of Things (IoT) is enabling new service provisioning paradigms, able to leverage heterogeneous devices and communication technologies. Efficient and secure communication mechanisms represent a key enabler for the wider adoption and diffusion of IoT systems. One of the most widely employed protocols in IoT and machine-to-machine communications is the Message Queue Telemetry Transport (MQTT), a lightweight publish/subscribe messaging protocol designed for working with constrained devices. In MQTT messages are assigned to a specific topic to which users can subscribe. MQTT presents limited security support. In this paper we present a secure publish/subscribe system extending MQTT by means of a key management framework and a policy enforcement one. In this way the flow of information in MQTT-powered IoT systems can be flexibly controlled by means of flexible policies. The solution presented is released as open source under Apache v.2 license. •A new secure MQTT mechanism named AUPS(AUthenticated Publish&Subscribe) is defined.•AUPS is integrated in a flexible and cross-domain IoT architecture.•AUPS is further integrated with a policy enforcement mechanism.•AUPS is openly released under Apachev.2 license.•A key management system is defined in order to guarantee a good level of security.
ISSN:0306-4379
1873-6076
DOI:10.1016/j.is.2016.05.004