Securing Publish-Subscribe Services with Dynamic Security Protocol in MQTT Enabled Internet of Things

Abstract

Rapid developments in the field of embedded system, sensor technology, IP addressing and wireless communication are driving the growth of Internet of Things (IoT) in a variety of applications which include environment monitoring, smart manufacturing, e-health and smart agriculture. Due to heterogeneous and constrained nature of IoT nodes, many new security and privacy issues are introduced. IoT devices and systems collect a lot of private data about people, for example an intelligent meter knows when you are home and what devices you use when you are there. This data is shared with other devices and also stored in database or cloud server. Absence of security protocols for these resource constrained smart devices averts their widespread implementation. To address this problem, we propose a mechanism for securing application layer MQTT (Message Queue Telemetry Transport) protocol messages in IoT. The proposed security method for Internet of Things is lightweight in nature and suits well for resource constricted devices. The proposed method counters most of the likely confidentiality attacks in IoT.