CoAP and MQTT: Characteristics and Security

Abstract

There is no doubt that Internet of Things (IoT) has a significant impact on many aspects of our lives including how we live, drive, irrigate, the way we consume energy and the way we manage our confidential and personal data. Data is generated and gathered from different lightweight IoT gadgets and smart devices using two widely protocols; Constrained Application Protocol (CoAP) and Message Queuing Telemetry Transport (MQTT). These protocols are based on Publish/Subscribe model. Nevertheless, as the use of these emerging protocols increase, the risk of attacks increases as well. Indeed, these communications come up with many security vulnerabilities. In this paper, we describe these two emerging messaging protocols to address the needs of the lightweight IoT nodes, we discuss protocols and techniques used to manage security in CoAP and MQTT, we reveal some of security limitations and issues, we conclude with some future directions.