Skip to main content
SpringerLink
Log in

Distributed UCON in CoAP and MQTT Protocols

  • Conference paper
  • First Online:
Computer Security (CyberICPS 2019, SECPRE 2019, SPOSE 2019, ADIoT 2019)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11980))

Abstract

The Internet of Things (IoT) is playing a key role in consumer and business environments. Due to the sensitivity of the information IoT devices collect and share, and the potential impact a data breach can have in people’s lives, securing communication and access to data in IoT has become a critical feature. Multiple application layer protocols are used nowadays in IoT, with the Constrained Application Protocol (CoAP) and the Message Queue Telemetry Transport (MQTT) being two of the most widely popular. In this paper, we propose a solution to increase the security of both CoAP and MQTT based on the distributed Usage Control (UCON) framework. The inclusion of UCON provides dynamic access control to the data shared using these protocols. This occurs by monitoring mutable attributes related to the local protocol nodes and also by sharing data values between remote nodes via the distributed instances of UCON. We present the architecture and the workflow of our approach together with a real implementation for performance evaluation purposes.

This work has been partially funded by EU Funded projects H2020 NeCS, GA #675320, H2020 C3ISP, GA #700294 and EIT Digital HC&IoT.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    https://www.oasis-open.org/.

  2. 2.

    https://github.com/andsel/moquette.

  3. 3.

    https://github.com/automote/Califorium.

References

  1. Al-Fuqaha, A., Guizani, M., Mohammadi, M., Aledhari, M., Ayyash, M.: Internet of Things: a survey on enabling technologies, protocols, and applications. IEEE Commun. Surv. Tutor. 17(4), 2347–2376 (2015). https://doi.org/10.1109/COMST.2015.2444095. (Fourthquarter)

    Article  Google Scholar 

  2. Bastos, D., Shackleton, M., El-Moussa, F.: Internet of Things: a survey of technologies and security risks in smart home and city environments. In: Living in the Internet of Things: Cybersecurity of the IoT - 2018, pp. 1–7, March 2018. https://doi.org/10.1049/cp.2018.0030

  3. Capossele, A., Cervo, V., De Cicco, G., Petrioli, C.: Security as a CoAP resource: an optimized DTLS implementation for the IoT. In: 2015 IEEE International Conference on Communications (ICC), pp. 549–554. IEEE (2015)

    Google Scholar 

  4. Carniani, E., D’Arenzo, D., Lazouski, A., Martinelli, F., Mori, P.: Usage control on cloud systems. Future Gener. Comput. Syst. 63(C), 37–55 (2016). https://doi.org/10.1016/j.future.2016.04.010

    Article  Google Scholar 

  5. Chen, D., Varshney, P.K.: QoS support in wireless sensor networks: a survey. In: International Conference on Wireless Networks, vol. 233, pp. 1–7 (2004)

    Google Scholar 

  6. Collina, M., Corazza, G.E., Vanelli-Coralli, A.: Introducing the QEST broker: scaling the IoT by bridging MQTT and REST. In: 2012 IEEE 23rd International Symposium on Personal, Indoor and Mobile Radio Communications (PIMRC), pp. 36–41, September 2012. https://doi.org/10.1109/PIMRC.2012.6362813

  7. Costantino, G., La Marra, A., Martinelli, F., Mori, P., Saracino, A.: Privacy preserving distributed attribute computation for usage control in the Internet of Things. In: 2018 17th IEEE International Conference on Trust, Security and Privacy in Computing and Communications/12th IEEE International Conference on Big Data Science and Engineering (TrustCom/BigDataSE), pp. 1844–1851, August 2018. https://doi.org/10.1109/TrustCom/BigDataSE.2018.00279

  8. Faiella, M., Martinelli, F., Mori, P., Saracino, A., Sheikhalishahi, M.: Collaborative attribute retrieval in environment with faulty attribute managers. In: 2016 11th International Conference on Availability, Reliability and Security (ARES), pp. 296–303, August 2016. https://doi.org/10.1109/ARES.2016.51

  9. Gerdes, S., Bergmann, O., Bormann, C., Selander, G., Seitz, L.: Datagram Transport Layer Security (DTLS) Profile for Authentication and Authorization for Constrained Environments (ACE). Internet-Draft draft-ietf-ace-dtls-authorize-07, Internet Engineering Task Force, March 2019. https://datatracker.ietf.org/doc/html/draft-ietf-ace-dtls-authorize-07. (work in Progress)

  10. Giusto, D., Iera, A., Morabito, G., Atzori, L.: The Internet of Things. Springer, New York (2010). https://doi.org/10.1007/978-1-4419-1674-7

    Book  MATH  Google Scholar 

  11. Granjal, J., Monteiro, E., Silva, J.S.: Security for the Internet of Things: a survey of existing protocols and open research issues. IEEE Commun. Surv. Tutor. 17(3), 1294–1312 (2015)

    Article  Google Scholar 

  12. Hartke, K.: Observing Resources in the Constrained Application Protocol (CoAP). RFC 7641, September 2015. https://doi.org/10.17487/RFC7641. https://rfc-editor.org/rfc/rfc7641.txt

  13. Karopoulos, G., Mori, P., Martinelli, F.: Usage control in SIP-based multimedia delivery. Comput. Secur. 39, 406–418 (2013). https://doi.org/10.1016/j.cose.2013.09.005

    Article  Google Scholar 

  14. La Marra, A., Martinelli, F., Mori, P., Rizos, A., Saracino, A.: Improving MQTT by inclusion of usage control. In: Wang, G., Atiquzzaman, M., Yan, Z., Choo, K.-K.R. (eds.) SpaCCS 2017. LNCS, vol. 10656, pp. 545–560. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-72389-1_43

    Chapter  Google Scholar 

  15. La Marra, A., Martinelli, F., Mori, P., Rizos, A., Saracino, A.: Introducing usage control in MQTT. In: Katsikas, S.K., et al. (eds.) CyberICPS/SECPRE 2017. LNCS, vol. 10683, pp. 35–43. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-72817-9_3

    Chapter  Google Scholar 

  16. Lazouski, A., Martinelli, F., Mori, P.: Usage control in computer security: a survey. Comput. Sci. Rev. 4(2), 81–99 (2010). https://doi.org/10.1016/j.cosrev.2010.02.002

    Article  Google Scholar 

  17. Lazouski, A., Martinelli, F., Mori, P., Saracino, A.: Stateful data usage control for android mobile devices. Int. J. Inf. Secur., pp. 1–25 (2016). https://doi.org/10.1007/s10207-016-0336-y

    Article  Google Scholar 

  18. Locke, D.: MQ telemetry transport (MQTT) v3. 1 protocol specification. IBM developerWorks Technical Library (2010)

    Google Scholar 

  19. Marra, A.L., Martinelli, F., Mori, P., Saracino, A.: Implementing usage control in Internet of Things: a smart home use case. In: 2017 IEEE Trustcom/BigDataSE/ICESS, pp. 1056–1063, August 2017. https://doi.org/10.1109/Trustcom/BigDataSE/ICESS.2017.352

  20. Park, J., Sandhu, R.: The UCONABC usage control model. ACM Trans. Inf. Syst. Secur. 7(1), 128–174 (2004). https://doi.org/10.1145/984334.984339

    Article  Google Scholar 

  21. Raza, S., Shafagh, H., Hewage, K., Hummen, R., Voigt, T.: Lithe: lightweight secure CoAP for the Internet of Things. IEEE Sens. J. 13(10), 3711–3720 (2013). https://doi.org/10.1109/JSEN.2013.2277656

    Article  Google Scholar 

  22. Rescorla, E., Modadugu, N.: Datagram Transport Layer Security Version 1.2. RFC 6347, January 2012. https://doi.org/10.17487/RFC6347. https://rfc-editor.org/rfc/rfc6347.txt

  23. Rescorla, E., Tschofenig, H., Modadugu, N.: The Datagram Transport Layer Security (DTLS) Protocol Version 1.3. Internet-Draft draft-ietf-tls-dtls13-31, Internet Engineering Task Force, March 2019. https://datatracker.ietf.org/doc/html/draft-ietf-tls-dtls13-31. (work in Progress)

  24. INFSO D.4 Networked Enterprise and RFID INFSO G.2 Micro and Nanosystem: Internet of Things in 2020, A Roadmap for the Future (2009)

    Google Scholar 

  25. Shelby, Z., Hartke, K., Bormann, C.: The Constrained Application Protocol (CoAP). RFC 7252, June 2014. https://doi.org/10.17487/RFC7252. https://rfc-editor.org/rfc/rfc7252.txt

  26. Singh, M., Rajan, M.A., Shivraj, V.L., Balamuralidhar, P.: Secure MQTT for Internet of Things (IoT). In: 2015 Fifth International Conference on Communication Systems and Network Technologies, pp. 746–751, April 2015. https://doi.org/10.1109/CSNT.2015.16

  27. Tiloca, M., Selander, G., Palombini, F., Park, J.: Group OSCORE - Secure Group Communication for CoAP. Internet-Draft draft-ietf-core-oscore-groupcomm-04, Internet Engineering Task Force, March 2019. https://datatracker.ietf.org/doc/html/draft-ietf-core-oscore-groupcomm-04. (work in Progress)

  28. Ukil, A., Bandyopadhyay, S., Bhattacharyya, A., Pal, A., Bose, T.: Lightweight security scheme for IoT applications using CoAP. Int. J. Pervasive Comput. Commun. 10(4), 372–392 (2014)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Istituto di Informatica e Telematica, Consiglio Nazionale delle Ricerche, Pisa, Italy

    Athanasios Rizos, Andrea Saracino & Fabio Martinelli

  2. Department of Computer Science, University of Pisa, Pisa, Italy

    Athanasios Rizos

  3. BT Adastral Park Research Labs, British Telecommunications plc, Ipswich, UK

    Daniel Bastos

Authors
  1. Athanasios Rizos
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Daniel Bastos
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Andrea Saracino
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Fabio Martinelli
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Athanasios Rizos or Daniel Bastos .

Editor information

Editors and Affiliations

  1. Open University of Cyprus, Latsia, Cyprus

    Sokratis Katsikas

  2. IMT Atlantique, Brest, France

    Frédéric Cuppens

  3. IMT Atlantique, Brest, France

    Nora Cuppens

  4. University of Piraeus, Piraeus, Greece

    Costas Lambrinoudakis

  5. University of the Aegean, Mytilene, Greece

    Christos Kalloniatis

  6. University of Toronto, Toronto, ON, Canada

    John Mylopoulos

  7. Georgia Institute of Technology, Atlanta, GA, USA

    Annie Antón

  8. University of Piraeus, Piraeus, Greece

    Stefanos Gritzalis

  9. Technical University of Berlin, Berlin, Germany

    Frank Pallas

  10. Alexander von Humboldt Institute for Internet and Society, Berlin, Germany

    Jörg Pohle

  11. Ruhr University Bochum, Bochum, Germany

    Angela Sasse

  12. Technical University of Denmark, Kongens Lyngby, Denmark

    Weizhi Meng

  13. University of Plymouth, Plymouth, UK

    Steven Furnell

  14. Télécom SudParis, Evry, France

    Joaquin Garcia-Alfaro

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Rizos, A., Bastos, D., Saracino, A., Martinelli, F. (2020). Distributed UCON in CoAP and MQTT Protocols. In: Katsikas, S., et al. Computer Security. CyberICPS SECPRE SPOSE ADIoT 2019 2019 2019 2019. Lecture Notes in Computer Science(), vol 11980. Springer, Cham. https://doi.org/10.1007/978-3-030-42048-2_3

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-42048-2_3

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-42047-5

  • Online ISBN: 978-3-030-42048-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation