Introducing Usage Control in MQTT protocol for IoT

MQTT is a widely-used general purpose IoT application layer protocol, usable in both constrained and powerful devices, which coordinates data exchanges through a publish/subscribe approach. In this paper we propose a methodology to increase the security of the MQTT protocol, by including Usage Control in its operative workflow. The inclusion of Usage Control enables a fine-grained dynamic control of the rights of subscribers to access data and data-streams over time, by monitoring mutable attributes related to the subscriber, the environment or data itself.

Antonio La Marra
Fabio Martinelli
Paolo Mori
Andrea Saracino
Author (ESR): 
Athanasios Rizos (Consiglio Nazionale Delle Ricerche)