Research Area:  Internet of Things
The evolution and expansion of networking technologies have managed to create large scale connectivity among versatile devices and applications that led to the jargon internet of things (IoT). IoT has evolved due to the convergence of wireless sensor networks (WSN) and internet technologies with a view to approaching towards smart city prospects. In IoT, for maintaining device to device communication, HTTP protocol has been used for remote monitoring and analysis of data from large number of sensing elements but it consumes more power, have comparatively lesser efficiency of transmission and cannot utilize system bandwidth efficiently as well. Thus the protocols MQTT (Message Queuing Telemetry Transport), AMQP and CoAP are quite capable of handling wireless sensor traffic under very low bandwidth and constrained network conditions. Security is also another major concern as IoT applications collect private data and allow access to various control functions over the internet. Therefore, in this paper, we discuss a detailed analysis of data & devices security issues and present an enhanced security model with a view to improving the security issues. We propose a secure version of MQTT protocol modifying and enhancing the existing MQTT protocol based on Key/Cipher text Policy Attribute Based Encryption(KP/CP-ABE) using lightweight Elliptic Curve cryptosystem. We also introduced a multi-tier authentication system for secure communication and an extra security layer to prevent the data theft.
Author(s) Name:  Abdur Rahman; Shanto Roy; M Shamim Kaiser; Md. Shahidul Islam
Conferrence name:  5th International Conference on Networking, Systems and Security (NSysS)
Publisher name:  IEEE
Paper Link:   https://ieeexplore.ieee.org/document/8631379