Research Area:  Internet of Things
This paper presents the design and implementation of an authorization mechanism for MQTT-based Internet of Things (IoT). The design is based on OAuth 1.0a, which is an open authorization standard for web applications. Some redesign and modification have been made to the based framework to fit it within the MQTT environment. Several considerations are taken into account, including limited node resources, lack of nodes user interface, and key/secret distribution and management. The design is implemented on a real MQTT-based IoT service platform and demonstrated that it works as intended. Authorization delay and message overhead are minimal. Security issues are analyzed along with discussion for future work.
Author(s) Name:  Aimaschana Niruntasukrat; Chavee Issariyapat; Panita Pongpaibool; Koonlachat Meesublak; Pramrudee Aiumsupucgul and Anun Panya
Conferrence name:  IEEE International Conference on Communications Workshops (ICC)
Publisher name:  IEEE
Paper Link:   https://ieeexplore.ieee.org/document/7503802