Upload File

designing an open source iot hub: bridging interoperability and … · 2020-03-17 · designing an...

  • Home
  • Documents
  • Designing an open source IoT Hub: bridging interoperability and … · 2020-03-17 · Designing an open source IoT Hub: bridging interoperability and security gaps with MQTT and your
18
Designing an open source IoT Hub: bridging interoperability and security gaps with MQTT and your Android device Melissa Adriana Simoes Saial Real, Hamed Haddadi Queen Mary University of London Abstract With constantly evolving hardware and increased competitiveness from manufacturers in the construction of the IoT enabled home, the difficulty in managing and securing the multitude of internet enabled devices at any individual’s disposal is ever greater, with competing applications tailored to manage Bluetooth devices, Wi-Fi Direct or NFC enabled “things”. While the means of connectivity are ever increasing, the lack of a single standard of IoT connectivity as well as the lack of a single interoperability solution difficult consumer adoption of an internet enabled home. The solution to these issues is here presented in the form of a single, simple, user- friendly interface that can be intuitively used by any consumer. Pairing this interface with an optimal communication protocol will assist in bridging the interoperability gap and provide the necessary abstraction layer to facilitate the interchange of data regardless of which device is being used. This paper proposes that the solution for both these issues lies with leveraging the capabilities of mobile devices, in this case particularly targeting Android, paired with an integration of the lightweight communication protocol MQTT. Introduction Designing an IoT hub is not a new concept: Lea and Blackstock [20] proposed it in 2014 as well and Amazon’s Alexa facilitates the connections to different intelligent devices in the home, acting as a central hub for managing devices such as Philips Hue lightbulbs and TP- Link Smart Plugs. However, what is recent is the motivation to propose an open source solution. With academic papers frequently discussing IoT magement solutions without open sourcing code, it was necessary to provide an accessible and testable solution that could be explored and tinkered with by other interested parties. We will showcase the different options provided and the only competing open source solution thus found – home assistant. This paper will thus showcase the steps in building the ideal hub service, and how any individual can leverage the power of an open-source Java Android application aimed at facilitating the discovery of services provided by Internet enabled devices within a local area network. Afterwards we demonstrate how simple it is to establish a communication channel between an android device and a Mosquitto broker using the MQTT Protocol and an Android application provided by the Eclipse IoT project. This paper will further explore the current options provided for service discovery in the context of IoT, the most relevant protocols and architectures used in connecting these devices as well as the attempts that have been made at establishing a standard means of connectivity in the scope of the Internet of Things. Defining IoT The definition of IoT varies widely in academia. For the scope of this paper we begin by defining an IoT as an Internet enabled entity, following the concept given by de Melo et al in [1] of “all application comprising objects or devices that can interact with other objects and

Upload: others

Post on 09-Apr-2020

6 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: Designing an open source IoT Hub: bridging interoperability and … · 2020-03-17 · Designing an open source IoT Hub: bridging interoperability and security gaps with MQTT and your

DesigninganopensourceIoTHub:bridginginteroperabilityandsecuritygapswithMQTTandyourAndroiddevice

MelissaAdrianaSimoesSaialReal,HamedHaddadi

QueenMaryUniversityofLondon

AbstractWithconstantlyevolvinghardwareandincreasedcompetitivenessfrom

manufacturersintheconstructionoftheIoTenabledhome,thedifficultyinmanagingandsecuringthemultitudeofinternetenableddevicesatanyindividual’sdisposalisevergreater,withcompetingapplicationstailoredtomanageBluetoothdevices,Wi-FiDirectorNFCenabled“things”.Whilethemeansofconnectivityareeverincreasing,thelackofasinglestandardofIoTconnectivityaswellasthelackofasingleinteroperabilitysolutiondifficultconsumeradoptionofaninternetenabledhome.

Thesolutiontotheseissuesisherepresentedintheformofasingle,simple,user-friendlyinterfacethatcanbeintuitivelyusedbyanyconsumer.Pairingthisinterfacewithanoptimalcommunicationprotocolwillassistinbridgingtheinteroperabilitygapandprovidethenecessaryabstractionlayertofacilitatetheinterchangeofdataregardlessofwhichdeviceisbeingused.Thispaperproposesthatthesolutionforboththeseissueslieswithleveragingthecapabilitiesofmobiledevices,inthiscaseparticularlytargetingAndroid,pairedwithanintegrationofthelightweightcommunicationprotocolMQTT.IntroductionDesigninganIoThubisnotanewconcept:LeaandBlackstock[20]proposeditin2014aswellandAmazon’sAlexafacilitatestheconnectionstodifferentintelligentdevicesinthehome,actingasacentralhubformanagingdevicessuchasPhilipsHuelightbulbsandTP-LinkSmartPlugs.However,whatisrecentisthemotivationtoproposeanopensourcesolution.WithacademicpapersfrequentlydiscussingIoTmagementsolutionswithoutopensourcingcode,itwasnecessarytoprovideanaccessibleandtestablesolutionthatcouldbeexploredandtinkeredwithbyotherinterestedparties.Wewillshowcasethedifferentoptionsprovidedandtheonlycompetingopensourcesolutionthusfound–homeassistant.Thispaperwillthusshowcasethestepsinbuildingtheidealhubservice,andhowanyindividualcanleveragethepowerofanopen-sourceJavaAndroidapplicationaimedatfacilitatingthediscoveryofservicesprovidedbyInternetenableddeviceswithinalocalareanetwork.AfterwardswedemonstratehowsimpleitistoestablishacommunicationchannelbetweenanandroiddeviceandaMosquittobrokerusingtheMQTTProtocolandanAndroidapplicationprovidedbytheEclipseIoTproject.ThispaperwillfurtherexplorethecurrentoptionsprovidedforservicediscoveryinthecontextofIoT,themostrelevantprotocolsandarchitecturesusedinconnectingthesedevicesaswellastheattemptsthathavebeenmadeatestablishingastandardmeansofconnectivityinthescopeoftheInternetofThings.DefiningIoTThedefinitionofIoTvarieswidelyinacademia.ForthescopeofthispaperwebeginbydefininganIoTasanInternetenabledentity,followingtheconceptgivenbydeMeloetalin[1]of“allapplicationcomprisingobjectsordevicesthatcaninteractwithotherobjectsand

Page 2: Designing an open source IoT Hub: bridging interoperability and … · 2020-03-17 · Designing an open source IoT Hub: bridging interoperability and security gaps with MQTT and your

applicationsovertheinternet”.ThisinterpretationunderstandsIoTnottobenecessarilyphysical,sinceIoTapplicationscanbesimulatedusingservicessuchasAWSIoTorIBM’sBluemix.CoretothisdefinitionisthecapacityofIoTtoconnectwithdifferentobjects/applicationsandcarryoutfunctions,andso,anIoTdeviceishereconsideredasaphysicalentitywhileIoTreferstoamoregeneralconceptofaninterconnectedentity.AnothervalidinterpretationthathelpsusdefinethearchitectureinwhichIoTisintegratedistoproposenotjust“anIoT”buttoperceivetheInternetofThingsasthesystemofinterconnected“things”.ThismeansthatratherthanreferringtoIoTasindividualentities,thewordIoTisreferringtoawholecognitivesystem,where“things”contributedataandintelligence[2].Inthisapproach,a“thing”istheIoTentity,andthatthingcanbeadrone,anode,anintelligenttoasteroranyotherdeemed“intelligent”machine.TheIoTnetworkarchitectureinthissensedescribestheinteractionofthingswithinthissystem.Asimplifiedversionofthisarchitectureispresentedin[2]andstatesitsfourmaincomponentsasthethings(sensingdevices),acommunicationnetwork,acloudandtheback-endIoTapplications.ThedevicesusetheIoTapplicationstomakeuseoftheirservices,andthenreachthecloudviathecommunicationnetworktomakeuseofcloudservicessuchasdatastorage.Anillustrationofthisinteractionisalsoprovidedbytheauthors.

Figure1.IoTnetworkarchitecture[2]

ChallengestoIoTconnectivityWithover8billionconnecteddevicesatthetimeofwriting[3],thenumberofconnecteddevicesmayfailtomeetthecommonlyquotedpredictionofCisco’s2011report[4]of50billiondevicesfor2020,butitisundeniablethatIoTisquicklybecomingcommonplaceasthenumberofdevicesalreadysurpassestheworldpopulation.Thus,IoTbecomesarelevantsubjecttoresearch,togetherwiththetopicofhowweconnect,interactandhavedatacollectedbythesedevices.ThedialogueonthesemattershasbeenrecentlyintensifiedbythesecuritybreachesthathaveseenmillionsofIoTdeviceshijackedforthepurposeofDDoSattacks,whichhaveexposedcriticalsecurityflawsinthedesignandimplementationofIoTcommunicationprotocols.Onesuchexampleoftheseattacksisthe“Mirai”virus

Page 3: Designing an open source IoT Hub: bridging interoperability and … · 2020-03-17 · Designing an open source IoT Hub: bridging interoperability and security gaps with MQTT and your

whichhijackedover900thousandroutersofDeutscheTelekomcustomers[5]bytakingadvantageofatelnetvulnerability.Thesesecurityflawsareaconsequenceofboththedifficultyinimplementingencryptionondeviceswithconstrainedprocessingpower[17],aswellasaresultoftherapidexpansionofIoTtechnologywithoutestablishingastandardforasecureIoTarchitecture.Suchastandardisstillmissing[6],notduetolackofattemptstoestablishone-aswewillexploreinsectiontwo-butmainlyduetotherapidcreationofdifferentproductspriortoconsiderationforexpansion,securityandcompatibilitywithdifferenttechnologies.This,pairedwithadesireonthepartofcertainmanufacturers1tonotprovidecompatibilityacrossdifferentbrandsofdevices,hascausedahindrancetotheeffortofstandardisation.TheneedforastandardthatenablesbestsecuritypracticestoprotectIoTconsumersisthusthemotivationforthispaperandexplorationoftoolsthatallowtheconstructionofaneasy-to-useapplicationwhichaggregatesavailableIoTservicesinasingleinterface.CurrentstandardisationeffortsMultipleopenprotocolsappropriateforIoThavebeenrecognisedbystandardisationbodiesincludingtheEuropeanTelecommunicationsStandardInstitute(ETSI),TheOrganizationofStructuredInformationStandards(OASIS),theOpenMobileAlliance(OMA)andtheInternetEngineeringTaskForce(IETF).TheseincludeHTTP,CoAPandMQTT[7].Intermsofcommunicationprotocols,thesehavedifferentcomponentsthatcanbeintegratedintoapplicationstoallowfordevicediscoveryandforthedesignofanIoTsearchsystem.However,theseprotocolsdonotdefineasinglearchitecturalmodelastheycanbesimplyintegratedintodifferentIoTdesigninfrastructuresthatsupportthem.Promotingtheimplementationofprotocols,insteadofhardwaredependantcommunicationcomponents,signalsadeparturefromhowtraditionalcommunicationhasbeenestablishedbetweenIoT.Foryears,Bluetooth,ZigBeeandothershort-rangetransmissiontechnologieshavebeenusedasgatewaysforaccessingIoTdevicesandservices[16]butthetrendtowardscloudcomputingandservicevirtualisationhasrequiredadjustmentstobemadeonhowweconnecttoIoTtoallowforexpansibilityandIoTcloudaccess.FlexibleinteroperabilitycanbefacilitatedbytheuseofWirelesstechnologiesbeingintegratedintoIoTdevicestoallowdirectcommunicationbetweenthings,withouttheneedtobeconnectedviaarouter.ThisisthestandardpromotedbyWi-FiDirect,endorsedbytheWi-FiAlliance,whichallowsfordevicestotalktoeachotherdirectlyviaasoftwareaccesspoint[8].Ratherthanusingarouterorevenneedinganinternetconnection,devicescanconnecttoagroupofmultipledevicesormakeone-to-oneconnections.Onedevicedefinesthesoftwareaccesspointandbecomestheownerofagivendevicegroup.ThisenablescompatibilitywitholderWi-FidevicesthatdonothaveWi-FiDirect,withtheaddedbenefitthatWi-FiDirectalreadyintegratessecuritymechanismswithinitsspecificationandincludesWPA2protection[8].

1Apple’sproprietaryHomeKitsoftwareisanexample,asusersarerequiredtopurchaseadditionalhardwareinordertobridgethecommunicationwithdevicesfromdifferentmanufacturers.OneexampleofthisarethePhilipsHueIoTbulbs,whichhardwareisavailablefrom:https://www.apple.com/shop/product/HJE22VC/B/philips-hue-homekit-upgrade-bridge-for-current-hue-bridge-users

Page 4: Designing an open source IoT Hub: bridging interoperability and … · 2020-03-17 · Designing an open source IoT Hub: bridging interoperability and security gaps with MQTT and your

WhileWi-FiDirectiscertainlyanadvantageousapproachforsystemsthatareenabledtosupportthistechnology,itisnotwithoutitsfaults-authorsin[18]highlightadisadvantageofusingwirelesstechnologies,becausetheserequireanaccesspointtobesetupforWi-Ficommunicationstobeestablishedbetweendevices.Theauthorsalsoreflectonotherhardware,suchastheneedfordevicestoberunningthesameOSwhenitcomestoBluetoothcommunications.Asso,anidealsolutionwouldnotrelyonaparticulartechnologyforinterconnectivitybutinsteadwouldallowforanabstractionlayerfromtheunderliningtechnologyandpermitinteroperabilitybetweendifferenthardware.MostprotocolsintegratedintoIoTonlyrequirethecapacityofdevicestocommunicateusingHTTP/RESTmethods,whichintegrationintoIoTcommunicationlayerswillbefurtherexploredinthenextsection.Afeatureofprotocolsisrequiringtheirrespectiveimplementationstoprovideforsecurity,meaningsecurityconcernsareaddresseddifferentlywitheachimplementation.SimplyhavingaprotocoltoestablishcommunicationisnotenoughtoprogramanIoTinteroperabilitysolutionsinceanimplementationofeachprotocolisrequiredaspartofafullapplicationtobeprovidedasaservicetheconsumercanuse.Itissoimportanttounderstandhowtheseprotocolsfunctionasinteroperabilityenablersandcanbeintroducedintoapplicationdesign.CommunicationProtocolsforIoTconnectivityMachine-to-machine(M2M)communicationisenabledbythewebtechnologiesofHTTP/RESTthatexposeservicesusingHTTPtyperequestsandbyusingURIsasameanstoidentifyresources[10].WebtransferprotocolssuchasMQTTandCoAPenableapplicationtransferevenwhenresourcesarelimited[9],thusmakingtheseidealtoworkwithconstraineddevices-whicharedefinedbybeingcharacteristicallylowpoweredandhavingonlyafewkbofRAMmemory.ConstraineddevicesdonothavethecapacityforpeakoperatingsystemssuchasLinuxtoberuninthem.WheninteractingwithHTTP,CoAPprovidesalevelofabstractionthatavoidsusingspecificapplicationdatatoprovideinteraction,manytimesusinganintermediarytotranslatethedatatransmittedinbetweenbothprotocols[9].TheusageofURIstoidentifyresourcesbybothprotocolsalsofacilitatestheinterchangeabilityofcommunicationsandtrafficinterceptionsbetweenthem.AsCoAPreliesonRESTconnectivityitcanbeappliedregardlessofwhichhardwareisbeingusedtocommunicate,sinceclientscansimplyuseGETrequeststoaskforresourceupdatesfromtheservercontainingtheresource[14].Whiletherearemanydifferentoptionsforprotocolimplementations,theonechosenforthisprojectandwhichiscommonlyusedwithconstraineddevicesisthesimpledataexchangeserviceMQTT.CreatedbyIBMandArcomtofacilitateMachinetoMachinedataexchange,MQTTisalightweightpublish/subscribeprotocolthathasanacceptedstandardisedspecificationbyOASIS[15]andusesaclient/brokersystem,whichallowsfortwoormorebrokerstoconnectviaabridgingsystem.Bridgingallowsfortheconnectionofbrokersbyhavingoneofthebrokersinitiateabridgebydefiningatopicthatallinterestedbrokers/clientscansubscribeto.ThismethodalsoallowsforclientstosendmessagestoanMQTTbroker,andthoseclientscanalsosubscribetothemessagessenttothebrokerandreceiveupdatesnotifyingthemofnewmessages.AcommonbrokerimplementationusedwithMQTTisMosquitto[12],asitprovidesasolutionthatisalsoopensource,lightweightandcompatibleacrossdifferentplatforms.Itwasthebrokerimplementationofchoicebytheauthorsin[13]tocreateamessage

Page 5: Designing an open source IoT Hub: bridging interoperability and … · 2020-03-17 · Designing an open source IoT Hub: bridging interoperability and security gaps with MQTT and your

transmissionsystemthatreliespreciselyonthisMQTTandMosquittocombinationtoreliablyexchangemessagesinanIoTsetting.InordertouseMQTTwithaclientimplementation,awell-establishedoptionisprovidedbyEclipsePaho[38].PahohasmultipleopensourceclientlibrariessuchasJava,PythonandJavaScriptavailable,andAmazonalsoenablestheusageofthePahoMQTTwithWebSockettoconnecttoAWSIoT[11]-WebSocketisacommunicationprotocolthatopenscommunicationchannelsoverTCPconnections.WithinthenextsectionwewillexplorehowtousetheMQTTPahoJavaAndroidclienttopushnotificationsaboutdevicestoaMosquittobroker.Butfirstly,wewillexploredifferentapproachesthatintegratethedescribedprotocolsintothedifferentlayersoftheirrespectiveIoTmanagementsolutions.FormerproposedsolutionsandimplementationsThechallengeposedbyprovidingacommunicationstructurebetweenaservicelayeranddifferentIoTarchitecturescanbeaddressedbyusingacombinationofprotocolsandclientlibrariesandturningtheseintoanAPI.OneexampleisthesolutionproposeddeMeloSilvaetalin[1],intheformofanAPIbasedonUPnPstandards,usingRESTandSOAPrequeststoretrievedataandcreateobjectsoffthatdata,thenpassingthecreatedobjecttoacomponenthandlermodule.WhiletheAPIpresentsausefulsolutiontoexposeRESTservicesithasnotbeenincorporatedinacompleteapplicationnordotheauthorsmakeitavailableforuseviaanopensourcemeanssuchasGitHub,providingachallengeintermsoftestingthefunctionalityofthedescribedapplication.Outofthedifferentarchitecturedesignsdescribed,theseeminglymostconvenientfromaconsumerfacingperspectivewasthesuggestionofafullsolutionasanapplicationwithaneasytouseclientinterface,whichdescribesamodelfora“hub”managementsystem.Authorsin[19]proposethehuborgatewaymethodsasthosewithmostpromisetodeliverinteroperabilitybetweendevices,withanexampleofsuchassystemdescribedin[20].TheideapresentsanopensourcehubthatconnectsdifferentIoTbyallowingagatewayforinteroperabilityamongstthese.ThearchitectureofLeaandBlackstock’s[20]describedhubmodelcontainsadataaggregatorthatservesasanaccesspointtoservices.Intheirmodel,theauthorsimplementedaCKANdataharvestertoaggregatedatainformationaboutthingsandusetheWotKitAPI2tofindthesethings,ormorespecifically,tofindthesensorsthatdifferentIoThasforthepurposeoflocatingphysicalorvirtualIoTdevicecapabilities.TheinformationfrombothAPIsisthensentintheformofacatalogueofresources,whichisinterpretedusingtheHyperCatspecification,meaningIoTresourcesthathadbeenexposedbybothAPIsaredescribedasacatalogueofURIresources.Certaindifficultiesarepointedoutbytheauthorsregardingtheuseofthissystem:Mainly,whenqueryingtheHyperCatcatalogueofitemsitisnecessarytorequestspecificmetadatakeyvaluepairs,andsincenotallsensordataprovidedbythechosenWoTKitAPIsexposedinformationintheformofmetadatakeysandvalues,itwasnotalwayspossibletoqueryavailableIoTresourcesofftheIoTcatalogue.MovingontoworkthathasbeenrecentlypublishedontheIoTarena,apracticalexampleofamoderndevicediscoveryandmanagementimplementationishomeassistant[22].HomeassistantisapythonbasedopensourceIoTmanagementapplicationthathasasimplecommandlineinstallation.Oncealltheappdependenciesareinstalledandrunning,home2FurtherinformationabouttheWotKitAPIisavailablefromhttps://wotkit.readthedocs.io/en/latest/user/quickstart.html#quickstart

Page 6: Designing an open source IoT Hub: bridging interoperability and … · 2020-03-17 · Designing an open source IoT Hub: bridging interoperability and security gaps with MQTT and your

assistantprovidesastraightforwardinterfacetotheuser,displayingallthedevicesthesystemisabletofindwithinthenetworkrange.

Figure2.Home-assistantinterfacedisplayedafterthesystemlocatedoneoftheIoTdevicespresentinthenetwork,aRokuNowTVbox

Theservicediscoverymethodsimplementedbyhomeassistantuseacombinationoflibrariesthatsearchforcomponentsandadjusttotheneedofeachindividualcomponent.Consequently,thereareseparatecodelibrariesdependingonwhatresourceistobefound,withspecificcodelibraryextensionsandinstructionsforaddingdevicessuchasanAmazonFireTVStick3.Outoftheacademicsolutionsresearched,noneprovidedaccesstothecodeimplementationsoftheirrespectiveimplementations.Theonlycompletesolutionfoundduringtheresearchforthisprojectthatoffersanopensourcerepository,whichcodecouldbeinvestigatedandtested,wasthepythonbasedhome-assistant[22].ThereisthustheneedforanopensourcesolutionthatfacilitatescommunicationandtransparencybetweenIoTdevices,thusbetterbridgingboththetheorythatsupportstheapplicationdesignaswellasclearexplanationofthecomponentsthatenablethediscoveryandcommunicationofdeviceswithinagivennetwork.

DiscoveringservicesonaLAN:ThePortAuthorityApplication

ToassesstheefficiencyofthePortAuthorityapp,wecancomparethefounddevicesagainstthoseconnectedtoourhomerouter,andsotheleastwe’llexpectfromanefficientdiscoveryserviceissixconnecteddevices,thesameonesdisplayedconnectedtoourskyhomerouter:

3InstructionsonsettinguptheFireTVextensionareavailablefromhttps://home-assistant.io/components/media_player.firetv/

Page 7: Designing an open source IoT Hub: bridging interoperability and … · 2020-03-17 · Designing an open source IoT Hub: bridging interoperability and security gaps with MQTT and your

Figure 3. Home router listing of connected devices

PortAuthorityisanopen-sourcetoolwithanup-to-daterepositoryprovidedby[23].ThePortAuthorityAndroidapplicationrunsnetworkscansusingacombinationofanativeservicediscoveryAPIaswellasafewnativeAndroidmethods–AndroidhaslibrariesforNetworkServiceDiscoverywhichcansupportdiscoveringHTTPserviceswhenitsserviceTypeparametersaresetto“http._tcp”ordiscoveringprintertypeswithserviceTypesetto“_ipp._tcp”[24].Theapplicationusesasynchronousthreadingtechniquestomakethediscoveryprocessesrunfasteronthebackground.

TheresultsexposedallthedevicesconnectedtotheLAN,whilefurtherprovidingportsinformationoneachoftheexposedaddresses.Itdiscoverssevenhosts,sinceitlistsnotonlythedevicesconnectedonthenetworkbutalsoourskyhubrouter.Theinformationandimplementationprovidedwerethemostdetailedandquickesttorunoutofdifferentoptionstested,reasonwhythePortAuthoritynotoriouslystoodoutasanoptimaldiscoveryservicetosupportthestructureofanIoThomehub.

Page 8: Designing an open source IoT Hub: bridging interoperability and … · 2020-03-17 · Designing an open source IoT Hub: bridging interoperability and security gaps with MQTT and your

Figures6and7.PortAuthoritydiscoveryresults

ThenextstepsweretotrialourchosencommunicationprotocolbeforetestinghowtopushmessagesviatheMQTTbroker.

SettingupMQTTasamessagebrokerfortheIoTdiscoveryserviceTocreateanIoThubapplication,itisnecessarytointegrateamessagingprotocolthatcansearchandpushnotificationstodeviceswithinagivenLANoravirtualisedenvironment.CurrentsolutionsthatarecompatiblewithInternetofThingsdevicesneedtobelightweightduetothesimplicityofhardware,storageandmemorylimitationsofconstraineddevices.Theauthorsin[21]highlightfourmessagingprotocolsasmostsuitableforIoTcompatibility,namelyAMQP,MQTT,ZeroMQandZMPP.TheirpapercomparestheperformanceofthesemessagingprotocolsindealingwithpublishingandsubscriptionofIoTinavirtualisedenvironment.TheauthorsinthiscomparisonpaperdenotedtheabilityofMQTTtoperformaboveaveragefortransportingmultiplesensorloads,andsothechoiceMQTTapplicationderivedfromacombinationoffactors:MQTToffersawell-documented,up-to-dateandsimpletoconfigureprotocol,easilyadjustedtofittheneedsofanyIoTapplication.Further,MQTThasbeenadoptedbycompaniescurrentlyleadingtheIoTspace,namelytheonlineretailerAmazon,whichhasimplementedtheMQTTprotocolinitsIoTsolutionsalbeitwithafewmodifications[11],aswellassocialmediagiantFacebookcurrentlyusingMQTTforitsMessengerApp[25].MQTTworksonaclient/brokermodel.Consequently,thefirststeptousethiscommunicationprotocolwastosetupanonlinebrokerthatwouldallowformultiple

Page 9: Designing an open source IoT Hub: bridging interoperability and … · 2020-03-17 · Designing an open source IoT Hub: bridging interoperability and security gaps with MQTT and your

Figure 8. Running the Mosquitto broker and publishing/subscribing to topics

devicestocommunicateovertheinternet.Firstly,totesttheprotocolcapabilitieswesetupanopen-sourcesourcebroker,Mosquitto.Aftersettingupthebroker,aclientimplementationisnecessary,andtheoneusedwastheopensourcePahoJavaclient[38].

InstallingandlaunchingtheMosquittobrokerwasastraightforwardprocess,Figure8demonstratesitsfirstusageandactivation.

ThisusecaseexemplifiesthepropertiesoftheMosquittobroker,wherewesetMosquittotoruninoneTerminal,andsimulateaclientbycreatingatopicinanotherterminalwindowwithmosquitto_pub,andyetanotherclientonathirdterminalwindowsubscribingtothesametopicandreceivingupdatespublishedtothebroker.WecanalsoseeontherighthandsidehowMosquittoonlyopenstheconnectionforestablishingcommunicationandclosesitstraightafterthemessageispushed.ThisdemonstrateswhyMQTTwithMosquittoisusefulforconstraineddevices,astheconnectionisonlyestablishedforaslongasnecessarytotransmitthemessage,thusoccupyingminimumbandwidth.ARaspberryPiwasalsousedtokeeprunningtheMosquittobrokerforapplicationtesting,thiswayallowingfordifferentdevicesonthenetworktoconnecttoitsserverviaSSH.WealsotestedusingMosquittoonthePi3(Figure9.).

Page 10: Designing an open source IoT Hub: bridging interoperability and … · 2020-03-17 · Designing an open source IoT Hub: bridging interoperability and security gaps with MQTT and your

Figure 9. Pi 3 Mosquitto broker

SittingontopoftheTCP/IPstackmeansthatMQTTreliesonaclientopeningaTCPconnectiontoestablishanMQTTconnectionandsendmessagesacrosstheclientandbroker[38].RunningMQTTallowsforcommunicationtohappenbetweendevicesthatarerunningonthesameLANvianetworksockets,butcommunicationisalsopossiblefromoutsidetheLANbyusingwebsockets,whichestablishendpointsforinternetconnectionstooccurbetweenservicesanddevices.ByaddingawebsocketlistenertotheMQTTconfigurationitispossibletotransmitmessagesbeyondthelocalareaconnection[38],butforthescopeofthisprojectwewilllimitthemessagingtobetransmittedtodevicesinourLAN.

ThepurposeofthispaperwasnotonlytofacilitatethecreationofanIoThub,butalsotogatherameanstobetterexploretheservicesbeingofferedbyIoTsonagivenLAN,andsoperceivewhetherourdevicesareexposedtosecurityrisksbyhavingcertainportsopenandaccessibleviatheinternet.Thenextstepsinimprovingtheapplicationrequirecomprehendinghowbestsecuritypracticesareputinplace,andunderstandingwhichsecuritymeasuresarecurrentlypossibleinthescopeoftheIoTandMQTTinparticular.ThenextsectionintroducesthecurrentstateofsecuritythreatsforthesedevicesaswellasproposedmethodstotackleIoTmalwarethreats.

SecurityconcernshandlingIoTconnectionsThesusceptibilityofIoTdevicestohackingbecamefarmoreprominentinthelastquarterof2016,whentheMiraivirusharvestedmillionsofconnecteddevicestoformabotnetthatwouldbringdowntheDNSproviderDyn[26],thuscausingtheunavailabilityofservicesfromwebsitesincludingTwitter,NetflixandSpotify.ThisDistributedDenialofService(DDoS)attackoverwhelmedthecapacityoftheserviceprovidersthatusedDyn,whichwerefloodedwithdatasentandrequestedbythehijackedIoTdevices,sotakingadvantageofboththevulnerabilityofIoTdevicesandthevulnerabilityofDNS.

Page 11: Designing an open source IoT Hub: bridging interoperability and … · 2020-03-17 · Designing an open source IoT Hub: bridging interoperability and security gaps with MQTT and your

Figure 20. Configuration of the raspberry pi IP to act as a local server for the MQTT message exchange

Figure 21. Paho MQTT Client on an HTC One Android Device, sending messages to the raspberry pi mosquitto broker

MiraiprovidesaninterestingexamplewhenexposingvulnerabilitiesinthescopeofIoT.Atitscore,thevirushasasimplestructure:itscansforrandomIPaddressesofinternetconnecteddevicesthathaveweakpasswordpolicies,andusesalookuptableofcommonusername/passwordcombinationstoconnecttothesedevicesviabrute-force,thatis,byattemptingallpossiblepasswordcombinationsforthese[30][34].Themalwarestartsbyexploitingpasswordvulnerabilities,andtheninsertstheMiraibotintothevulnerabledevice.Thebotstayslatentuntilarequesttoattackagivenserverisemittedbythecommandandcontrol(C&C)server.Becauserebootingdeletesthevirusfromthedevice,Miraialsoprovidesa“keepalive”methodtopreventthis–althoughre-infection,whenavulnerabledeviceisconnectedtotheinternet,takesonlyanestimated5minutesbasedontheexperienceconductedby[31].TheMcAfeesecurityreportfromApril2017providesanillustrationoftheMiraiarchitecture[34].

AnotherMiraiparticularityisthatitalsoprovidesformeanstoexpelothervirusesfromthesamedevice.Itsearchesforcommonmalwareexecutables,deletesthemfromthesystemandclosesvulnerableportstopreventfurtherinfectionsandgaincompletecontrol:itcanterminateapplicationsboundtoSSHorTelnetports[34,p.18],andafterinfectionitclosesport22forSSH,80forHTTPand23forTelnet.

Page 12: Designing an open source IoT Hub: bridging interoperability and … · 2020-03-17 · Designing an open source IoT Hub: bridging interoperability and security gaps with MQTT and your

Figure24.MiraiarchitecturefromMcAfee'sthreatreport[34]

ThisparticularfeatureofMirai,closingports22,80and23,emphasiseswhyIoTdevicesareespeciallyvulnerable–IoTthatkeepsspecificportsopenforaccessibilityandremotemanagementwithoutrequiringanyformofauthenticationfacilitateshijackingofitsfunctions.Thisvulnerabilityiswhatpromptedthepreviouslymentionedattackthattookover900thousandrouters–DeutscheTelekomhadkeptTCPport7547opentoallowforremotemanagementoftherouters,withoutlimitinginternetconnectionsfromaccessingthisport.

Figure25.Miraicommandthatinitiatesmalwareattack[35]

Thefaultonport7547waspatchedbyanupdateprovidedbythecompany,whichcouldonlybedeliveredaftercustomersrebootedtheirrespectivedevicestoclearthevirusandreceivetheupdate[36].However,whileDeutscheTelekomcustomersmaynolongerneedtoworryaboutthisparticularvulnerability,combattingnewmalwarestrandssuchasMiraiderivativesremainsachallengesincemanyofthedevicesithijacks,especiallyolderIoTmodels,containoldhardwarethatcannotbeupdated,orwhichdefaultpasswordscannotbechanged[32].Websitessuchasinsecam(http://www.insecam.org/en/)exposeexamplesoftheseinsecurities,wherestreamsareprovidedfromonlineinsecurecameras,whereuserscanwatchlivecamerafeedsfromdifferentpartsoftheworld.

Page 13: Designing an open source IoT Hub: bridging interoperability and … · 2020-03-17 · Designing an open source IoT Hub: bridging interoperability and security gaps with MQTT and your

TacklingtheIoTsecuritythreatTheauthorin[26]highlightsthelackofastandardforIoTtohavesecurityintegratedasacompulsorypartofthesystemasoneofthereasonswhymanufacturersdonotinvestinthisfeaturewhenproducingsmartdevices.Suggestedalternativestothecurrentsystemincludetheuseofencryption,withoneexamplebeingtoreplacethewidelyusedTelnetwithSSH,which,despitealsohavingsecurityvulnerabilities4[27],providesasecurecommunicationsessionchannelthatincludessupportingRSAauthenticationandencryptionofauthentication.ProtocolssuchasTelnetandFTPontheotherhand,openlytransmitpasswordswithoutencryptingtheseoverthenetwork,insteaddisplayingthemascleartexttoanyonelisteningonthenetwork.

TotackletheMiraithreatspecifically,Caoetalin[32]describeamethodtouseMiraiasavirusexpeller,bychangingthecodestructureofthevirus,eliminatingattackfunctionsandimplementingaheart-beatmodulewhichalertsaserverastowhetherthevirusexpellerislive.Thisversionofthemalware,proposedasa“whiteMirai”,dependsonatimeframeagreedwiththedeviceusertodisconnectthedeviceandhavethevirusexpellerbeinstalledassoonasthedeviceisbackon.However,thisstilldependsontheuseractivelyassistinginremovingthethreatfromtheinfecteddevice,ratherthanhavingamore“passive”approachforusersthatareunawaretheirrespectiveIoTmayhavebeeninfected.

ThealternativetotheapproachproposedbyCaoetal.wastopushthemodifiedmalwarewithoutuserconsent,whichresultsinaviolationofuserprivacy.ThispremiseputsforwardanentirelydifferentdebateonthedifficultyofpatchingdevicesthathavebeenhijackedbyMirai-typeviruses–ifusersareunawareoftheirdevicesbeinginfectedinthefirstplace,andwilllikelyremainunawareifafixisdeployedtothedevice,theethicalconcernsofanexternalpartyaccessingaprivatedevicebecomeapointofdebate,eveniftheoutcomeofthesecuritypatchisaimedatprotectingtheusersprivacywhileinfringingonuserprivacy.Withthisconsiderationinmind,itsbesttodesignIoTsystemsthatcomplytobestsecuritypracticesandrequireauthenticationmechanismswiththeoriginalimplementation,ratherthanprioritisingeaseofconnectivitywhilesacrificingsecurity,whichisthetrademadebyUPnPdevicestodate.

Toapplybettersecuritypractices,weneedtoconsiderhowMQTTcommunicatesoverthenetwork.MQTTwasdesignedwithoutintegratedauthenticationmechanismssincetheimplementationofthesewouldnotallowfortheprotocoltobeaslightweightasintended.Authenticationmechanismsaresupportedbuttheseneedtobeimplementedontopoftheprotocol[28].Asforourbroker,inMosquittothedefaultconfigurationdoesnotuseanyformofauthentication,keepingtheport1883openandlisteningforconnections[27],buttherearemultipleoptionsavailabletoaddanextralayerofsecurity:ItispossibletoencrypttheconnectionbetweentheMQTTbroker,inthiscaseMosquitto,andtheMQTTclient.Forthis,oneoptionistosetupatrustedservercertificateontheBrokeranduseaservicesuchasCertbot(https://certbot.eff.org/about/)orOpenSSLtogeneratethenecessarysecuritycertificates.

4G.SchultzhighlightsthatparticularlyOpenSSHhasavastamountofvulnerabilities.

Page 14: Designing an open source IoT Hub: bridging interoperability and … · 2020-03-17 · Designing an open source IoT Hub: bridging interoperability and security gaps with MQTT and your

Aftersecuringtheconnectionwithatrustedcertificateweneedtosetupapasswordbyeditingtheconfigurationfileinside/etc/mosquitto/conf.d/default.conftodisableconnectionsthathavenotbeenauthenticated(anonymousconnections)andrequireapasswordfile:

ThefinalsteptosecuringthebrokeristoconfiguretheSSLcertificatesandchangethedefaultportthatMQTTislistening.AnexampleofaconfigurationforthisissuggestedinFigure13,retrievedfrom[37].

Figure26.Configurationofmosquittobrokertopointtocertificatesandencryptconnection

Port1883localhostisreplacedwithalisteneronport8883.Thedisplayedconfigalsodisplayswherethecertificatestoencryptconnectionswillbefound.

ItisthusstraightforwardtoencryptMQTTconnectionsandmodifythenativepasswordsusedbythebroker.AsfortheraspberrypialteringthedefaultpasswordassoonastheconnectionisestablishedforthefirsttimewasthebestapproachtosafeguardfromMiraiinfectionsonconnection.

Finally,consideringrelatedworkonthisareaandeffortstowardsamoresecureIoT,asecurityframeworkaimedspecificallyatMQTTisproposedin[29]wheretheauthorsimplementamechanismthatusesasymmetrickeyencryptionalgorithmstosignrootcertificateswithapublickeyanddecryptthesewithaprivatekey,toallowforclientstosubscribetoagiventopiconlyifthesepossessthecorrectprivatekeynecessarytodecryptthemessagessenttothattopic.TheauthorstestbothRSAandEllipticCurvealgorithmswithfeasibleresults.AmazonIoTalsocontainsimplementationsthatcommunicateoverMQTTanditprovidestheoptiontoencrypttrafficusingTransportLayerSecurity.

ConclusionThisworkwasmotivatedbytherecentpropagationofIoTdedicatedviruses,andfortheneedoffurthertransparencyinthemappingandmanagementofintelligentdevices.WehavethusdiscussedservicesthatcanactasastartingpointforafullIoThub,byallowingfortheexposureofdifferenttypesofdevices,whethertheseareconnectedviaIPorBluetooth,byallowingtheusertodiscovertheseviaasimple,user-friendlyinterface.

Page 15: Designing an open source IoT Hub: bridging interoperability and … · 2020-03-17 · Designing an open source IoT Hub: bridging interoperability and security gaps with MQTT and your

IdeallyfutureworkwouldinvolveadaptingtheMQTTservicetopushtopicstodevicesthatcansupportaversionoftheMQTTclient.However,thisworkalsorealisedthatduetothevariationsinthesoftwareofeachthing,itisnecessarytobuildspecificcommunicationmodulesthatcaninitiateconnectionstoeach“thing”.MQTThowever,canprovideanabstractionlayerontopofwhichfunctionalitycanbefurtherdevelopedtoindeedestablishconnectionstoeachIoTonagivenLAN.

Duringtheprojectdevelopment,wefurtherexploreddifferentapproachestointerconnectivityandsecurity,aswellastheintrinsicdifficultiesinsecuringthehardwareofconstraineddevices.ConflictsintheestablishmentofasinglestandardthatcangaintheconsensusofIoTdevicemanufacturers,alongwithdesignflawssuchasnotallowinguserstomodifydefaultpasswordsonolderdevicesordesignsthatoverlookinterconnectivitysecuritybykeepingportsopentoincomingunauthenticatedconnections,thesehaveallcontributedtowardsturninginternet-enableddevicesintomalware-enableddevices.

OnthefutureofIoTsecurity,thesubjectisevermorepertinentwiththegrowthofIoTdevicesalesandthesuccessofcommercialgiantssuchasAmazoninacceleratingthedeploymentofnewIoTsolutionstothemarket.ItispossiblethatthecommercialsuccessofAmazonwillfacilitateitsroleinadvocatingforbestsecuritypracticeswhenestablishingIoTconnections,andsoitsstandardsmayresonatemorequicklywiththeindustrythanthestandardsadvocatedbytheIEEEortheWi-FiAlliance–albeitsuchstandardmaynevertrulymaterialise.Asso,ratherthanwaitingforastandardorasingleauthoritytoleadsecurityefforts,thebestapproachtoenablesecurityiscentralisingthemanagementofourIoTdevicesthroughanIoTHuB:usinganeasyinterfaceandanapplicationthatcanprovideforanabstractionlayertoalldevicesandencryptconnectionstoIoT.Thiswouldbethesolutiontoavoidinterferenceandmalwareattacksfromtheoutsideworld,thusstrivingforabetter,moresecurefuturefortheInternetofThings.

References1. deMeloSilva,C.C.,Ferreira,H.G.C.,deSousaJúnior,R.T.etal.WirelessPersCommun

[internet]2016.91:1711.doi:10.1007/s11277-015-3168-6.Availablefromhttp://link.springer.com.ezproxy.library.qmul.ac.uk/article/10.1007%2Fs11277-015-3168-6[Accessed4thMay2017]

2. S.Tomovic,K.Yoshigoe,I.Maljevic,etal.Software-DefinedFogNetworkArchitectureforIoT.WirelessPersCommun[internet][2017]92:181.doi:10.1007/s11277-016-3845-0Availablefromhttps://link-springer-com.ezproxy.library.qmul.ac.uk/article/10.1007%2Fs11277-016-3845-0[Accessed14thJuly2017]

3. R.Meulen.GartnerSays8.4BillionConnected"Things"WillBeinUsein2017,Up31PercentFrom2016[internet][2017].Availablefromhttp://www.gartner.com/newsroom/id/3598917[Accessed4thMay2017]

4. Cisco[2011][internet][cited2017April8th]Availablefromhttp://www.cisco.com/c/dam/en_us/about/ac79/docs/innov/IoT_IBSG_0411FINAL.pdf[Accessed4thMay2017]

5. M.Reynolds.TalkTalkandPostOfficecustomershitbyMiraiwormattack29Nov2016.Availablefromhttp://www.wired.co.uk/article/deutsche-telekom-cyber-attack-mirai

Page 16: Designing an open source IoT Hub: bridging interoperability and … · 2020-03-17 · Designing an open source IoT Hub: bridging interoperability and security gaps with MQTT and your

6. K.BatoolandM.A.Niazi,Modelingtheinternetofthings:ahybridmodelingapproachusingcomplexnetworksandagent-basedmodels,ComplexAdaptiveSystemsModeling[2017]5:4DOI:10.1186/s40294-017-0043-1Published:24March2017[Internet]Availablefromhttps://casmodeling.springeropen.com/articles/10.1186/s40294-017-0043-1

7. L.F.Rahman,T.Ozcelebi,J.J.Lukkien.ChoosingYourIoTProgrammingFramework:ArchitecturalAspects.FutureInternetofThingsandCloud(FiCloud),2016IEEE4thInternationalConference[2016]DOI:10.1109/FiCloud.2016.49[internet]Availablefromhttp://ieeexplore.ieee.org.ezproxy.library.qmul.ac.uk/document/7575877/

8. Wi-FiAlliance.DiscoverWi-Fi.Wi-FiDirect.[2017]Availablefromhttp://www.wi-fi.org/discover-wi-fi/wi-fi-direct

9. C.Bormann,A.P.CastellaniandZ.Shelby,"CoAP:AnApplicationProtocolforBillionsofTinyInternetNodes,"inIEEEInternetComputing,vol.16,no.2,pp.62-67,March-April2012.doi:10.1109/MIC.2012.29.Availablefrom:http://ieeexplore.ieee.org.ezproxy.library.qmul.ac.uk/stamp/stamp.jsp?tp=&arnumber=6159216&isnumber=6159208

10. Golandetal.SimpleServiceDiscoveryProtocol/1.0OperatingwithoutanArbiter<draft-cai-ssdp-v1-03.txt>.InternetEngineeringTaskForce[internet]Availablefromhttps://tools.ietf.org/html/draft-cai-ssdp-v1-03

11. AWSIoTDeveloperGuide[online]Availablefromhttp://docs.aws.amazon.com/iot/latest/developerguide/protocols.html

12. R.A.Light.Mosquitto:serverandclientimplementationoftheMQTTprotocol.TheJournalofOpenSourceSoftware,vol.2,no.13,May2017,DOI:10.21105/joss.00265Availablefromhttp://dx.doi.org/10.21105/joss.00265

13. H.C.Hwang,J.Park,&J.G.Shon.DesignandImplementationofaReliableMessageTransmissionSystemBasedonMQTTProtocolinIoT.WirelessPersCommun(2016)91:1765.doi:10.1007/s11277-016-3398-2[Internet]Availablefromhttps://link-springer-com.ezproxy.library.qmul.ac.uk/article/10.1007%2Fs11277-016-3398-2

14. CoAPoverview.Availablefromhttp://coap.technology/15. MQTTOASISspecification,Availablefromhttp://docs.oasis-

open.org/mqtt/mqtt/v3.1.1/os/mqtt-v3.1.1-os.html[Accessed4thMay2017]16. M.Centenaro,L.Vangelista,A.Zanella,andM.Zorzi,Long-RangeCommunicationsin

UnlicensedBands:theRisingStarsintheIoTandSmartCityScenarios.IEEEWirelessCommunications,Vol.23,Oct.[2016][Internet]Availablefromhttps://arxiv.org/pdf/1510.00620.pdf[Accessed4thMay2017]

17. Ş.Arseni,M.Miţoi,A.Vulpe.Pass-IoT:Aplatformforstudyingsecurity,privacyandtrustinIoT[2016]InternationalConferenceonCommunications(COMM),DOI:10.1109/ICComm.2016.7528258Availablefromhttp://ieeexplore.ieee.org.ezproxy.library.qmul.ac.uk/document/7528258/[Accessed4thMay2017]

18. M.B.Chung,H.Choo.Nearwireless-controltechnologybetweensmartdevicesusinginaudiblehigh-frequencies.H.MultimedToolsAppl[2015]74:5955.doi:10.1007/s11042-014-1901-xAvailablefromhttps://link-springer-com.ezproxy.library.qmul.ac.uk/article/10.1007%2Fs11042-014-1901-x[Accessed4thMay2017]

19. S.M.A.Oteafy,H.S.HassaneinResilientIoTArchitecturesOverDynamicSensorNetworksWithAdaptiveComponentsDOI:10.1109/JIOT.2016.2621998Publisher:IEEE

Page 17: Designing an open source IoT Hub: bridging interoperability and … · 2020-03-17 · Designing an open source IoT Hub: bridging interoperability and security gaps with MQTT and your

[201]Availablefromhttp://ieeexplore.ieee.org.ezproxy.library.qmul.ac.uk/document/7707340/?reload=true

20. R.Lea,M.Blackstock.SmartCitites:anIoT-centricApproachProceedingIWWISS'14Proceedingsofthe2014InternationalWorkshoponWebIntelligenceandSmartSensing[2014]Availablefromhttp://dl.acm.org.ezproxy.library.qmul.ac.uk/citation.cfm?id=2637096[Accessed4thMay2017]

21. D.Happ,N.Karowski,T.Menzel,V.Handziski,A.Wolisz.MeetingIoTplatformrequirementswithopenpub/subsolutions.Ann.Telecommun.[2017]72:41.doi:10.1007/s12243-016-0537-4.Availablefromhttps://link-springer-com.ezproxy.library.qmul.ac.uk/article/10.1007%2Fs12243-016-0537-4[Accessed4thMay2017]

22. Homeassistant.Versiontested:0.48.0.Released:July02,2017.Availablefromhttps://home-assistant.io/[Accessed7thJuly2017]

23. PortDiscoveryAndroidApplication,opensourcerepository.Availablefromhttps://github.com/aaronjwood/PortAuthority/[Accessed16thJune2017]

24. AndroiddeveloperNSDManagerreferencedocumentation.Availablefromhttps://developer.android.com/reference/android/net/nsd/NsdManager.html#discoverServices(java.lang.String,int,android.net.nsd.NsdManager.DiscoveryListener)[Accessed16thJune2017]

25. C.KarasiewiczWhyFacebookisusingMQTTonmobileIBMblog.Availablefromhttps://www.ibm.com/developerworks/community/blogs/mobileblog/entry/why_facebook_is_using_mqtt_on_mobile?lang=en[Accessed8thJuly2017]

26. HiveMQ.MQTTEssentialsAvailablefromhttp://www.hivemq.com/blog/mqtt-essentials-part-3-client-broker-connection-establishment;HiveMQMQTToverWebsocketsAvailablefromhttp://www.hivemq.com/blog/mqtt-over-websockets-with-hivemq[Accessed12thJuly2017]

27. M.Murphy.TheInternetofThingsandthethreatitposestoDNS.NetworkSecurityVolume2017,Issue7,July2017,Pages17–19[online]19July2017.Availablefromhttps://doi.org/10.1016/S1353-4858(17)30072-7[Accessed30thJuly2017]

28. G.Schultz.Usingssh:Dosecurityrisksoutweighthebenefits?NetworkSecurityVolumeIssue10,October[2004],Pages7-10.https://doi.org/10.1016/S1353-4858(04)00143-6Availablefromhttp://www.sciencedirect.com.ezproxy.library.qmul.ac.uk/science/article/pii/S1353485804001436?_rdoc=1&_fmt=high&_origin=gateway&_docanchor=&md5=b8429449ccfc9c30159a5f9aeaa92ffb[Accessed27thJuly2017]

29. C.Lesjaketal.Securingsmartmaintenanceservices:Hardware-securityandTLSforMQTTConferenceProceedings:IndustrialInformatics(INDIN),2015IEEE13thInternationalConferenceonSecuringsmartmaintenanceservices:Hardware-securityandTLSforMQTT[Accessed28thJuly2017]

30. A.Mektoubietal.NewapproachforsecuringcommunicationoverMQTTprotocolAcomparisonbetweenRSAandEllipticCurve.Publishedin:SystemsofCollaboration(SysCo),InternationalConferenceon[2016].DOI:10.1109/SYSCO.2016.7831326.Publisher:IEEEAvailablefromhttp://ieeexplore.ieee.org.ezproxy.library.qmul.ac.uk/document/7831326/[Accessed7thJuly2017]

Page 18: Designing an open source IoT Hub: bridging interoperability and … · 2020-03-17 · Designing an open source IoT Hub: bridging interoperability and security gaps with MQTT and your

31. R.Graham.RobertGrahamfromErrataSecurityconductsCameraExperienceanddetailstheinfectionprocessontwitter.Availablefromhttps://twitter.com/ErrataRob/status/799556482719162368[Accessed28thJuly2017]

32. (usedtobe47)Caoet.Al.Hey,you,keepawayfrommydevice:remotelyimplantingavirusexpellertodefeatMiraionIoTdevices.ReportNumberPSU-S2-TR-2017-04001, arXiv:1706.05779[cs.CR]June2017[online][2017]Availablefromhttps://arxiv.org/pdf/1706.05779.pdf[Accessed26thJuly2017]

33. 48Y.M.PaPa,S.Suzuki,K.Yoshioka,T.Matsumoto,T.Kasama,C.Rossow.IoTPOT:AnalysingtheRiseofIoTCompromises.9thUSENIXWorkshoponOffensiveTechnologies.USENIXAssociation,2015[online]Availablefromhttps://www.usenix.org/system/files/conference/woot15/woot15-paper-pa.pdf[Accessed14thMay2017]

34. McAfeeLabsThreatsReportApril2017[2017][online]Availablefromhttps://www.mcafee.com/us/resources/reports/rp-quarterly-threats-mar-2017.pdf[Accessed12thMay2017]

35. D.Goodin.Newlydiscoveredrouterflawbeinghammeredbyin-the-wildattacksResearchersdetectbarrageofexploitstargetingpotentiallymillionsofdevices.PublishedinArsTechnica28November2016[online]Availablefromhttps://arstechnica.com/information-technology/2016/11/notorious-iot-botnets-weaponize-new-flaw-found-in-millions-of-home-routers/[Accessed23rdJune2017]

36. EuropeanUnionAgencyforNetworkandInformationSecurity.“Mirai”malware,attacksHomeRouters.PublishedDecember14,2016.Availablefromhttps://www.enisa.europa.eu/publications/info-notes/mirai-malware-attacks-home-routers[Accessed25thJune2017]

37. B.Boucheron.HowtoInstallandSecuretheMosquittoMQTTMessagingBrokeronUbuntu16.04.December9,2016[online].Availablefromhttps://www.digitalocean.com/community/tutorials/how-to-install-and-secure-the-mosquitto-mqtt-messaging-broker-on-ubuntu-16-04[Accessed25thJune2017]

38. EclipsePahoLibraries.Availablefrom:https://eclipse.org/paho/clients/java/[Accessed25thJune2017]


Rotary Community Hub - Microsoft › ... › Rotary-Community-Hub… · Social Services Hub Youth Hub Health & Fitness Hub Seniors Hub Health & Primary Care Hub Child & Family Hub

Interoperability with ArcGIS...Developer. Achieving Interoperability – Different Approaches ... ETL. Open. Interoperability. Data Transformations using the . Data Interoperability

Bridging the Governance Gap: Interoperability for blockchain ......2020/12/18  · experiments on interoperability have demonstrated DLT‑to‑legacy integration to be useful in many

Achieving Stage 3 Promoting Interoperability with ... · Health Data (import Questionnaire from portal) • Click Progress Notes > healow Hub icon (red square bracket with downward-facing

BIG IoT – Bridging the Interoperability Gap of the ...big-iot.eu/wp-content/uploads/2016/04/Deliverable-6.2.a-Outreach...BIG IoT – Bridging the Interoperability Gap of the Internet

Foresight4Food International Workshop · 2. Synthesis and analysis of existing foresight work 3. Foresight resource portal, dashboard and communication materials 4. Bridging hub for

Discovery Hub Product Introduction - Advantech Wireless · 2018. 2. 24. · Discovery 100 •Full DVB-RCS compliance and interoperability • Lowest cost solution for starter system

BIG IoT – Bridging the Interoperability Gap of the Internet of …big-iot.eu/wp-content/uploads/2016/04/Deliverable-3.2.a... · 2017-01-27 · BIG IoT – Bridging the Interoperability

The Holy Grail: interoperability of interoperability …ectp.ectp.org/documentation/Conference2009/D2-14-TheHolyGrail...The Holy Grail: interoperability of interoperability standards

ITU-T Standardization Activities and Conformity and Interoperability Vijay Mauree, Programme Co-ordinator, TSB, ITU Regional Workshop on Bridging the Standardization

Bridging the Interoperability Gap: Overcoming Combined ... · Bridging the Interoperability Gap: Overcoming Combined Application and Middleware Heterogeneity Y erom-David Bromberg1,

Bridging People Bridging Paradigms

Apresenta o do PowerPoint - AFIA · • Available funding: €1.1 billion • Objectives: • Removing bottlenecks, enhancing rail interoperability, bridging missing links (cross-border

BRIDGING THE GAP BETWEEN CLINICAL RESEARCH AND CARE Philips Research Europe Brussels, February 2012 EHR4CR WP4-Semantic Interoperability: Convergence Meeting

BRIDGING THE SKILLS GAP · BRIDGING THE SKILLS GAP CREATING AN ENTERPRISE HUB LEADING BY EXAMPLE: SUSTAINABILITY THOUGHT LEADERSHIP SERIES ... The Enterprise Hub will work towards

Enterprise Interoperability: Interoperability for Agility ... · Enterprise Interoperability Interoperability for Agility, ... On Optimizing Collaborative ... Enterprise Interoperability:

NETCONF Interoperability Testing - Jacobs …cnds.eecs.jacobs-university.de/...netconf-interoperability-testing.pdf · NETCONF Interoperability Testing Describe a NETCONF interoperability

RCS Interconnect Hub: Driving global interconnectivity · 2013. 12. 4. · The RCS Interconnect Hub will play an intrinsic role in bridging the Telco world with the internet based

Bridging the Interoperability Gap of the Internet of Things · 2018-10-25 · BIG IoT Parking App Services: Parking Spot Availability Service Platforms: APM / TIC Platform, WorldSensing

Moodle as the central hub of learning with tools plugged in –learning tool interoperability

A Bridging Framework for Universal Interoperability in ...rama/pubs/jnakazawa-bridging.pdf · tive platform. For example, a Bluetooth BIP device may be represented as a MediaServer

An approach for OSGi and DPWS interoperability: Bridging enterprise application with shop-floor

Standards & interoperability M. Giacomini DIBRIS ... · Interoperability Semantic Interoperability Technical Interoperability SO A Ability to transport data from system A ... Interoperability

Interoperability and Preservation with the Hub and Spoke (HandS) Matt Cordial, Tom Habing, Bill Ingram, Robert Manaster University of Illinois Urbana-Champaign

Bridging the Gap...Bridging the Gap European C4ISR Capabilities and Transatlantic Interoperability Gordon Adams, Guy Ben-Ari, John Logsdon, Ray Williamson The George Washington University

Solutions for bridging IT/OT convergence in intelligent ... · Smart Solutions Promotes multi-vendor interoperability, vendor competition, and customer choice Robust certification

The EDGeS project receives Community research funding 1 Bridging EGEE to BOINC and XtremWeb GIN : From interoperation to interoperability

CPO: Openness in IoT/ Industry 4 - European Commission · Openness: Bridging Technology and Business by • CPO is a Standard Criteria Catalogue for – Interoperability, Infrastructure,

INTEROPERABILITY - Osplabs · Introduction Understanding Interoperability The Aims and Means of Interoperability Types of Interoperability Mapping of Interoperability Standards How

AES67-2013 - audioXpress... Audio Video Bridging (AVB) ... AES67 promises to create interoperability between audio networks, ... home audio models including 4 true dipoles

Bridging the Gap 5 C4ISR Gap.pdfBridging the Gap European C4ISR Capabilities and Transatlantic Interoperability Gordon Adams, Guy Ben-Ari, John Logsdon, Ray Williamson The George Washington

ATI IOP HUB - Home - ATI for Toll Interoperability ATI IOP HUB A comprehensive review of history, benefits, requirements, cost and services for North American

IoT Interoperability: a Hub-based Approach

INITIAL RESPONSE HUB - DTICINITIAL RESPONSE HUB: BRIDGING THE GAP BETWEEN STATE AND FEDERAL RESOURCES by Barry D. Gorter, Lt Col, USAF A Research Report Submitted to the Faculty In

A Bridging Framework for Universal Interoperability in ... · present uMiddle, a bridging framework for universal inter-operability that sits at a compelling point in that design