Securing MQTT for IoT communication


IoT edge device are more useful and powerful if connect with other devices, IoT Gateway or even with the cloud. MQTT is a popular lightweight publish/subscribe messaging protocol for the IoT ecosystem that sits on top of the TCP protocol stack. There are two parts for securing MQTT. One is to use digital certificate to secure the data in transit. The second part is to use OAuth2 to authenticate and authorize both the publisher and subscriber that are connected to the MATT broker. This session will begin with explaining how MQTT works which includes it's terminologies, architecture and how it fits into IoT as a whole. Next, an introduction of certificate based data protection and flow into using TLS to encrypt the data between the publisher and subscriber to the MQTT broker (will use Mosquitto as an example). Session will have a live demo on how to configure and test TLS at the IoT Gateway and create a digital certificate on a MQTT client. Session will continue to explain the concept of a client, resource server, authorization server and resource owner in OAuth2 as well as JSON Web Token (JWT) format as it is popularly used in the protocol. Also explain to the audience how OAuth2 can help with authentication and authorization of the devices that are connected to the MQTT broker. Session will end with a live demo on integrating MQTT and OAuth2.

Room 104
Friday, March 9, 2018 - 13:30 to 14:30