The demand for privacy in the current digital era is continuously growing. This is particularly true in the context of IoT, in which huge amounts of data are handled. Communication anonymity is a fundamental requirement when high privacy levels should be guaranteed. On the other hand, very little attention has been devoted to this problem in the past scientific literature, when referring to MQTT, which is the de-facto standard for IoT communication. In this paper, we try to cover this gap. Specifically, we propose a new protocol, called MQTT-A, which extends the MQTT bridging mechanism to support the anonymity of both publishers and subscribers. This task is accomplished through the P2P collaboration of intermediate bridge brokers, which forward the requests of clients so that the final broker cannot understand the actual source/destination. Moreover, an anonymity-preserving topic discovery mechanism is provided, which allows clients to discover available topics and associated brokers, preventing client identification. Importantly, all the MQTT-A messages are exchanged by leveraging standard MQTT primitives and the bridging mechanism natively offered by MQTT. This allows us not to require changes in the standard MQTT infrastructure. To validate the performance of our solution, we performed a deep experimental campaign by deploying the bridge brokers on cloud platforms in various countries of the world. The experimental validation shows that, the price of latency we have to pay because of the trade-off with anonymity is quite reasonable. Moreover, no significant impact on goodput occurs in the case of good network conditions.

MQTT-A: A broker-bridging P2P architecture to achieve anonymity in MQTT

Francesco Buccafurri
;
Vincenzo De Angelis;Sara Lazzaro
2023-01-01

Abstract

The demand for privacy in the current digital era is continuously growing. This is particularly true in the context of IoT, in which huge amounts of data are handled. Communication anonymity is a fundamental requirement when high privacy levels should be guaranteed. On the other hand, very little attention has been devoted to this problem in the past scientific literature, when referring to MQTT, which is the de-facto standard for IoT communication. In this paper, we try to cover this gap. Specifically, we propose a new protocol, called MQTT-A, which extends the MQTT bridging mechanism to support the anonymity of both publishers and subscribers. This task is accomplished through the P2P collaboration of intermediate bridge brokers, which forward the requests of clients so that the final broker cannot understand the actual source/destination. Moreover, an anonymity-preserving topic discovery mechanism is provided, which allows clients to discover available topics and associated brokers, preventing client identification. Importantly, all the MQTT-A messages are exchanged by leveraging standard MQTT primitives and the bridging mechanism natively offered by MQTT. This allows us not to require changes in the standard MQTT infrastructure. To validate the performance of our solution, we performed a deep experimental campaign by deploying the bridge brokers on cloud platforms in various countries of the world. The experimental validation shows that, the price of latency we have to pay because of the trade-off with anonymity is quite reasonable. Moreover, no significant impact on goodput occurs in the case of good network conditions.
2023
Anonymity , Privacy , IoT , MQTT bridging , P2P
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/20.500.12318/135529
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 3
  • ???jsp.display-item.citation.isi??? 2
social impact