Biblio
With the growing use of the Robot Operating System (ROS), it can be argued that it has become a de-facto framework for developing robotic solutions. ROS is used to build robotic applications for industrial automation, home automation, medical and even automatic robotic surveillance. However, whenever ROS is utilized, security is one of the main concerns that needs to be addressed in order to ensure a secure network communication of robots. Cyber-attacks may hinder evolution and adaptation of most ROS-enabled robotic systems for real-world use over the Internet. Thus, it is important to address and prevent security threats associated with the use of ROS-enabled applications. In this paper, we propose a novel approach for securing ROS-enabled robotic system by integrating ROS with the Message Queuing Telemetry Transport (MQTT) protocol. We manage to secure robots' network communications by providing authentication and data encryption, therefore preventing man-in-the-middle and hijacking attacks. We also perform real-world experiments to assess how the performance of a ROS-enabled robotic surveillance system is affected by the proposed approach.
Message Queue Telemetry Transport (MQTT) is widely accepted as a data exchange protocol in Internet of Things (IoT) environment. For security, MQTT supports Transport Layer Security (MQTT-TLS). However, MQTT-TLS provides thing-to-broker channel encryption only because data can still be exposed after MQTT broker. In addition, ACL becomes impractical due to the increasing number of rules for authorizing massive IoT devices. For solving these problems, we propose MQTT Thing-to-Thing Security (MQTT-TTS) which provides thing-to-thing security which prevents data leak. MQTT-TTS also provides the extensibility to include demanded security mechanisms for various security requirements. Moreover, the transparency of MQTT-TTS lets IoT application developers implementing secure data exchange with less programming efforts. Our MQTT-TTS implementation is available on https://github.com/beebit-sec/beebit-mqttc-sdk for evaluation.
Internet of Things (IoT) stack models differ in their architecture, applications and needs. Hence, there are different approaches to apply IoT; for instance, it can be based on traditional data center or based on cloud computing. In fact, Cloud-based IoT is gaining more popularity due to its high scalability and cost effectiveness; hence, it is becoming the norm. However, Cloud is usually located far from the IoT devices and some recent research suggests using Fog-Based IoT by using a nearby light-weight middleware to bridge the gap and to provide the essential support and communication between devices, sensors, receptors and the servers. Therefore, Fog reduces centrality and provides local processing for faster analysis, especially for the time-sensitive applications. Thus, processing is done faster, giving the system flexibility for faster response time. Fog-Based Internet of Things security architecture should be suitable to the environment and provide the necessary measures to improve all security aspects with respect to the available resources and within performance constraints. In this work, we discuss some of these challenges, analyze performance of Fog based IoT and propose a security scheme based on MQTT protocol. Moreover, we present a discussion on security-performance tradeoffs.