Kannisto.org

Petri Kannisto's homepage – about software systems and research

External Token-based Authorization of Data-driven Integrations and Service Compositions in MQTT 5

D. Hästbacka, M. Tran, P. Kannisto, M. Filppula, and P. Varga, "External Token-based Authorization of Data-driven Integrations and Service Compositions in MQTT 5", in 49th Annual Conference of the IEEE Industrial Electronics Society (IECON), 2023, pp. 1-6. doi:10.1109/IECON51785.2023.10311779

Copyright© IEEE
Conference49th Annual Conference of the IEEE Industrial Electronics Society (IECON ), Singapore - https://iecon2023.org
Cite
The citations cannot be guaranteed to be in the correct format!
Full text

Related items at Kannisto.org

Research project(s): DisMa INGA

Keywords

Authorization; Authentication; Third-party services; Data integration; Energy data services; Arrowhead framework; MQTT; JWT

Abstract

Modern connected cyber-physical systems and their integrations to traditional information systems are increasingly dependant on data and data sharing management in their integrations. Many such systems are constantly changing and evolving their composition, often including integrations to third party (data-driven) services. This paper presents a model where a service framework, used to manage microservice configurations, is also utilized to manage access to MQTT Version 5 message topics. A proof of concept is provided demonstrating how Eclipse Arrowhead as the service management layer is capable of taking care of authentication and authorization of publish and subscribe actions to MQTT topics as individually managed data services. The study shows that JSON Web Tokens (JWT) from this service framework can be used in the MQTT Version 5 headers without violating the MQTT specification as demonstrated with HiveMQ as the message broker in the proof of concept implementation.