一個以MQTT與VPN為基礎的兩階段 IoT終端設備認證架構

Abstract

物聯網(Internet of Things/Internet of Everything, IoT/IoE)，其本意是指萬物基於某種方式從而達致萬物互聯之效，物聯網與智慧型裝置快速發展的同時，安全的訊息傳遞時常為大家所忽略。由於目前大多數物聯網設備連線皆採用明碼方式進行連線與訊息交換，且無認證機制確認目前連線的裝置是否有被授權使用。為了讓物聯網終端設備具有身分識別的認證機制與資料傳輸上的安全性。在認證機制上以物聯網通訊標準協定MQTT(Message Queue Telemetry Transport,MQTT)為基礎進行設備授權驗證，並讓整個連線作業，在一個安全的虛擬私有網路(Virtual Private Network,VPN)下運行，以確認其連線與是可被信任。以實驗設計來驗證此架構的安全性與連線效能的穩定度。

Internet of Things / Internet of Everything (IoT / IoE), its intention is that all things based on a way to achieve the effect of all things interconnection, Internet and smart devices the rapid development of the same time, we often ignore the security of messaging. As most of the current Internet connection equipment are used to express the way to connect with the message exchange, and no certification mechanism to confirm whether the current connection device is authorized to use. So that the Internet of things terminal equipment with identity authentication mechanism and data transmission on the security. The device is authenticated on the basis of the MQTT (Message Queue Telemetry Transport, MQTT), and the entire connection is run on a secure virtual private network (VPN) To confirm that its connection with is able to be trusted. Experiments show that the security of this architecture and the stability of connection efficiency.