IoT Security Issues and MQTT

Survey after survey puts IoT security as a primary concern for enterprises. As IoT proliferation grows, vulnerabilities, and attacks are also growing.

As the defacto protocol for IoT, the MQTT standard has been consistently evolving between version 3.1.1 and version 5, it has a large repertoire of security features which, if implemented well, can thwart many kinds of attacks including denial of service and man in the middle attacks.

Technical architects and IoT developers know that a solid security architecture for IoT will require encryption, authentication and authorization to run at scale. It is not an easy feat.

In this webinar, we discussed the key security features of the MQTT protocol and how those are further enhanced with the HiveMQ Enterprise Security Extension.

Contents of the Webinar:

• 0:00 - Introduction
• 2:13 - Why is IoT Security top-of-mind for developers & architects?
• 8:33 - What's special about MQTT?
• 12:53 - How MQTT helps secure IoT?
• 13:00 - Authentication & Authorization
• 14:46 - Advanced authentication options
• 15:27 - Using certificates for TLS
• 17:19 - What to consider when using X.509 based authentication with MQTT
• 21:36 - OCSP Stapling: Authorization at Scale.
• 23:50 - Client Authentication.
• 26:26 - Authorization
• 27:44 - Permissions
• 30:29 - Encryption
• 32:58 - DoS and Overload Protection.
• 34:25 - Criteria for selecting the right MQTT Broker
• 35:38 - HiveMQ Security Architecture
• 36:22 - HiveMQ Enterprise Security Extension
• 38:26 - Q&A
• 40:54 - Does it make sense to combine multiple approaches: having certificate-based security on the TLS layer and on the top of that OAuth token security?
• 44:32 - How is MQTT 5 different in terms of security from MQTT 3?
• 56:09 - As an OEM manufacturer, how do I secure or anonymize my clients' data beyond segregation with topics?
• 58:05 - Can you share security tips on IT & OT team enterprise and domain architectures.

About the Speaker

Gaurav has led Product Marketing at HiveMQ since 2021. Based in Ottawa, Canada, Gaurav is an engineer by education and a marketer by profession. He has worked in telecoms, networking, unified communications, software-defined-storage and software broker technologies. As a former Solutions Architect and a Product Manager, Gaurav’s work in Marketing carries a blend of technological depth and the big picture.

 

Gaurav Suman on LinkedIn