|
The Message Queuing Telemetry Transport (MQTT) protocol is commonly used in the Internet of Things (IoT) due to its simple and efficient communication method. However, this also brings some security risks, such as arbitrary device publishing and subscription that can cause the IoT system to malfunction. Traditional MQTT access control methods, such as using access control lists (ACL), have some problems, such as security issues in storing permissions and matching efficiency. In this paper, we propose a blockchain-based access control method for IoT MQTT communication, which uses decentralized blockchain to store access control information, solves the problem of single-point failure, and ensures information security. To address the MQTT permission matching issue, we propose a Patricia Trie based adaptive priority topic search tree (PTST). This data structure optimizes the storage consumption of permission information and, for MQTT wildcard matching, uses an adaptive priority permission matching approach, which always searches from high to low priority, greatly improving the matching efficiency. Then we propose an access control model and process based on eXtensible Access Control Markup Language (XACML) standard. In the end, we perform performance testing and comparison with other data structures, and the results show good performance of PTST, demonstrating the feasibility of our scheme.
|
