簡易檢索 / 詳目顯示
| 研究生: |
杜晉瑋 Du, Jin-Wei |
|---|---|
| 論文名稱: |
實作具MQTT協定的安全物聯網閘道器 Implement a Secure IoT Gateway with MQTT Protocol |
| 指導教授: |
侯廷偉
Hou, Ting-Wei |
| 學位類別: |
碩士 Master |
| 系所名稱: |
工學院 - 工程科學系 Department of Engineering Science |
| 論文出版年: | 2021 |
| 畢業學年度: | 109 |
| 語文別: | 中文 |
| 論文頁數: | 37 |
| 中文關鍵詞: | MQTT 、閘道器 、資訊安全 、嵌入式系統 |
| 外文關鍵詞: | MQTT, Gateway, Information Security, Embedded Systems |
| 相關次數: | 點閱:276 下載:49 |
| 分享至: |
| 查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報 |
本論文針對物聯網閘道器應有的基本資安需求加以整理,並設計和實作一款具MQTT加密通訊的物聯網閘道器,讓無法使用加密通訊的終端設備如傳感器或控制器能使用加密通訊進行訊息傳輸。
本論文在使用ARM9規格的ARMv5晶片的開發板上實作MQTT建立與伺服器之間的通訊,且利用傳輸層安全性協定(TLS)為通訊訊息進行加密。也在此開發板上架設網頁伺服器利用網頁提供使用者一個簡易的圖形介面,可供使用者設定開發板系統和MQTT的各種參數設定。
This research reviews the information security requirement of IoT gateways and summarize the requirements for the implementation of an IoT gateway that uses MQTT encrypted communication. This gateway can collect data form sensors or controllers and perform encrypted communication between the gateway and the cloud server.
The IoT gateway in this research uses the ARM9 processor with ARMv5 architecture. This research uses TLS mutual authentication for MQTT encrypted communication. TLS mutual authentication allows the gateway and cloud server to verify each other's identity, and then perform encrypted communication.
In addition, we also use the webpage to provide a graphical interface to set the parameters of the system and MQTT. The web communication process also uses TLS mutual authentication for encrypted communication.
[1] ICSAlabs, [Online].Available: https://www.icsalabs.com/, last retrieve 26 July 2021.
[2] OWASP,”OWASP Top 10”, [Online].Available: https://owasp.org/www-project-top-ten/, last retrieve 23 July 2021.
[3] Ghosh, S.; Sampalli, S. "A Survey of Security in SCADA Networks: Current Issues and Future Challenges." IEEE Access 2019, 7,135812–135831.
[4] Ferst, M.K.; de Figueiredo, H F.; Lopes, J. "Implementation of Secure Communication With Modbus and Transport Layer Security protocols. " 2018 13th IEEE International Conference on Industry Applications (INDUSCON), Sao Paulo,Brazil, 12–14 November 2018, pp. 155–162.
[5] Figueroa-Lorenzo, S.; Añorga, J.; Arrizabalaga, S. "A Role-Based Access Control Model in Modbus SCADA Systems." Sensors 2019, 19, 4455.
[6] Yang, Yu-Sheng, Shih-Hsiung Lee, Wei-Che Chen, Chu-Sing Yang, Yuen-Min Huang, and Ting-Wei Hou. 2021. "TTAS: Trusted Token Authentication Service of Securing SCADA Network in Energy Management System for Industrial Internet of Things." Sensors 21, no. 8: 2685.
[7] MQTT Header, [Online].Available: http://docs.oasis-open.org/mqtt/mqtt/v3.1.1/os/mqtt-v3.1.1-os.html, last retrieve 05 July 2021.
[8] Transport Layer Security, [Online].Available: https://datatracker.ietf.org/doc/html/rfc2246 , last retrieve 18 July 2021.
[9] Internet Protocol Suite, [Online].Available: https://datatracker.ietf.org/doc/html/rfc1180, last retrieve 18 July 2021.
[10] Symmetric-key algorithm, [Online].Available: http://www.faqs.org/faqs/by-newsgroup/sci/sci.crypt.html, last retrieve 18 July 2021.
[11] Public-key cryptography, [Online].Available: http://www.faqs.org/faqs/by-newsgroup/sci/sci.crypt.html, last retrieve 20 July 2021.
[12] Embedded Linux, [Online].Available: https://www.kernel.org, last retrieve 05 July 2021.
[13] ARM, [Online].Available: http://www.arm.com/index.php, last retrieve 05 July 2021.
[14] NUVOTON, NuMaker NUC980 IIoT User Manual, [Online]. Available: https://www.nuvoton.com/export/resourcefiles/NuMaker_NUC980_IIoT_User_Manual.pdf, last retrieve 03 July 2021.
[15] Paho-MQTT, [Online]. Available: https://www.eclipse.org/paho/, last retrieve 03 July 2021.
[16] OpenSSL, [Online]. Available: https://www.openssl.org/, last retrieve 18 July 2021.
[17] Lighttpd, [Online]. Available: https://www.lighttpd.net/, last retrieve 03 July 2021.
[18] The National Center for Cyber Security Technology [Online]. Available: https://www.nccst.nat.gov.tw/Default?lang=zh, last retrieve 13 July 2021.
校內:立即公開校外:立即公開