Skip to Content
Practical Internet of Things Security - Second Edition
book

Practical Internet of Things Security - Second Edition

by Brian Russell, Drew Van Duren
November 2018
Intermediate to advanced
382 pages
11h 20m
English
Packt Publishing
Content preview from Practical Internet of Things Security - Second Edition

Passwords

Some protocols, such as MQTT, only provide the ability to use a username/password combination for native-protocol authentication purposes. Within MQTT, the connect message includes the fields for passing this information to an MQTT broker. In the MQTT Version 3.1.1 specification defined by OASIS, you can see these fields within the connect message (reference: http://docs.oasis-open.org/mqtt/mqtt/v3.1.1/os/mqtt-v3.1.1-os.html):

There are no protections applied to support the confidentiality of the username/password in transit by the MQTT protocol. Instead, implementers should consider using the Transport Layer Security (TLS) protocol ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Practical Industrial Internet of Things Security

Practical Industrial Internet of Things Security

Sravani Bhattacharjee
Demystifying Internet of Things Security: Successful IoT Device/Edge and Platform Security Deployment
Core Software Security

Core Software Security

James Ransome, Anmol Misra
IoT Security

IoT Security

Madhusanka Liyanage, An Braeken, Pardeep Kumar, Mika Ylianttila

Publisher Resources

ISBN: 9781788625821Other