• صفحه اصلی
  • A Novel Security-by-Design Framework Based on the XMPP Protocol for Intelligent Communications in the Internet of Things

اشتراک گذاری

آدرس مقاله


کد مقاله : 140403171209110 بازدید : 9 صفحه: 9 - 20

10.71856/IMPCS.2025.1209110

نوع مقاله: پژوهشی

A Novel Security-by-Design Framework Based on the XMPP Protocol for Intelligent Communications in the Internet of Things

محورهای موضوعی : پردازش چند رسانه ای، سیستمهای ارتباطی، سیستمهای هوشمند

Hamid Doustali 1 , Mir Ali Seyedi 2 * , Behzad Lak 3

1 - PhD student in Information Technology Management, Department of computer engineering, S&R.C., Islamic Azad University, Tehran, Iran
2 - Assistant Professor, Department of Computer Engineering, ST.C., Islamic Azad University, Tehran, Iran
3 - Assistant Professor, Department of Computer Engineering, Amin University, Tehran, Iran

تاریخ دریافت : 1403/10/22 تاریخ پذیرش : 1403/12/02 تاریخ انتشار : 1404/01/01

کلید واژه: Internet of Things, XMPP, Security-by-design, Trust management, Fault tolerance, ,

چکیده مقاله :

This article presents a lightweight and federated framework for securing intelligent communication in the Internet of Things (IoT) scope, based on the Extensible Messaging and Presence Protocol (XMPP) with a security-by-design approach. The core innovation lies in embedding security mechanisms within the message-oriented XMPP layer without requiring dedicated hardware, while maintaining full compatibility with resource-constrained devices. The proposed approach integrates TLS/SASL encryption, a dynamic trust management layer, with real-time updates, and capability-based access control. Three threat scenarios message injection, identity spoofing, and DoS attacks have been simulated in the Python environment. Results present that the system achieves 98% privacy preservation, 96% authentication success rate, 87% fault tolerance, an average power consumption of 83 Mw, and a handshake delay of 44 Ms demonstrating significant improvement over baseline methods. These metrics reflect a well-balanced trade-off between security and performance in heterogeneous IoT networks, indicating that the XMPP-SBD framework is a practical solution for scalable and secure IoT deployment.

چکیده انگلیسی:

This article presents a lightweight and federated framework for securing intelligent communication in the Internet of Things (IoT) scope, based on the Extensible Messaging and Presence Protocol (XMPP) with a security-by-design approach. The core innovation lies in embedding security mechanisms within the message-oriented XMPP layer without requiring dedicated hardware, while maintaining full compatibility with resource-constrained devices. The proposed approach integrates TLS/SASL encryption, a dynamic trust management layer, with real-time updates, and capability-based access control. Three threat scenarios message injection, identity spoofing, and DoS attacks have been simulated in the Python environment. Results present that the system achieves 98% privacy preservation, 96% authentication success rate, 87% fault tolerance, an average power consumption of 83 Mw, and a handshake delay of 44 Ms demonstrating significant improvement over baseline methods. These metrics reflect a well-balanced trade-off between security and performance in heterogeneous IoT networks, indicating that the XMPP-SBD framework is a practical solution for scalable and secure IoT deployment.

منابع و مأخذ:

[1] Conzon D, Bolognesi T, Brizzi P, Lotito A, Tomasi R, Spirito MA. The virtus middleware: An xmpp based architecture for secure iot communications. In2012 21st International Conference on Computer Communications and Networks (ICCCN) 2012 Jul 30 (pp. 1-6). IEEE. https://doi.org/10.1109/ICCCN.2012.6289309
[2] Celesti A, Fazio M, Villari M. Enabling secure XMPP communications in federated IoT clouds through XEP 0027 and SAML/SASL SSO. Sensors. 2017 Feb 7;17(2):301. https://doi.org/10.3390/S17020301
[3]Kumar A, Budhiraja I, Garg D, Garg S, Choi BJ, Alrashoud M. Advanced network security with an integrated trust-based intrusion detection system for routing protocol. Alexandria Engineering Journal. 2025 May 1;120:378-90. https://doi.org/10.48084/etasr.10009
[4]Choi J, In Y, Park C, Seok S, Seo H, Kim H. Secure IoT framework and 2D architecture for End-To-End security. The Journal of Supercomputing. 2018 Aug;74:3521-35. https://doi.org/10.1007/S11227-016-1684-0
[5]Lizardo A, Barbosa R, Neves S, Correia J, Araujo F. End-to-end secure group communication for the Internet of Things. Journal of Information Security and Applications. 2021 May 1;58:102772. https://doi.org/10.1016/J.JISA.2021.102772
[6]Yu KK, Ng CY, inventors; Skyi Technology Ltd, assignee. Establishing secure communication over an internet of things (IoT) network. United States patent US 10,164,951. 2018 Dec 25.
[7]Bhardwaj A. Building a Smart Security Framework for IoT/IIoT. InSmart and Agile Cybersecurity for IoT and IIoT Environments 2024 (pp. 102-127). IGI Global. https://doi.org/10.4018/979-8-3693-3451-5.ch005
[8]Hamad SA, Sheng QZ, Zhang WE. Security Framework for The Internet of Things Applications. CRC Press; 2024 May 29. https://doi.org/10.1201/9781003478683
[9]Iqbal M, Laksmono AM, Prihatno AT, Pratama D, Jeong B, Kim H. Enhancing iot security: Integrating mqtt with aria cipher 256 algorithm cryptography and mbedtls. In2023 International Conference on Platform Technology and Service (PlatCon) 2023 Aug 16 (pp. 91-96). IEEE. https://doi.org/10.1109/platcon60102.2023.10255171
[10]. Alruwaili O, Alotaibi FM, Tanveer M, Chaoui S, Armghan A. PSAF-IoT: Physically secure authentication framework for the Internet of Things. IEEE Access. 2024 May 30. https://doi.org/10.1109/access.2024.3407353
[11]Sahmi I, Abdellaoui A, Mazri T, Hmina N. MQTT-PRESENT: Approach to secure internet of things applications using MQTT protocol. International Journal of Electrical & Computer Engineering (2088-8708). 2021 Oct 1;11(5). https://doi.org/10.11591/IJECE.V11I5.PP4577-4586
[12]Siavvas M, Gelenbe E, Tsoukalas D, Kalouptsoglou I, Mathioudaki M, Nakip M, Kehagias D, Tzovaras D. The IoTAC software security-by-design platform: Concept, challenges, and preliminary overview. In2022 18th International Conference on the Design of Reliable Communication Networks (DRCN) 2022 Mar 28 (pp. 1-6). IEEE. https://doi.org/10.1109/drcn53993.2022.9758028
[13]Loganathan BS, Jaganathan SP. Secure and efficient device‐to‐device communication in IoT: The DMBSOA‐enhanced MQTT protocol. Transactions on Emerging Telecommunications Technologies. 2024 Aug;35(8):e5024. https://doi.org/10.1002/ett.5024
[14]Anani W, Ouda A. A Secure Lightweight Wireless M-Bus Protocol for IoT: Leveraging the Noise Protocol Framework Un protocole Bus-C sans fil léger et sécurisé pour les applications de l’IdO: Exploiter le cadre du protocole Noise. IEEE Canadian Journal of Electrical and Computer Engineering. 2024 Oct 4. https://doi.org/10.1109/icjece.2024.3409156
[15]Kommineni KK, Madhu GC, Narayanamurthy R, Singh G. IoT crypto security communication system. InIoT Based Control Networks and Intelligent Systems: Proceedings of 3rd ICICNIS 2022 2022 Oct 12 (pp. 27-39). Singapore: Springer Nature Singapore. https://doi.org/10.1007/978-981-19-5845-8_3
[16]King-Lacroix J. Securing the Internet of Things: decentralised security for wireless networks of embedded systems (Doctoral dissertation, University of Oxford). https://ora.ox.ac.uk/objects/uuid:b41c942f-5389-4a5b-8bb7-d5fb6a18a3db
[17]Biyani A, Karun G, inventors; SmartAxiom Inc, assignee. System and method for IOT security. United States patent US 10,924,466. 2021 Feb 16. https://www.freepatentsonline.com/y2019/0036906.html
[18]Yilmaz Y, Aniello L, Halak B. ASSURE: A hardware-based security protocol for internet of things devices. InAuthentication of Embedded Devices: Technologies, Protocols and Emerging Applications 2021 Jan 23 (pp. 55-87). Cham: Springer International Publishing. https://doi.org/10.1007/978-3-030-60769-2_3
[19]Akshatha PS, Hiremath D, Kumar SD. SecureHealth IoT: Ensuring Lightweight Security in MQTT Communication for Resource Constrained Devices Using Xor-HMAC Encryption. In2024 IEEE International Conference for Women in Innovation, Technology & Entrepreneurship (ICWITE) 2024 Feb 16 (pp. 85-90). IEEE. https://doi.org/10.1109/icwite59797.2024.10503309
[20]. Sengupta A, Kundu S. Guest editorial securing IoT hardware: threat models and reliable, low-power design solutions. IEEE Transactions on Very Large Scale Integration (VLSI) Systems. 2017 Nov 22;25(12):3265-7. https://doi.org/10.1109/TVLSI.2017.2762398
[21]Höglund R, Tiloca M, Selander G, Mattsson JP, Vučinić M, Watteyne T. Secure communication for the iot: Edhoc and (group) oscore protocols. IEEE Access. 2024 Apr 1. https://doi.org/10.1109/access.2024.3384095
[22]Hummen R, Wirtz H, Ziegeldorf JH, Hiller J, Wehrle K. Tailoring end-to-end IP security protocols to the Internet of Things. In2013 21st IEEE International Conference on Network Protocols (ICNP) 2013 Oct 7 (pp. 1-10). IEEE. https://doi.org/10.1109/ICNP.2013.6733571
[23]Chaitanya Chaduvula S, Atallah MJ, Panchal JH. Secure codesign: Achieving optimality without revealing. Journal of Computing and Information Science in Engineering. 2018 Jun 1;18(2):021007. https://doi.org/10.1115/1.4039431
[24]Hosenkhan MR, Pattanayak BK. A framework for secure communication on internet of things (IoT). InProgress in Advanced Computing and Intelligent Engineering: Proceedings of ICACIE 2020 2021 (pp. 599-605). Springer Singapore. https://doi.org/10.1007/978-981-33-4299-6_49
[25]SMH, S.S.F., Vidhyalakshmi, M., Priya, C., Subbulakshmi, N. and Thomas, S.L., 2022. Towards Providing a Novel Security Framework for the Internetof Things (NSF-IoT). https://doi.org/10.21203/rs.3.rs-1969921/v1
[26]. Song W, Guo S, Li J, Liu H, Wu Z, He X, Hou Y. Security Authentication Framework Design for Electric Internet of Things. InJournal of Physics: Conference Series 2022 Oct 1 (Vol. 2356, No. 1, p. 012003). IOP Publishing. https://doi.org/10.1088/1742-6596/2356/1/012003
[27]Dandotiya AS, Gupta S. SSFID: A Survey and Analysis of Security Framework for IoT Devices. In2023 IEEE International Conference on ICT in Business Industry & Government (ICTBIG) 2023 Dec 8 (pp. 1-6). IEEE. https://doi.org/10.1109/ictbig59752.2023.10456069
[28]Nguyen JH, Liao W, Yu W. Towards Secure Communications in Heterogeneous Internet of Things. In2023 International Conference on Computing, Networking and Communications (ICNC) 2023 Feb 20 (pp. 426-430). IEEE. https://doi.org/10.1109/ICNC57223.2023.10074323
[29]Dirin A, Oliver I, Laine TH. A security framework for increasing data and device integrity in internet of things systems. Sensors. 2023 Aug 30;23(17):7532. https://doi.org/10.3390/s23177532
[30]Liu D, Ji T. Security analysis and provision of authentication protocol, based on peer-to-peer structure in IOT platform. Scientific Reports. 2024 Oct 26;14(1):25508. https://doi.org/10.1038/s41598-024-73480-y


مقالات مرتبط

حقوق این وب‌سایت متعلق به سامانه مدیریت نشریات دانشگاه آزاد اسلامی است.
حق نشر © 1404-1400

صفحه اصلی| عضویت/ ورود| درباره سند| تماس با ما|
[English] [العربية] [en] [ar]