{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,5]],"date-time":"2026-01-05T22:30:03Z","timestamp":1767652203121,"version":"build-2065373602"},"reference-count":26,"publisher":"MDPI AG","issue":"19","license":[{"start":{"date-parts":[[2022,9,28]],"date-time":"2022-09-28T00:00:00Z","timestamp":1664323200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"project fund for technology and transfer (TETRA) of Flanders Innovation &amp; Entrepreneurship (Vlaio)","award":["HBC.2020.2073 Velcro"],"award-info":[{"award-number":["HBC.2020.2073 Velcro"]}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Sensors"],"abstract":"<jats:p>Message Queuing Telemetry Transport (MQTT) is a lightweight publish\/subscribe protocol, which is currently one of the most popular application protocols in Internet of Things (IoT) thanks to its simplicity in use and its scalability. The secured version, MQTTS, which combines MQTT with the Transport Layer Security (TLS) protocol, has several shortcomings. It only offers one-to-one security, supports a limited number of security features and has high computation and communication costs. In this paper, we propose a flexible and lightweight security solution to be integrated in MQTT, addressing many-to-many communication, which reduces the communication overhead by 80% and the computational overhead by 40% for the setup of a secure connection on the client side.<\/jats:p>","DOI":"10.3390\/s22197391","type":"journal-article","created":{"date-parts":[[2022,9,29]],"date-time":"2022-09-29T01:23:16Z","timestamp":1664414596000},"page":"7391","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":2,"title":["Flexible and Efficient Security Framework for Many-to-Many Communication in a Publish\/Subscribe Architecture"],"prefix":"10.3390","volume":"22","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-8388-9375","authenticated-orcid":false,"given":"Roald","family":"Van Glabbeek","sequence":"first","affiliation":[{"name":"Department of Engineering Technology (INDI), Vrije Universiteit Brussel, Pleinlaan 2, B-1050 Brussels, Belgium"},{"name":"Department of Electronics and Informatics (ETRO), Vrije Universiteit Brussel, Pleinlaan 2, B-1050 Brussels, Belgium"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4552-409X","authenticated-orcid":false,"given":"Diana","family":"Deac","sequence":"additional","affiliation":[{"name":"Department of Engineering Technology (INDI), Vrije Universiteit Brussel, Pleinlaan 2, B-1050 Brussels, Belgium"},{"name":"Communications Department, Technical University of Cluj-Napoca, 400114 Cluj-Napoca, Romania"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Thomas","family":"Perale","sequence":"additional","affiliation":[{"name":"Department of Engineering Technology (INDI), Vrije Universiteit Brussel, Pleinlaan 2, B-1050 Brussels, Belgium"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Kris","family":"Steenhaut","sequence":"additional","affiliation":[{"name":"Department of Engineering Technology (INDI), Vrije Universiteit Brussel, Pleinlaan 2, B-1050 Brussels, Belgium"},{"name":"Department of Electronics and Informatics (ETRO), Vrije Universiteit Brussel, Pleinlaan 2, B-1050 Brussels, Belgium"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"An","family":"Braeken","sequence":"additional","affiliation":[{"name":"Department of Engineering Technology (INDI), Vrije Universiteit Brussel, Pleinlaan 2, B-1050 Brussels, Belgium"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"1968","published-online":{"date-parts":[[2022,9,28]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","first-page":"848","DOI":"10.1007\/s11036-017-0851-8","article-title":"Lightweight Cybersecurity Schemes Using Elliptic Curve Cryptography in Publish-Subscribe fog Computing","volume":"22","author":"Diro","year":"2017","journal-title":"Mob. Netw. Appl."},{"key":"ref_2","doi-asserted-by":"crossref","first-page":"60539","DOI":"10.1109\/ACCESS.2020.2983117","article-title":"Lightweight Authenticated-Encryption Scheme for Internet of Things Based on Publish-Subscribe Communication","volume":"8","author":"Diro","year":"2021","journal-title":"IEEE Access"},{"key":"ref_3","doi-asserted-by":"crossref","unstructured":"Carlier, M., Steenhaut, K., and Braeken, A. (2019). Symmetric-Key-Based Security for Multicast Communication in Wireless Sensor Networks. Computers, 8.","DOI":"10.3390\/computers8010027"},{"key":"ref_4","doi-asserted-by":"crossref","first-page":"2018","DOI":"10.1109\/TVT.2008.2003961","article-title":"Secure and Efficient Multicast in Wireless Sensor Networks Allowing Ad hoc Group Formation","volume":"58","author":"Ren","year":"2009","journal-title":"IEEE Trans. Veh. Technol."},{"key":"ref_5","doi-asserted-by":"crossref","first-page":"150247","DOI":"10.1109\/ACCESS.2019.2946713","article-title":"Fog-Orchestrated and Server-Controlled Anonymous Group Authentication and Key Agreement","volume":"7","author":"Shabisha","year":"2019","journal-title":"IEEE Access"},{"key":"ref_6","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/3512344","article-title":"A Survey on Perfectly Secure Verifiable Secret-Sharing","volume":"54","author":"Chandramouli","year":"2022","journal-title":"ACM Comput. Surv."},{"key":"ref_7","doi-asserted-by":"crossref","first-page":"156","DOI":"10.1007\/s10773-022-05009-w","article-title":"Verifiable Multi-Dimensional (t, n) Threshold Quantum Secret Sharing Based on Quantum Walk","volume":"61","author":"Wang","year":"2022","journal-title":"Int. J. Theor. Phys."},{"key":"ref_8","unstructured":"Keoh, S., Kumar, S., Garcia-Morchon, O., Dijk, E., and Rahman, A. (2022, September 22). DTLS-Based Multicast Security for Low-Power and Lossy Networks (LLNs). Available online: http:\/\/www.watersprings.org\/pub\/id\/draft-keoh-tls-multicast-security-00.html."},{"key":"ref_9","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/3047413","article-title":"Axiom: DTLS-based secure IoT group communication","volume":"16","author":"Tiloca","year":"2017","journal-title":"ACM Trans. Embed. Comput. Syst. TECS"},{"key":"ref_10","doi-asserted-by":"crossref","first-page":"173","DOI":"10.1007\/s10207-016-0326-0","article-title":"On improving resistance to denial of service and key provisioning scalability of the DTLS handshake","volume":"16","author":"Tiloca","year":"2017","journal-title":"Int. J. Inf. Secur."},{"key":"ref_11","doi-asserted-by":"crossref","unstructured":"Choudhury, B., Nag, A., and Nandi, S. (2020, January 10\u201313). DTLS based secure group communication scheme for Internet of Things. Proceedings of the 2020 IEEE 17th International Conference on Mobile Ad Hoc and Sensor Systems (MASS), Delhi, India.","DOI":"10.1109\/MASS50613.2020.00029"},{"key":"ref_12","doi-asserted-by":"crossref","unstructured":"Peng, W., Liu, S., Peng, K., Wang, J., and Liang, J. (2016, January 10\u201311). A Secure Publish\/Subscribe Protocol for Internet of Things Using Identity-Based Cryptography. Proceedings of the 5th International Conference on Computer Science and Network Technology (ICCSNT), Changchun, China.","DOI":"10.1109\/ICCSNT.2016.8070234"},{"key":"ref_13","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/3128607","article-title":"Fast Proxy Re-Encryption for Publish\/Subscribe Systems","volume":"20","author":"Polyakov","year":"2017","journal-title":"Acm Trans. Priv. Secur."},{"key":"ref_14","doi-asserted-by":"crossref","first-page":"108465","DOI":"10.1016\/j.comnet.2021.108465","article-title":"Lightweight and secure authentication scheme for IoT network based on publish\u2013subscribe fog computing model","volume":"199","author":"Amanlou","year":"2021","journal-title":"Comput. Netw."},{"key":"ref_15","doi-asserted-by":"crossref","first-page":"2014","DOI":"10.1016\/j.comnet.2012.02.013","article-title":"Design and implementation of a confidentiality and access control solution for publish\/subscribe systems","volume":"56","author":"Ion","year":"2012","journal-title":"Comput. Netw."},{"key":"ref_16","doi-asserted-by":"crossref","first-page":"518","DOI":"10.1109\/TPDS.2013.256","article-title":"Securing broker-less publish\/subscribe systems using identity-based encryption","volume":"25","author":"Tariq","year":"2014","journal-title":"IEEE Trans. Parallel Distrib. Syst."},{"key":"ref_17","doi-asserted-by":"crossref","first-page":"25989","DOI":"10.1109\/ACCESS.2019.2899076","article-title":"A Comprehensive Security Framework for Publish\/Subscribe-Based IoT Services Communication","volume":"7","author":"Duan","year":"2019","journal-title":"IEEE Access"},{"key":"ref_18","doi-asserted-by":"crossref","first-page":"17962","DOI":"10.1109\/ACCESS.2017.2748956","article-title":"PCP: A Privacy-Preserving Content-Based Publish\u2013Subscribe Scheme With Differential Privacy in Fog Computing","volume":"5","author":"Wang","year":"2017","journal-title":"IEEE Access"},{"key":"ref_19","doi-asserted-by":"crossref","unstructured":"Su, W.T., Chen, W.C., and Chen, C.C. (2019, January 17\u201321). An extensible and transparent Thing-to-Thing security enhancement for MQTT protocol in IoT environment. Proceedings of the 2019 Global IoT Summit (GIoTS), Aarhus, Denmark.","DOI":"10.1109\/GIOTS.2019.8766412"},{"key":"ref_20","doi-asserted-by":"crossref","first-page":"198","DOI":"10.1109\/TIT.1983.1056650","article-title":"On the security of public key protocols","volume":"29","author":"Dolev","year":"1983","journal-title":"IEEE Trans. Inf. Theory"},{"key":"ref_21","doi-asserted-by":"crossref","first-page":"203","DOI":"10.1090\/S0025-5718-1987-0866109-5","article-title":"Elliptic curve cryptosystems","volume":"48","author":"Koblitz","year":"1987","journal-title":"Math. Comp."},{"key":"ref_22","first-page":"73","article-title":"The Exact Security of ECIES in the Generic Group Model","volume":"Volume 2260","author":"Honary","year":"2001","journal-title":"Cryptography and Coding. Cryptography and Coding 2001"},{"key":"ref_23","doi-asserted-by":"crossref","first-page":"239","DOI":"10.1007\/0-387-34805-0_22","article-title":"Efficient identification and signatures for smart cards","volume":"Volume 435","author":"Schnorr","year":"1990","journal-title":"Advances in Cryptology\u2014CRYPTO\u201989 Proceedings"},{"key":"ref_24","doi-asserted-by":"crossref","first-page":"156","DOI":"10.1007\/3-540-46088-8_15","article-title":"Provably Secure Implicit Certificate Schemes","volume":"Volume 2339","author":"Brown","year":"2001","journal-title":"Financial Cryptography"},{"key":"ref_25","unstructured":"MQTT (2022, September 01). Mq Telemetry Transport. Available online: https:\/\/mqtt.org\/."},{"key":"ref_26","unstructured":"Koschuch, M., Hudler, M., and Kr\u00fcger, M. (2010, January 26\u201328). Performance Evaluation of the TLS Handshake in the Context of Embedded Devices. Proceedings of the 2010 International Conference on Data Communication Networking (DCNET), Athens, Greece."}],"container-title":["Sensors"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/1424-8220\/22\/19\/7391\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T00:41:27Z","timestamp":1760143287000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/1424-8220\/22\/19\/7391"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,9,28]]},"references-count":26,"journal-issue":{"issue":"19","published-online":{"date-parts":[[2022,10]]}},"alternative-id":["s22197391"],"URL":"https:\/\/doi.org\/10.3390\/s22197391","relation":{},"ISSN":["1424-8220"],"issn-type":[{"type":"electronic","value":"1424-8220"}],"subject":[],"published":{"date-parts":[[2022,9,28]]}}}