The SWAMP project recently published a short paper in the 9th Latin-American Symposium on Dependable Computing (LADC 2019) presenting a secure end-to-end data flow for an inherently distributed IoT smart application. End-to-End Security in the IoT Computing Continuum: Perspectives in the SWAMP Project discusses how the SWAMP project is dealing with end-to-end security and technologies for the use of IoT in agriculture. The security of IoT systems is a challenging task, spanning data generated in the sensors until the user application passing through different stages of intermediate computing elements such as mist, fog, and cloud.
For the FIWARE-based security, Segment 1 (Sensor ↔ LoRa App Server) depicts the use of the standard LoRaWAN security features provided by the LoRa Server Project. Segment 2 (LoRa App Server ↔ Orion) describes the LoRa App Server sending packets to an MQTT broker connected to an IoT Agent. Segment 3 (Orion ↔ Applications) depicts the FIWARE domain, where the setup can be configured to require HTTPS among all GEs.
The same idea applies for SEPA based security, but with four segments. Segment 1 (Sensor↔ LoRa App Server) is similar to FIWARE. Segment 2 (LoRa App Server ↔ SEPA Broker) is similar to FIWARE, but the MQTT Adapter of the SEPA Architecture plays the role of the IoT Agent. In Segment 3 (SEPA ↔ SEPA), the communication is performed via HTTPS and WSS (Web Service Security) and using OAuth 2.0. The same applies to Segment 4 (SEPA Broker ↔ Applications), where the communication between Applications and SEPA Broker is performed via HTTPS, WSS, and OAuth.
