mDash service is using industry-standard TLS1.2 transport protocol
for protecting network traffic. There are two network protocols
provided by mDash, both are wrapped into TLS1.2:
- MQTT - for connected devices
- HTTP/RESTful - for management connections
Both MQTT and HTTP clients are authenticated using unique keys (passwords):
- An MQTT key is used for MQTT authentication, and gives access to the
whole MQTT namespace for the account: e.g. if a one device publishes
a message, another device can subscribe to it.
- Master REST key is used to give root access to the REST API
- Device REST key gives access to the given device only, and only to.
view or modify a subset of device shadow.
A connected device can be a network client, or network server, or both. For
example, if a device provides a RESTful interface, it acts as a network
server. If a device connects to an MQTT server, it acts as a network client.
Avoid running a network server on your device for the following reasons:
- It is easy to DoS the device by creading many network connections. Say,
a device has 40k of free RAM, and each connection takes 10k, then 4
connections is enough for the denial of service
- A device must implement authentication and authorisation mechanisms that
are potentially vulnerable
- A network service code may be vulnerable
- If TLS is used for communication, the connection setup time could be
large because of the slow CPU, leading to delays and bad user experience
- TLS certificate management for the local communication could be non-trivial
On the other hand, when a device acts as a client, these problems disappear:
- It is impossible to hack into the device directly because it does not
expose any network endpoint
- A device does not care about authentication and authorisation - it is all
handled on the cloud side, and secure services like Google IoT Core or
AWS IoT would be a good choice for the cloud backend
- The only entity a device should trust is a cloud backend, which is
handled by the industry-standard TLS
- No need to keep many network connections, cause a single secure
connection to the cloud backend is enough for both management and data flows.
This saves precious resources