Hardware-secured and transparent multi-stakeholder data exchange for industrial IoT

Authentic and confidential, but at the same time traceable and transparent, data exchange among multiple stakeholders is a key challenge in Industrial Internet of Things (IIoT) applications. Specifically, smart service connectivity requires the secure and transparent acquisition of equipment status information, which we call snapshots, from globally distributed equipment instances at customer sites by the equipment vendor. Related work has proposed to use a Message Queue Telemetry Transport (MQTT) Broker and hardware-secured Transport Layer Security (TLS) with client authentication. However, this approach lacks strong cryptographic end-to-end protection of snapshots. Here we show a hardware-rooted snapshot protection system that utilizes a Broker-based messaging infrastructure, hybrid encryption and a single-pass Elliptic Curve Menezes-Qu-Vanstone (ECMQV) scheme. We evaluate our concept by means of a prototype implementation and discuss security and performance implications. Our approach provides strong end-to-end data protection, while at the same time enabling customers to trace what data has been transferred off their equipment. We believe that our concept can serve as a template for a multitude of Industrial Internet of Things applications, which by their very nature call for strong security.