Home > Net >  AWS IOT - What is the best way to establish device ownership and prevent unauthorized access
AWS IOT - What is the best way to establish device ownership and prevent unauthorized access

Time:12-08

In AWS IOT I don't see any explanation online describing the best way to ensure a device publishing a topic with sensitive data can only be accessed by the device's owner.

For example Bob logs into his smartphone app and authenticates using Cognito. There is already a policy on the identity pool auth role allowing access to AWS IOT and an administrative lambda has called AttachPrincipalPolicy during signup and gave Bob access to AWS IOT.

Bob owns a device called "thermostat" with an x509 cert installed on it that is used to authenticate with AWS IOT. It is publishing topics such as /thermostat/123/temperature/75 (serial #:123, temperature: 75) and Bob on his smartphone is subscribing to the same topic (/thermostat/123/temperature/*)

How do we prevent another user, Jill, who has gone through the same setup for her thermostat, which gives her access to AWS IOT, from subscribing to /thermostat/123/temperature/* and reading Bob's private data?

I'm guessing it has to do with the serial number but in that case how do you associate Bob's identity ID with the device's serial number? What is the best way to associate the user and device when each is using a completely different authentication mechanism (Cognito and X509)?

CodePudding user response:

but in that case how do you associate Bob's identity ID with the device's serial number?

ThingAttributes can store simple device-owner relations. Add an ownerID attribute to your device Things. Or use an external store for more complex scenarios.

AWS suggests in its MQTT Topic Design doc to "Include any relevant routing information in the MQTT topic". Topic patterns such as jill/thermostat/123/temperature/* might be useful if you have single, stable owners. A thing policy variable {iot:Connection.Thing.Attributes[ownerID]}in the IoT Core Policy can make these dynamic.

Cognito auth: How do we prevent another user, Jill ... reading Bob's private data?

When Jill authenticates to IoT Core with Amazon Cognito identities, your client code or a lambda can generate the user-specific IoT Core Policy to attach to Jill's user identity as part of the auth flow. The policy will be written to allow Jill access only to her devices.

  • Related