written 23 months ago by |
Solution:
The IoT apps require the establishment of more steps to recognize the relevant appliances.
Keeping this in mind, the illustrated work has been proposed for applying the concept of using one-time passwords (OTP) as a validation criterion so that only the users who are eligible to or authorized for logging into the system can do so.
With the help of this procedure, only the users who are authorized to do so would be able to initiate the transmission and reception of the information after the booting of the system.
The description is illustrated in Figure. The system accesses the IoT broker application by sending OTP requests after booting with the help of regular Message Queue Telemetry Transport (MQTT) messaging.
The IoT app creates an OTP, delivers that to the system admin individually, and notifies it the system. Once the OTP is entered into the system, it is sent to the broker application.
The broker application then authenticates the OTP intimated by the system and response with a notification of the successful or failed message (usually invalid OTP or session timeout) back to the system.
There is an allowance for trying the OTP validation again which depends on the number in the configuration of the retry counter. This further generates two cases:
1. Successful OTP authentication even on retrying: This results in the shutting down of the application.
2. The inability of OTP validation: This results in skipping the OTP validation after initiation.