External Token-Based Authorization of Data-Driven Integrations and Service Compositions in MQTT 5

Modern connected cyber-physical systems and their integrations to traditional information systems are increasingly dependant on data and data sharing management in their integrations. Many such systems are constantly changing and evolving their composition, often including integrations to third party (data-driven) services. This paper presents a model where a service framework, used to manage microservice configurations, is also utilized to manage access to MQTT Version 5 message topics. A proof of concept is provided demonstrating how Eclipse Arrowhead as the service management layer is capable of taking care of authentication and authorization of publish and subscribe actions to MQTT topics as individually managed data services. The study shows that JSON Web Tokens (JWT) from this service framework can be used in the MQTT Version 5 headers without violating the MQTT specification as demonstrated with HiveMQ as the message broker in the proof of concept implementation.