Tag Archives: mosquitto

Monetizing IoT Data using IOTA

There is a lot of buzz around cryptocurrencies  – will BTC be over $20,000 by the time this blog post goes live? 🙂 – these days, but beyond the hype, one thing is pretty clear: it enables a decentralized economy that is particularly interesting to look at from an IoT perspective.

For the Internet of Things, I believe the role of cryptocurrencies and distributed ledgers is threefold:

  • monetization of IoT data – cryptocurrencies make it really easy to implement scenarios where data producers can get a financial compensation in exchange for the value provided by the data they expose. Think of a weather station you would put on your balcony: people or corporations could have access to the feed of sensor data in exchange for some tokens.
  • smart contracts – taking monetization a step further, smart contracts can enable higher-order, secured, transactions to automatically take place on the network. If you take the example of the weather station, you could sign a smart contract with a 3rd party whereby you get paid for giving access to your sensor data if and only if you can provide an uptime of at least 99%. Note that this would probably require a trusted third party responsible for checking your uptime and storing it in the ledger.
  • security – manufacturers can use a distributed ledger to store information that can be used to help securely bootstrap  IoT devices, by e.g allowing customers to check the authenticity of a chip.

In this blog post, we will focus on the first topic: monetizing IoT data.

For that, we will look at leveraging IOTA’s distributed ledger. We will be showing how anyone can be given access to “simple” IoT sensor data on an MQTT broker, while only people who are paying for it will be able to access the live, raw, data stream.

Use case

We will be basing this article on the use case of someone, let’s call her Jane, willing to give access to a live sensor data stream coming from a smart plug, granted that she gets some money (iotas) in return 🙂 .

The instant power consumption metrics will be published to an MQTT broker twice per second, making for a pretty accurate sampling that people might be interested in buying. On the same MQTT broker, Jane will also be making available the 1-min moving average of the power consumption for anyone to access, even if they don’t necessarily want to pay extra money.

When John, who is maybe a data scientist interested in getting his hands on “real” data wants to get the power consumption from Jane’s smart plug, he has two options:

  • access the MQTT broker and subscribe to data published on the ‘public’ sensor/1m topic, for free,
  • send some IOTAs to Jane (she’s decided that 500 iotas is what people should pay to access the data for one hour), for his MQTT client to be granted access to sensor/live topic where the live, and more valuable to him, data stream is being published.

Technology being used

  • Eclipse Mosquitto as our MQTT broker of choice.
  • Two IOTA wallets, one where the payments to Jane shall be sent to, and one for John to pay for accessing sensor data
  • mosquitto-auth-plug, a flexible authentication plug-in for Mosquitto. We will use it for implementing a flexible access-control model, based on the information available on the IOTA tangle (i.e payments)
    • The ACLs (access-control lists) will be stored in a MongoDB database, used as the authentication backend for mosquitto-auth-plug
  • A Belkin WeMo Insight smart plug.

Demo

Enough with the words! I’ve put together a video (click here if the video doesn’t show up below) that shows the whole scenario in action. While you will quickly realize that I do a bad job impersonating Jane and John, what I hope you notice is that this is a real demo, and anyone can implement something similar today.

The technology is here, and while it has some limitations, I do think it’s worth exploring what new scenarios it enables.

Check out the code

I have published all the code behind this proof-of-concept on my Github repository, please check it out and open pull requests or issues if you happen to give it a try!

Next steps?

This is obviously a simple proof-of-concept, and I am almost certain it is not free of security issues. I would certainly be happy to hear from you if you have feedback :smile:.

I see at least two things that would be worth improving:

  • IOTA transactions, just like with many other distributed ledgers, can take a significant amount of time before they get confirmed. Having to wait for a couple hours after you’ve made a payment to effectively get access to the data can seriously impact the user experience. A nice improvement would be to rely on IOTA Flash Channels,  as they allow to perform instantaneous, off-tangle transactions.
  • In the current PoC, the Mosquitto server only accepts connections from a list of users already agreed upon. This wouldn’t be difficult, and much smarter, to allow anonymous access to anyone, and let clients interested in having full access to the data indicate in their payment message the username/password they plan on using when reconnecting as authenticated clients. This information should, of course, be encrypted with a key only known to the client and the server – this key, unique for each client, could be broadcasted to anonymous clients on the $SYS topic, for example…

Do you see other areas for improvement? Have you seen similar solutions implemented with other cryptocurrencies?

Note that the IOTA folks have recently announced an IoT data market that seems to implement a similar idea, but I haven’t had time to look into it closely.

How to run your web server and MQTT WebSockets broker on the same port

I was just asked how one can deploy a similar setup as the iot.eclipse.org MQTT sandbox, where MQTT over WebSockets is available on port 80, just like the rest of the website.

There are actually two ways of achieving this.

Mosquitto as the main frontend

It’s a little-known fact but together with built-in WebSockets support (added in version 1.4), Mosquitto also can act as basic HTTP server, and directly serve a bunch of static resources for you. The config option you’re looking for is “http_dir“, that will allow you to serve the content of a directory over HTTP.

Granted you are running a version of Mosquitto that has WebSockets support, here how your mosquitto.conf file should look like to enable WebSockets *and* regular HTTP connections:

listener 80
protocol websockets
http_dir /home/johndoe/htdocs

Of course, you will need to make sure that you do not have any other daemons (like Apache, nginx, …) already running and using port 80 🙂

Once Mosquitto is setup this way, you can use any MQTT client that supports WebSockets to connect to ws://yourhost URI.

ws://yourhost/ws, or ws://yourhost:80/foobar would work just fine too – Mosquitto doesn’t care about the path at all!

Apache front-end + mod_websocket_mosquitto

Since it’s likely you actually want a “real” HTTP server to serve your website (for security reasons, for being able to run PHP, etc.), another approach is to use Apache as the main HTTP front-end, as you would normally do, and configure it to tunnel WebSockets connections made on a given URI to your Mosquitto broker.

You can download an Apache module that does exactly that at https://github.com/willem4ever/mod_websocket_mosquitto. The instructions to compile and install it are pretty straightforward and you will end up with something like the following in your Apache configuration:

<IfModule mod_websocket.c>
Loadmodule mod_websocket_mosquitto /usr/lib/apache2/modules/mod_websocket_mosquitto.so
 <Location /mosquitto>
 MosBroker localhost
 MosPort 1883
 SetHandler websocket-handler
 WebSocketHandler /usr/lib/apache2/modules/mod_websocket_mosquitto.so mosquitto_init
 </Location>
</IfModule>

Running Eclipse Mosquitto on Snappy Ubuntu Core

I’ve recently been playing around with Snappy Ubuntu Core, and I thought it would be a nice exercise to try and package Mosquitto as a so-called “Snap”.

This blog post will give you a quick introduction to Snappy, and what it means to have a technology like Mosquitto available as a snap package.

Snappy Ubuntu Core

snappy

Ubuntu Core is a minimal Ubuntu distribution, that doesn’t come with the classical, APT-based, package manager.
Ubuntu Core is targeting cloud & IoT environments, therefore it is using an approach where the applications or services that one installs in a given distro, are self-contained “snaps”, that are completely isolated from the rest of the environment. If a snap depends on a shared library, this library will be bundled with the snap. If a snap needs to be granted rights beyond the scope of their default sandboxed container, it will be specified in the snap metadata. And so on.

Why does it matter for the Internet of Things?

Being able to transactionally update a system definitely makes sense for cloud environments, but it is also key for Internet of Things solutions. Even more so if you take into account how easy it is to fire up a new EC2 machine for a system you just crashed, vs. actually going on the field to troubleshoot an IoT gateway that went off the network after a failed update…

Furthermore, IoT gateways today are operating a very limited set of services, since there’s no clean and safe way to really turn them into extensible platforms, where any partner involved in developing a given solution would be able to run its own bits, in dedicated sandboxes. Application frameworks like Kura certainly enable such things at the application level, but we need solutions like Ubuntu Core for anything closer to the system.

Mosquitto on Snappy Ubuntu Core

If you have ever played with MQTT, there’s a good chance that you have used Eclipse Mosquitto as your broker. It is a very customizable, feature-packed, broker that has recently added support for MQTT over WebSockets. Mosquitto is available in source form, but it is also distributed in binary form and as a ready-to-use package in many Linux distros.

The Mosquitto Snappy package contains a WebSockets-ready version of Mosquitto 1.4.2 that can run on x64 or ARM architectures. Therefore, you are literally 2 minutes away from having an up-and-running Mosquitto broker on Microsoft Azure, Amazon EC2, or Google Compute Engine. Since Ubuntu Core is also available for the Raspberry Pi and the BeagleBone Black, you can install Mosquitto on those platform as well.

If you want to try it yourself on EC2, for example, you can follow this tutorial to bootstrap your Ubuntu Core image. Once you have a shell access to your Core server, simply run sudo snappy install mosquitto.kartben, and Mosquitto will be automatically downloaded from the Ubuntu Software Store, and installed. WebSockets are enabled on port 8080 and as a matter of fact, I have also packaged a few extra resources with the broker to help you get started: if you open http://{myubuntucoreIP}:8080 in your browser, you will be granted with a web page that helps making sure you use the right connection settings, and also with a live visualization of your topics’ activity.

screenshot