Page tree
Skip to end of metadata
Go to start of metadata

Explanation about the IMB : 

  • How do we use security standard for the web (OAuth 2.0 and OIDC) to secure the MQTT protocol.
  • How do we provide continuous authorization and enhance data privacy on MQTT protocol :
    • when connecting to the IMB : check both id_tokens and access_tokens. Then regular checks checks of active_tokens for the server to close the connection when its becomes inactive.
    • when publishing a message on a topic : is this client allowed to publish a message on that topic ?
    • after subscribing to a topic : is this client allowed to receive a message from that topic ? 

→ This is done by calling AM policies evaluations.

Where does the IMB stand in a typical architecture ? 

→ Not too far from AM. That's a standalone product.

Questions : 

Is there any plan to support other protocols ? 

→ maybe CoAP in the future

Why not merging IMB and IG ?

→ different targets. IG is HTTP proxy while IMB a publish/subscribe based product.

Is a webapp (war based) or standalone

→ standalone

  • No labels