Explanation about the IMB :
- How do we use security standard for the web (OAuth 2.0 and OIDC) to secure the MQTT protocol.
- How do we provide continuous authorization and enhance data privacy on MQTT protocol :
- when connecting to the IMB : check both id_tokens and access_tokens. Then regular checks checks of active_tokens for the server to close the connection when its becomes inactive.
- when publishing a message on a topic : is this client allowed to publish a message on that topic ?
- after subscribing to a topic : is this client allowed to receive a message from that topic ?
→ This is done by calling AM policies evaluations.
Where does the IMB stand in a typical architecture ?
→ Not too far from AM. That's a standalone product.
Is there any plan to support other protocols ?
→ maybe CoAP in the future
Why not merging IMB and IG ?
→ different targets. IG is HTTP proxy while IMB a publish/subscribe based product.
Is a webapp (war based) or standalone