Authenticating IMP Posts to a Database

alexanderkjones · June 23, 2013, 6:22pm

Hey All,

I’m working on a wireless sensor network where each imp acts as a node. The imp polls it’s connected sensors and posts the results to a rails application that processes the data and stores it into the database. In an attempt to minimize up time on the imp I’m looking for ways to simplify authentication that the data is actually coming from an imp registered with the network and not a malicious user inserting bad data.

Our current idea is to register the mac address securely at the factory to an authentication table. Every 24hrs the imp pulls a random salt variable to encrypt the address and uses that as an authentication token which is compared to our device_mac table each time it posts to the application.

Alternatively, I can’t seem to find any information about using Agent in and SSH capacity but I’m still skilling up on authentication techniques. Any feedback or ideas greatly appreciated!

DolfTraanberg · June 24, 2013, 12:07am

No SSH, the ways the agent can communicate is described here
but where do you need ssh for??

hugo · June 25, 2013, 8:51am

You could have the agent pull a secret from your server (via HTTPS) and then use this in the submissions it sends to your server?

fgarsombke · June 25, 2013, 11:03am

That is essentially what we have built. On imp bootup we pull a secret token from our cloud server. Any requests from the imp must include that secret token. It would be great if we could use HMAC in the imp since that is how the other parts of our application server are secured. As far as I could tell there are not any squirrel libraries to support this type of hashing.

hugo · June 25, 2013, 6:06pm

No, but noted for a future feature.

fgarsombke · June 25, 2013, 6:19pm

Great, looking forward to it. That would be a great way to standardize RESTful security patterns across the Imp.

alottazs · August 15, 2013, 5:03pm

Yep. I second the request!

jalateras · August 19, 2013, 7:58pm

+1