Authenticating IMP Posts to a Database

Hey All,

I’m working on a wireless sensor network where each imp acts as a node. The imp polls it’s connected sensors and posts the results to a rails application that processes the data and stores it into the database. In an attempt to minimize up time on the imp I’m looking for ways to simplify authentication that the data is actually coming from an imp registered with the network and not a malicious user inserting bad data.

Our current idea is to register the mac address securely at the factory to an authentication table. Every 24hrs the imp pulls a random salt variable to encrypt the address and uses that as an authentication token which is compared to our device_mac table each time it posts to the application.

Alternatively, I can’t seem to find any information about using Agent in and SSH capacity but I’m still skilling up on authentication techniques. Any feedback or ideas greatly appreciated!

No SSH, the ways the agent can communicate is described here
but where do you need ssh for??

You could have the agent pull a secret from your server (via HTTPS) and then use this in the submissions it sends to your server?

That is essentially what we have built. On imp bootup we pull a secret token from our cloud server. Any requests from the imp must include that secret token. It would be great if we could use HMAC in the imp since that is how the other parts of our application server are secured. As far as I could tell there are not any squirrel libraries to support this type of hashing.

No, but noted for a future feature.

Great, looking forward to it. That would be a great way to standardize RESTful security patterns across the Imp.

Yep. I second the request!