Abstract
Messaging protocols are basically formats and rules defined for exchanging messages between different parts of a messaging system. Message passing is a type of communication between processes. Message passing is a form of communication used in parallel programming and object-oriented programming. Communications are completed by the sending of messages (functions, signals, and data packets) to recipients. This work aims at studying messaging protocols like MQTT (Message Queuing Telemetry Transport), AMQP (Advanced Message Queuing Protocol), and XMPP (Extensible Messaging and Presence Protocol) based on their features, application, security aspects, limitations, and their usage in popular Social Media and messaging applications.
Keywords: MQTT, AMQP, XMPP, protocols, WhatsApp, Instagram, Facebook.
Save your time!
We can take care of your essay
- Proper editing and formatting
- Free revision, title page, and bibliography
- Flexible prices and money-back guarantee
Place an order
1. Introduction
Message passing is a method for invoking behavior on a computer. The invoking program sends a message to a process and depends on that process and its supporting organization to select and then run the code it selects. Message passing differs from predictable programming where a process, subroutine, or function is directly invoked by name.
Message passing is used universally in computer software. It is used as a way for the objects that make up a program to work with each other. Message passing may be implemented by various mechanisms, including channels.
A communication protocol is a set of rules that allow two or more units of a communications system to send information through any kind of variation of a physical quantity. The protocol defines the rules, syntax, semantics, and synchronization of communication and gives possible error recovery methods. Protocols may be implemented individually over hardware or software or over a combination of both.
A.MQTT
MQTT is a client-Server publish-subscribe messaging transport protocol. It is inviting, open, simple, and designed to be easy to implement by both publishers and subscribers. These characteristics make it ideal for use in most situations, including controlled environments such as for communication in Machine to Machine (M2M) and Internet of Things (IoT) contexts. As an example, Facebook Messenger is based on MQTT. Some of the positive characteristics of MQTT are its lightweight nature and binary footprint, which lead it to excel when transferring data. In comparison to some well-used protocols like Hypertext Transfer Protocol (HTTP), it only has a minimal packet overhead. Another important aspect of MQTT is that it is extremely easy to implement on the client side. This fits perfectly for constrained devices with limited resources. Its ease of implementation was one of the goals that were met when MQTT was invented.MQTT was invented in1999, with the aim of creating a protocol for minimal battery loss and minimal bandwidth usage. In a publish/subscribe pattern, a client publishes information and other clients can subscribe to only the information they want. In many cases, there is a broker between the clients who facilitates and/or filters the information. This allows for a loose coupling between entities. The decoupling can occur in a few different ways: Space, Time, and Synchronization.
- Space: the publisher and subscriber need not reveal identities, by IP address or other ways.
- Time: the two clients do not have to be running at the same time.
- Synchronization: Operations are not stopped by publishing and receiving.
There are two units of communication in MQTT architecture. These units are taking the role of publishers and subscribers, client and server/broker. Clients can publish or subscribe to messages or both. The broker serves as a central component that accepts messages published by clients and delivers them to subscribed clients.
Figure 1. MQTT interaction model
Limitations of MQTT:
Analyzing the Limitations of the MQTT protocols gives us these outlooks.
- It operates over TCP. TCP requires more time to set up communication, which results in increased communication time and wake-up time.
- There is very limited support for the Retained Messages feature of MQTT messaging
- Subscription request from either a device or application is allocated a buffer of 5000 messages. The buffer allows for any application or device to fall into a backlog of up to 5000 pending messages for each subscription. When the buffer is full, the oldest messages are discarded when a new message is received.
- Some size limitations apply for the message payload on Platform Service.
Protocol Security:
MQTT features different security mechanisms, but most of them are not organized or provided by default, such as data encryption or entity authentication. Authentication processes, such as using the physical address of the device (MAC), exist and are controlled by the broker by registering a device’s information once it tries to connect. Access authorization can be done by the broker using a mechanism called an Access Control List (ACL). The ACL contains records of information such as the identifiers and passwords of the different clients that are allowed to access different objects and can also specify what functions the client can perform on these.
B. XMPP
Extensible Messaging and Presence Protocol (XMPP) is an open, XML-based protocol aimed at near-real-time, extensible instant messaging (IM) and presence information. It has been extended into the broader area of message-oriented middleware. It has been built to be extensible; the protocol has been extended with features such as Voice over IP and file transfer signaling. XMPP protocol has been used by several social networking platforms including Gtalk, WhatsApp, and Facebook; collaborative services like Google wave, and gradient; multiplayer games like chess park, and by many online live customer support and technical support services. With the speedy development of the information society, short message service is developed quickly. At the same time, the Instant Message(IM) service also become popular among users. As users now are tending to use a mobile phone at any time and place for instant messages, the interconnection of these two technologies is a new demand. XMPP which is based on Extensible Markup Language (XML) solves the problem that the Instant messaging system could not interconnect with other non-Instant Messaging systems. In XMPP, both instant messages and presence messages are based on XML. These messages use XML Stanza to switch between entities. XML is a readable text format that is flexible, extensible, and easy to create and reading. Through XML, it’s easy to build a gateway to realize the communication between the XMPP system and the non-XMPP system. XMPP gateway is the special module of the server. Its main task is to translate XMPP into the protocol which the non-XMPP system uses, and also do the reverse process. XMPP utilizes a decentralized architecture. The protocol uses a client-server model which means that clients do not talk directly to each other. By design, there is no central server. Each user on the XMPP network is given an XMPP address (JabberID) that works like an email address with an IP address/domain name and a username for the resident server. XMPP protocol is apt for any communication platform that supports the pub-sub design pattern. Pub-Sub design pattern describes how the message flows between the devices & applications. Here, the publisher sends data to the subscriber who receives the data through devoted channels. These subscribers receive a notification whenever a new message comes through these channels.
Figure 2. XMPP interaction model
Limitations of XMPP:
- Redundancy of data transmitted: Around 60% of the information transmitted by the protocol is the presence of data, which creates excess traffic.
- Limited scope to scalability: Because of the excessive traffic, XMPP is challenging for the creation of chat rooms and data publishing.
- Inability to send binary data: Unchanged binary data cannot be delivered since XMPP is encoded as one long XML document.
Protocol Security:
XMPP provides numerous levels of security that are inherent in the protocol. Individual identity in XMPP is stronger compared to WebSockets. Users are required to authenticate both host servers and messages to stay away from the risk of spoofing. This helps to do away with the threat of spam. Users can put in more layers of security by requiring clients to install a suitable security certificate for identity confirmation.
The XMPP has two types of encryption. The first encryption takes place at the establishment and authentication using SASL(Simple Authentication and Security Layer). After a connection has been established, all client-server transmissions are encrypted using TLS(Transport Layer Security). This means that the danger of getting attacked is very small.
C. AMQP
AMQP(Advanced Message Queuing Protocol) comprises both a network protocol, which specifies what client applications and message servers must send over the wire to interoperate with each other and a protocol model, which specifies the semantics an AMQP implementation must obey to be interoperable with other implementations.AMQP is the result of a standardization effort by the major contributors in the messaging scene (e.g. Cisco, Microsoft, Red Hat, banks). It is designed for interoperability between different messaging systems.
There are a couple of important points to note about the AMQ protocol model. First, the chain of responsibility pattern is clearly in use. In this pattern, messages that appear to flow directly from sender to receiver actually flow through a set of message processors residing between the two. The second important point to note about the protocol model is that it enables the broker to effectively make routing decisions. It provides the definition for a binary wire protocol and a complete delivery semantic, allowing, theoretically, for an AMQP messaging client to be able to interact seamlessly with different broker implementations which are AMQP compliant. Nowadays, the adoption of the latest stable version (1.1) of the protocol is not yet extensive, but given that it is already supported by the major message brokers, a much wider implementation is expected in the upcoming years. We can map AMQP’s capabilities such that Java applications can use them through JMS APIs. For C++, Python, and Ruby applications, however, there are no popular open messaging API standards like JMS for Java, so those languages support their own AMQP APIs, which typically reflect the AMQP application-level protocol classes and methods. In AMQP message is first sent to a component of Message Broker called Exchanges. Exchanges distribute message copies to queues using rules called bindings. Then AMQP brokers either deliver messages to consumers subscribed to queues, or consumers fetch/pull messages from queues on demand.
Here is the sample interaction diagram on how AMQP works.
Figure 3. AMQP interaction model
Limitations of AMQP:
The AMQP specifications impose these limits on future extensions of AMQP:
- Number of channels per connection: 16-bit channel number.
- Number of protocol classes: 16-bit class id.
- Number of methods per protocol class: 16-bit method id.
The AMQP specifications impose these limits on data:
- Maximum size of a short string: 255 octets.
- Maximum size of a long string or field table: 32-bit size.
- Maximum size of a frame payload: 32-bit size.
- Maximum size of a content: 64-bit size.
The server or client may also impose its own limits on resources such as the number of simultaneous connections, number of consumers per channel, number of queues, etc. These do not affect interoperability and are not specified.
Protocol Security:
We guard against buffer-overflow exploits by using length-specified buffers in all places. All externally provided data can be verified against the maximum allowed lengths whenever any data is read. Invalid data can be handled unambiguously, by closing the channel or the connection.
Attacks AMQP handles errors by returning a reply code and then closing the channel or connection. This avoids ambiguous states after errors. The server should be assumed that exceptional conditions during the connection negotiation stage are due to a hostile attempt to gain access to the server. The general response to any exceptional condition in the connection negotiation is to pause that connection (presumably a thread) for a period of several seconds and then to close the network connection. This includes syntax errors, oversized data, and failed attempts to authenticate. The server SHOULD log all such exceptions and flag or block clients provoking multiple failures.
Results:
Table 1. Comparison of AMQP, MQTT, XMPP
- Criteria
- AMQP
- MQTT
- XMPP
- Format
- Binary
- Binary
- Xml based
- Aim
- Replacement of exclusive protocols
- To enable message passing in resource-constrained devices
- Promotes instant messaging for wider use
- Publisher subscriber acknowledgments
- Acknowledgments and resumption
- SASL, TLS/SSL
- SASL, TLS/SSL
- Extensibility
- Extension points
- None
- Extensible
- API
- Divided into classes
- 5 operations with 2-3 packet types for each
- Different XML items with multiple types
- TCP
- TCP
- TCP
- Interaction model
- Point to point
- Publisher-Subscriber
- Point to point
- Resource discovery
- No
- No
- Yes
- Yes
- Yes
- Yes
- Device to Device
- Device to cloud
- Cloud to cloud
- Device to cloud
- Cloud to cloud
- Device to cloud
- Cloud to cloud
- Structural
- Foundational
- Structural
- Fault tolerance
- Broker in SPoF
- Server in SPoF
Table 2. Comparison of WhatsApp, Facebook, and Instagram
- Criteria
- WhatsApp
- Facebook
- Instagram
- Meaning
- It is an application that provides users with texting services
- It facilitates users to connect themselves to the online community and build a social circle
- It allows users to build and join communities that share a common interest
- End-to-end encryption by default
- Have to enable end-to-end encryption (secret conversation)
- End-to-end encryption not there
- The users can chat and call their WhatsApp contacts and share photos, videos and audio, group messaging is also present
- The users can chat, call, post.and update pages, play games online, group conversations, etc
- Allows sharing of photos, videos and also has facility of direct messages, best for brand promotion, group chat facility available
- XMPP
- MQTT
- AMQP
- No
- Yes
- Yes
- Phone number
- Facebook account
- Instagram account
Conclusion:
Messaging is essentially a practical solution to the problem of distributed systems. In this work we have successfully surveyed application layer protocols, focusing on their application, security aspects, usage, and their limitations in a comparative, tabular format. The study found which application layer protocols are predominantly used in various social media and messaging applications. This study also puts light on the fact that some communication protocols are favored over others by developers. Based on its stability and simple construction MQTT is the protocol that has be proven to stand the test of time to have excellent performance over constrained devices. Although MQTT is suited for simple clients, any infrastructure using it is exposed to numerous security weaknesses and failure to make better use of resources. On the other hand, AMQP is suited to these cases and supports better use of resources and a practical security approach with message reliability. AMQP is a simple yet powerful enterprise messaging tool that has a bright future in enterprise messaging. XMPP is a near-end streaming instant messaging protocol that embeds field and context-sensitive information into XML enabling communication between systems and people. Thus this study congregates three major communication protocols highlighting their usage and application.
References:
- Bryce, R., Shaw, T., &Srivastava, G. (2018, July).Mqtt-g: A publishes/subscribe protocol with geolocation. In 2018 41st International Conference on Telecommunications and Signal Processing (TSP) (pp. 1-4).IEEE.
- Dinculeană, Dan. Vulnerabilities and Limitations of MQTT Protocol Used between IoT Devices. Applied Sciences.2019. 9. 848. 10.3390/app9050848.
- AMQP (Advanced Message Queuing Protocol) http://www.amqp.org
- MQTT (MQ Telemetry Transport) http://mqtt.org
- XMPP (Extensible Messaging and Presence Protocol) http://xmpp.org
- Katsikeas, S.; Fysarakis, K.; Miaoudakis, A.; Bemten, A.V.; Askoxylakis, I.; Papaefsta-thiou, I.; Plemenos, A Lightweight & Secure Industrial IoT Communications via the MQ Telemetry Transport Protocol. In Proceedings of the 2017 IEEE Symposium on Computers and Communications (ISCC), Heraklion, Greece,3–6 July 2017.
- [Dizdarević, J., Carpio, F., Jukan, A., &Masip-Bruin, X. (2019). A survey of communication protocols for internet of things and related challenges of fog and cloud computing integration. ACM Computing Surveys (CSUR), 51(6), 1-29.
- Griffin, L., de Leastar, E., &Botvich, D. (2011, May). Dynamic shared groups within XMPP: An investigation of the XMPP group model. In 12th IFIP/IEEE International Symposium on Integrated Network Management (IM 2011) and Workshops (pp. 634-637).IEEE.
- Lu, X., Lei, W., & Zhang, W. (2012, July). The design and implementation of XMPP-based SMS gateway.In 2012 Fourth International Conference on Computational Intelligence, Communication Systems and Networks (pp. 145-148).IEEE.
- S Vinoski, 'Advanced Message Queuing Protocol,' in IEEE Internet Computing, vol. 10, no. 6, pp. 87-89, Nov.-Dec. 2006.
- Ozturk, O. (2010, May). Introduction to XMPP protocol and developing online collaboration applications using open source software and libraries.In 2010 International Symposium on Collaborative Technologies and Systems (pp. 21-25).IEEE.
- Cohn, R. (2011). A comparison of AMQP and MQTT. White Paper, StormMQ.