Page 1 of 1

MDF with AWS Cloud - authentication and whitelist topic

Posted: Sun May 23, 2021 1:41 pm
by rrelande
dear all,

we'd hope to use MDF as a access layer for our project.
related to cloud infrastructure, we are planning to use AWS.

now the question comes to enables safely access to the cloud.

when mesh is not in use, the devices have a direct IP connection to AWS.
This means ioT devices are able to authenticate using the native and secure authentication protocol : TLS.

in case of esp32 mesh, the ioT end devices no longer have IP connectivity to AWS.
This means they cannot establish a TLS connection to AWS and cannot be authenticated against AWS Thing register.
Instead there is a choice of security and authentication mechanism.
one relies on bluetooth and APP to establish the whitelist of allowed devices.
This is completely in the hands of the local settings and independant of the AWS authentication.

it means that in case local settings for good or bad reasons allow a device to enter mesh, there is no mechanism to allow or prevent this from cloud. This may acceptable for some projects and less for other projects.

Could i ask from fellow developpers and mdf experts whether there is a known way to
- build the mdf whitelist from cloud and independant from local settings
- authenticate the devices against AWS credentials

thanks in advance for your views