The transport security is specific to the transport protocol mapping.

When using a broker-based middleware (see 5.4.5.2.2), confidentiality and integrity can be ensured with the transport security between Publishersand the Brokeras well as Subscribersand the Broker. The Brokerlevel security in addition requires all Publishersand Subscribersto have credentials that grant them access to a Brokerresource.

Transport security may be hop-by-hop security with some risk of man-in-the-middle attacks. It also requires trusting the Brokersince the Brokercan read the messages. Combining transport security with message security reduces this risk.