28,113 research outputs found
Group-Based Key Management Protocol for Energy Efficiency in Long-Lived and Large-Scale Distributed Sensor Networks
As wireless sensor networks grow, so does the need for effective security mechanisms. We propose a cryptographic key-management protocol, called energy-efficient key-management (EEKM) protocol. Using a location-based group key scheme, the protocol supports the revocation of compromised nodes and energy-efficient rekeying. The design is motivated by the observation that unicast-based rekeying does not meet the security requirements of periodic rekeying in long-lived wireless sensor networks. EEKM supports broadcast-based rekeying for low-energy key management and high resilience. In addition, to match the increasing complexity of encryption keys, the protocol uses a dynamic composition key scheme. EEKM also provides group-management protocols for secure group communication. We analyzed the energy efficiency and security of EEKM and compared it to other key-management protocols using a network simulator
Group Key Management in Wireless Ad-Hoc and Sensor Networks
A growing number of secure group applications in both civilian and military domains is being deployed in WAHNs. A Wireless Ad-hoc Network (WARN) is a collection of autonomous nodes or terminals that communicate with each other by forming a multi-hop radio network and maintaining connectivity in a decentralized manner. A Mobile Ad-hoc Network (MANET) is a special type of WARN with mobile users. MANET nodes have limited communication, computational capabilities, and power. Wireless Sensor Networks (WSNs) are sensor networks with massive numbers of small, inexpensive devices pervasive throughout electrical and mechanical systems and ubiquitous throughout the environment that monitor and control most aspects of our physical world.
In a WAHNs and WSNs with un-trusted nodes, nodes may falsify information, collude to disclose system keys, or even passively refuse to collaborate. Moreover, mobile adversaries might invade more than one node and try to reveal all system secret keys. Due to these special characteristics, key management is essential in securing such networks. Current protocols for secure group communications used in fixed networks tend to be inappropriate. The main objective of this research is to propose, design and evaluate a suitable key management approach for secure group communications to support WAHNs and WSNs applications.
Key management is usually divided into key analysis, key assignment, key generation and key distribution. In this thesis, we tried to introduce key management schemes to provide secure group communications in both WAHNs and WSNs.
Starting with WAHNs, we developed a key management scheme. A novel architecture for secure group communications was proposed. Our proposed scheme handles key distribution through Combinatorial Key Distribution Scheme (CKDS). We followed with key generation using Threshold-based Key Generation in WAHNs (TKGS). For key assignment, we proposed Combinatorial Key Assignment Scheme (CKAS), which assigns closer key strings to co-located nodes. We claim that our architecture can readily be populated with components to support objectives such as fault tolerance, full-distribution and scalability to mitigate WAHNs constraints. In our architecture, group management is integrated with multicast at the application layer.
For key management in WSNs, we started with DCK, a modified scheme suitable for WSNs. In summary, the DCK achieves the following: (1) cluster leader nodes carry the major part of the key management overhead; (2) DCK consumes less than 50% of the energy consumed by SHELL in key management; (3) localizing key refreshment and handling node capture enhances the security by minimizing the amount of information known by each node about other portions of the network; and (4) since DCK does not involve the use of other clusters to maintain local cluster data, it scales better from a storage point of view with the network size represented by the number of clusters.
We went further and proposed the use of key polynomials with DCK to enhance the resilience of multiple node capturing. Comparing our schemes to static and dynamic key management, our scheme was found to enhance network resilience at a smaller polynomial degree t and accordingly with less storage per node
An Authentication Protocol for Future Sensor Networks
Authentication is one of the essential security services in Wireless Sensor
Networks (WSNs) for ensuring secure data sessions. Sensor node authentication
ensures the confidentiality and validity of data collected by the sensor node,
whereas user authentication guarantees that only legitimate users can access
the sensor data. In a mobile WSN, sensor and user nodes move across the network
and exchange data with multiple nodes, thus experiencing the authentication
process multiple times. The integration of WSNs with Internet of Things (IoT)
brings forth a new kind of WSN architecture along with stricter security
requirements; for instance, a sensor node or a user node may need to establish
multiple concurrent secure data sessions. With concurrent data sessions, the
frequency of the re-authentication process increases in proportion to the
number of concurrent connections, which makes the security issue even more
challenging. The currently available authentication protocols were designed for
the autonomous WSN and do not account for the above requirements. In this
paper, we present a novel, lightweight and efficient key exchange and
authentication protocol suite called the Secure Mobile Sensor Network (SMSN)
Authentication Protocol. In the SMSN a mobile node goes through an initial
authentication procedure and receives a re-authentication ticket from the base
station. Later a mobile node can use this re-authentication ticket when
establishing multiple data exchange sessions and/or when moving across the
network. This scheme reduces the communication and computational complexity of
the authentication process. We proved the strength of our protocol with
rigorous security analysis and simulated the SMSN and previously proposed
schemes in an automated protocol verifier tool. Finally, we compared the
computational complexity and communication cost against well-known
authentication protocols.Comment: This article is accepted for the publication in "Sensors" journal. 29
pages, 15 figure
Dynamic key ring update mechanism for mobile wireless sensor networks
Key distribution is an important issue to provide security in Wireless Sensor Networks (WSNs). Many of the key pre-distribution schemes proposed for static WSNs perform poorly when they are applied to Mobile Wireless Sensor Networks (MWSNs). In this paper, we propose Dynamic Key Ring Update (DKRU) mechanism for MWSNs. The aim of DKRU mechanism is to enable sensor nodes to update their key rings periodically during movement, by observing the frequent keys in their neighbors. Our mechanism can be used together with different key pre-distribution schemes and it helps to increase the performance of them. For the performance evaluation basis, we used our mechanism together with a location based key pre-distribution scheme. Our results show that DKRU mechanism increases the local and global connectivity when it is applied to MWSNs. Moreover, our mechanism does not cause a significant degradation in network resiliency
Cross-layer design of multi-hop wireless networks
MULTI -hop wireless networks are usually defined as a collection of nodes
equipped with radio transmitters, which not only have the capability to
communicate each other in a multi-hop fashion, but also to route each others’ data
packets. The distributed nature of such networks makes them suitable for a variety of
applications where there are no assumed reliable central entities, or controllers, and
may significantly improve the scalability issues of conventional single-hop wireless
networks.
This Ph.D. dissertation mainly investigates two aspects of the research issues
related to the efficient multi-hop wireless networks design, namely: (a) network
protocols and (b) network management, both in cross-layer design paradigms to
ensure the notion of service quality, such as quality of service (QoS) in wireless mesh
networks (WMNs) for backhaul applications and quality of information (QoI) in
wireless sensor networks (WSNs) for sensing tasks. Throughout the presentation of
this Ph.D. dissertation, different network settings are used as illustrative examples,
however the proposed algorithms, methodologies, protocols, and models are not
restricted in the considered networks, but rather have wide applicability.
First, this dissertation proposes a cross-layer design framework integrating
a distributed proportional-fair scheduler and a QoS routing algorithm, while using
WMNs as an illustrative example. The proposed approach has significant performance
gain compared with other network protocols. Second, this dissertation proposes
a generic admission control methodology for any packet network, wired and
wireless, by modeling the network as a black box, and using a generic mathematical
0. Abstract 3
function and Taylor expansion to capture the admission impact. Third, this dissertation
further enhances the previous designs by proposing a negotiation process,
to bridge the applications’ service quality demands and the resource management,
while using WSNs as an illustrative example. This approach allows the negotiation
among different service classes and WSN resource allocations to reach the optimal
operational status. Finally, the guarantees of the service quality are extended to
the environment of multiple, disconnected, mobile subnetworks, where the question
of how to maintain communications using dynamically controlled, unmanned data
ferries is investigated
Security and Privacy Issues in Wireless Mesh Networks: A Survey
This book chapter identifies various security threats in wireless mesh
network (WMN). Keeping in mind the critical requirement of security and user
privacy in WMNs, this chapter provides a comprehensive overview of various
possible attacks on different layers of the communication protocol stack for
WMNs and their corresponding defense mechanisms. First, it identifies the
security vulnerabilities in the physical, link, network, transport, application
layers. Furthermore, various possible attacks on the key management protocols,
user authentication and access control protocols, and user privacy preservation
protocols are presented. After enumerating various possible attacks, the
chapter provides a detailed discussion on various existing security mechanisms
and protocols to defend against and wherever possible prevent the possible
attacks. Comparative analyses are also presented on the security schemes with
regards to the cryptographic schemes used, key management strategies deployed,
use of any trusted third party, computation and communication overhead involved
etc. The chapter then presents a brief discussion on various trust management
approaches for WMNs since trust and reputation-based schemes are increasingly
becoming popular for enforcing security in wireless networks. A number of open
problems in security and privacy issues for WMNs are subsequently discussed
before the chapter is finally concluded.Comment: 62 pages, 12 figures, 6 tables. This chapter is an extension of the
author's previous submission in arXiv submission: arXiv:1102.1226. There are
some text overlaps with the previous submissio
- …