Solutions and Tools for Secure Communication in Wireless Sensor Networks

Secure communication is considered a vital requirement in Wireless Sensor Network (WSN) applications. Such a requirement embraces different aspects, including confidentiality, integrity and authenticity of exchanged information, proper management of security material, and effective prevention and reaction against security threats and attacks. However, WSNs are mainly composed of resource-constrained devices. That is, network nodes feature reduced capabilities, especially in terms of memory storage, computing power, transmission rate, and energy availability. As a consequence, assuring secure communication in WSNs results to be more difficult than in other kinds of network. In fact, trading effectiveness of adopted solutions with their efficiency becomes far more important. In addition, specific device classes or technologies may require to design ad hoc security solutions. Also, it is necessary to efficiently manage security material, and dynamically cope with changes of security requirements. Finally, security threats and countermeasures have to be carefully considered since from the network design phase. This Ph.D. dissertion considers secure communication in WSNs, and provides the following contributions. First, we provide a performance evaluation of IEEE 802.15.4 security services. Then, we focus on the ZigBee technology and its security services, and propose possible solutions to some deficiencies and inefficiencies. Second, we present HISS, a highly scalable and efficient key management scheme, able to contrast collusion attacks while displaying a graceful degradation of performance. Third, we present STaR, a software component for WSNs that secures multiple traffic flows at the same time. It is transparent to the application, and provides runtime reconfigurability, thus coping with dynamic changes of security requirements. Finally, we describe ASF, our attack simulation framework for WSNs. Such a tool helps network designers to quantitatively evaluate effects of security attacks, produce an attack ranking based on their severity, and thus select the most appropriate countermeasures

Efficient End-to-End Secure Key Management Protocol for Internet of Things

Internet of things (IoT) has described a futurevision of internetwhere users, computing system, and everyday objects possessing sensing and actuating capabilities are part of distributed applications and required to support standard internet communication with more powerful device or internet hosts. This vision necessitates the security mechanisms for end-to-end communication. A key management protocol is critical to ensuring the secure exchange of data between interconnecting entities, but due to the nature of this communication system where a high resource constrained node may be communicating with node with high energy makes the application of existing key management protocols impossible. In this paper, we propose a new lightweight key management protocol that allows the constrained node in 6loWPAN network to transmit captured data to internet host in secure channel. This protocol is based on cooperation of selected 6loWPAN routers to participate in computation of highly consuming cryptographic primitives. Our protocol is assessed with AVISPA tool, the results show that our scheme ensured security properties

Design of Lightweight Authentication Protocol for Fog enabled Internet of Things- A Centralized Authentication Framework

Internet is a large network of networks that spans the entire globe. Internet is playing indispensable role in our daily lives. The physical things are connected to internet with the help of digital identity. With recent advancement of information and communication technologies IoT became vital part of human life. However, IoT is not having standardized architecture. Nowadays IoT is integrated with fog computing which extends platform of cloud computing by providing computing resources on edges of computer network. Fog computing is motivated by IOT and It is decentralized solution for IoT. In addition, Fog computing has supported features like geographic distribution, low latency, location awareness, operate on premise, installed on heterogeneous hardware. IoT with cloud computing does not have such features. Therefore, in this paper, at first we discuss about the distributed fog computing architecture. Subsequently, we address the problem of authentication and design a new authentication framework for fog enabled IOT environment. It is stated that the proposed authentication framework will be useful in many IoT applications such as healthcare system, transportation system, smart cities, home energy management etc

Revisiting the Feasibility of Public Key Cryptography in Light of IIoT Communications

Digital certificates are regarded as the most secure and scalable way of implementing authentication services in the Internet today. They are used by most popular security protocols, including Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS). The lifecycle management of digital certificates relies on centralized Certification Authority (CA)-based Public Key Infrastructures (PKIs). However, the implementation of PKIs and certificate lifecycle management procedures in Industrial Internet of Things (IIoT) environments presents some challenges, mainly due to the high resource consumption that they imply and the lack of trust in the centralized CAs. This paper identifies and describes the main challenges to implement certificate-based public key cryptography in IIoT environments and it surveys the alternative approaches proposed so far in the literature to address these challenges. Most proposals rely on the introduction of a Trusted Third Party to aid the IIoT devices in tasks that exceed their capacity. The proposed alternatives are complementary and their application depends on the specific challenge to solve, the application scenario, and the capacities of the involved IIoT devices. This paper revisits all these alternatives in light of industrial communication models, identifying their strengths and weaknesses, and providing an in-depth comparative analysis.This work was financially supported by the European commission through ECSEL-JU 2018 program under the COMP4DRONES project (grant agreement N∘ 826610), with national financing from France, Spain, Italy, Netherlands, Austria, Czech, Belgium and Latvia. It was also partially supported by the Ayudas Cervera para Centros Tecnológicos grant of the Spanish Centre for the Development of Industrial Technology (CDTI) under the project EGIDA (CER-20191012), and in part by the Department of Economic Development and Competitiveness of the Basque Government through the project TRUSTIND—Creating Trust in the Industrial Digital Transformation (KK-2020/00054)