A hierarchical key pre-distribution scheme for fog networks

Security in fog computing is multi-faceted, and one particular challenge is establishing a secure communication channel between fog nodes and end devices. This emphasizes the importance of designing efficient and secret key distribution scheme to facilitate fog nodes and end devices to establish secure communication channels. Existing secure key distribution schemes designed for hierarchical networks may be deployable in fog computing, but they incur high computational and communication overheads and thus consume significant memory. In this paper, we propose a novel hierarchical key pre-distribution scheme based on “Residual Design” for fog networks. The proposed key distribution scheme is designed to minimize storage overhead and memory consumption, while increasing network scalability. The scheme is also designed to be secure against node capture attacks. We demonstrate that in an equal-size network, our scheme achieves around 84% improvement in terms of node storage overhead, and around 96% improvement in terms of network scalability. Our research paves the way for building an efficient key management framework for secure communication within the hierarchical network of fog nodes and end devices. KEYWORDS: Fog Computing, Key distribution, Hierarchical Networks

A hierarchical key pre-distribution scheme for fog networks

Security in fog computing is multi-faceted, and one particular challenge is establishing a secure communication channel between fog nodes and end devices. This emphasizes the importance of designing efficient and secret key distribution scheme to facilitate fog nodes and end devices to establish secure communication channels. Existing secure key distribution schemes designed for hierarchical networks may be deployable in fog computing, but they incur high computational and communication overheads and thus consume significant memory. In this paper, we propose a novel hierarchical key pre-distribution scheme based on “Residual Design” for fog networks. The proposed key distribution scheme is designed to minimize storage overhead and memory consumption, while increasing network scalability. The scheme is also designed to be secure against node capture attacks. We demonstrate that in an equal-size network, our scheme achieves around 84% improvement in terms of node storage overhead, and around 96% improvement in terms of network scalability. Our research paves the way for building an efficient key management framework for secure communication within the hierarchical network of fog nodes and end devices. KEYWORDS: Fog Computing, Key distribution, Hierarchical Networks

Combinatorial design-based key pre-distribution schemes for wireless sensor networks

Identification of interface residues involved in protein-protein and protein-DNA interactions is critical for understanding the functions of biological systems. Because identifying interface residues using experimental methods cannot catch up with the pace at which protein sequences are determined, computational methods that can identify interface residues are urgently needed. In this study, we apply machine-learning methods to identify interface residues with the focus on the methods using amino acid sequence information alone. We have developed classifiers for identification of the residues involved in protein-protein and protein-DNA interactions using a window of primary sequence as input. The classifiers were evaluated using both representative datasets and specific cases of interest based on multiple measurements. The results have shown the feasibility of identifying interface residues from sequence. We have also explored information besides primary sequence to improve the performance of sequence-based classifiers. The results show that the performance of sequence-based classifiers can be improved by using solvent accessibility and sequence entropy of the target residue as additional inputs. We have developed a database of protein-protein interfaces that consists of all the protein-protein interfaces derived from the Protein Data Bank. This database, for the fist time, makes possible the quick and flexible retrieval of interface sets and various interface features. We have systematically analyzed the characteristics of interfaces using the largest dataset available. In particular, we compared interfaces with the samples that had the same solvent accessibility as the interfaces. This strategy excludes the effect of solvent accessibility on the distributions of residues, secondary structure, and sequence entropy

Key Pre-distribution and Key Revocation in Wireless Sensor Networks

Sensor networks are composed of resource constrained tiny sensor devices. They have less computational power and memory. Communication in sensor network is done in multi-hop, and for secure communication, neighboring sensor nodes must possess a secret common key among them. Symmetric and public key cryptography require more processing and memory space. Hence, they are not suitable for sensor network. Key pre-distribution is a widely accepted mechanism for key distribution in sensor network. In this thesis we proposed a deterministic key pre-distribution scheme using BCH codes. We mapped the BCH code to key identifier and the keys corresponding to each key identifier are installed into the sensor nodes before deployment. We compared our proposed scheme with existing one and found that it has a better resiliency. Our proposed scheme is scalable and requires the same or less number of keys for a given number of nodes than the existing well known schemes. We have also proposed an efficient key revocation technique using a novel distributed voting mechanism in which neighboring nodes of a sensor can vote against it if they suspect the node to be a compromised one. In the proposed key revocation scheme compromised nodes as well as the compromised keys are completely removed from the network

Analysis of key predistribution schemes in wireless sensor networks

Combinatorial designs are used for designing key predistribution schemes that are applied to wireless sensor networks in communications. This helps in building a secure channel. Private-key cryptography helps to determine a common key between a pair of nodes in sensor networks. Wireless sensor networks using key predistribution schemes have many useful applications in military and civil operations. When designs are efficiently implemented on sensor networks, blocks with unique keys will be the result. One such implementation is a transversal design which follows the principle of simple key establishment. Analysis of designs and modeling the key schemes are the subjects of this project

Application of Transversal Design and Secure Path Key Establishment for Key Pre-Distribution in WSN

Wireless sensor network is composed of a number of sensor devices which can communicate with each other through radio wave. The sensor devices are limited with computation ability, communication ability, and memory capacity and battery power. This makes the implementation of any task in Wireless Sensor Network is very challenging. Amid various requirements, secure communication in Wireless sensor Network is a major requirement. Suppose two or more sensor nodes want to communicate with each other securely, they need such an environment which can fulfill all the security requirements amid the constraints mentioned earlier. Therefore, secure communication in this network is not an easy task. Two or more nodes can communicate using any cryptography scheme which can be applicable to this network. Nodes under communication process have to use one or more key for encryption and decryption. Single key for the entire network can serve for encryption and decryption of shared information. However compromising of that key may reveal the whole communication in the network. Therefore, although a single key for an entire network provides a certain range of security to the communication of the network, the resiliency of the network is very low which is not at all acceptable for secure communication. Keeping shared keys for every other node in the network is another option. However, increment of number of nodes in the network increases the key ring size of each node. Although it provides maximum resiliency, however, it suffers from non scalability due to memory constraints of sensor node. Another scheme is public key cryptography, which requires public key and private key for secure communication. It provides good resiliency to the network. However, it consumes much computation which is a limitation for its application in wireless sensor network. Key pre-distribution is an optimum scheme which loads a finite number of keys to each node taking from a set of predefined keys before deployment of the network. Pair of node which wants to communicate with each other searches for existence of any common key between them and if find start communication using that common key. If no such common key found, they establish a path for exchange of temporarily generated key and start communication using that key. Several key pre-distribution schemes have been proposed for distributing keys for secure communication. Pre-key distribution with merging of blocks is one of the major key pre-distribution schemes. We have studied that merging of nodes randomly incurred an amount of communication cost due to its randomness. We propose a scheme which will merge different blocks in a deterministic way yields a pattern of block ids in a node. Our aim is to decrease the communication task during key establishment. For our case, the communication cost during common key establishment is only O(1) which is constant, whereas in case of random merging it is O(z), where z is the merging factor. Therefore, scheme proposed by us mostly suitable for this type of network. Again in case of those communications which require temporary key, the communication is not secure due to the fact that if any intermediate nodes in the path between actual communicators become compromise, then the newly generated communication is revealed to the attacker. We have proposed two schemes which provide security to such temporarily generated key. One of them is Identity based public key cryptography for path key establishment which exchange the newly generated temporary key using Identity based public key encryption process using ηT pairing as bilinear tool. Although Public key encryption along with pairing needs only once for a particular session, however, due to public key encryption, it may not be appropriate for Wireless Sensor Networks. Therefore, we have revised our scheme and proposed another scheme Identity based symmetric key cryptography for path key establishment. This scheme consumes less computation cost due to symmetric approach for encryption of temporarily generated key. Therefore, this scheme is more appropriate for application in wireless Sensor Networks. Thus for the purpose of our thesis work, we have proposed a scheme which optimize the Key-pre Distribution strategy by using Deterministic technique of merging blocks to form node and hence facilitates less communication cost for pair-wise common key establishment. Again, for securing temporary key during Path Key Establishment, we have proposed two schemes which provide full security to the temporary key

Hash Chains Sensornet: A Key Predistribution Scheme for Distributed Sensor Networks Using Nets and Hash Chains

Key management is an essential functionality for a security protocol; particularly for implementations to low cost devices of a distributed sensor networks (DSN)–a prototype of Internet of Things (IoT). Constraints in resources of the constituent devices of a low cost IoT (sensors of DSN) restricts implementations of computationally heavy public key cryptosystems. This led to adaptation of the novel key predistribution technique in symmetric key platform to efficiently tackle the problem of key management for these resource starved networks. Initial proposals use random graphs, later key predistribution schemes (KPS) exploit combinatorial approaches to assure essential design properties. Combinatorial designs like a (v, b, r, k)– configuration which forms a µ–CID are effective schemes to design KPS. A net in a vector space is a set of cosets of certain kind of subspaces called partial spread. A µ(v, b, r, k)–CID can be formed from a net. In this paper, we propose a key predistribution scheme for DSN, named as Sensornet, using a net. We observe that any deterministic KPS suffer from “smart attack” and hence devise a generic method to eliminate it. Resilience of a KPS can be improved by clever Hash Chains technique introduced by Bechkit et al. We improve our Sensornet to achieve Hash Chains Sensornet (HC(Sensornet)) by the applications of these two generic methods. Effectiveness of Sensornet and HC(Sensornet) in term of crucial metrics in comparison to other prominent schemes has been theoretically established

New Approach of Deterministic Key Pre-distribution Scheme Using Triangle Free Quasi Symmetric Designs

A wireless sensor network (WSN) consists of tiny autonomous sensor nodes with some constraints. There are organizations having moderately necessitates of these kind of networks. So, security become an indispensable concern in WSN, due to potential adversaries. To overcome the security problem, keys are pre-loaded to the nodes before deployment. Among all key distribution schemes, deterministic key pre-distribution scheme (KPS) using combinatorial design is efficient regarding security aspect. In this paper, a deterministic approach, based on combinatorial design, for key assignment before the network deployment has been presented. Here the quasi-symmetric design which is of triangle-free is being used to present the new KPS for sensor networks. Due to this approach each sensor node either will contain a key-chain or will communicate through a key-path. This will improve the resiliency and achieve the sufficient level of security in the network. This design can also be used when a large number of nodes are being deployed in WSN

Camera Planning and Fusion in a Heterogeneous Camera Network

Wide-area camera networks are becoming more and more common. They have widerange of commercial and military applications from video surveillance to smart home and from traffic monitoring to anti-terrorism. The design of such a camera network is a challenging problem due to the complexity of the environment, self and mutual occlusion of moving objects, diverse sensor properties and a myriad of performance metrics for different applications. In this dissertation, we consider two such challenges: camera planing and camera fusion. Camera planning is to determine the optimal number and placement of cameras for a target cost function. Camera fusion describes the task of combining images collected by heterogenous cameras in the network to extract information pertinent to a target application. I tackle the camera planning problem by developing a new unified framework based on binary integer programming (BIP) to relate the network design parameters and the performance goals of a variety of camera network tasks. Most of the BIP formulations are NP hard problems and various approximate algorithms have been proposed in the literature. In this dissertation, I develop a comprehensive framework in comparing the entire spectrum of approximation algorithms from Greedy, Markov Chain Monte Carlo (MCMC) to various relaxation techniques. The key contribution is to provide not only a generic formulation of the camera planning problem but also novel approaches to adapt the formulation to powerful approximation schemes including Simulated Annealing (SA) and Semi-Definite Program (SDP). The accuracy, efficiency and scalability of each technique are analyzed and compared in depth. Extensive experimental results are provided to illustrate the strength and weakness of each method. The second problem of heterogeneous camera fusion is a very complex problem. Information can be fused at different levels from pixel or voxel to semantic objects, with large variation in accuracy, communication and computation costs. My focus is on the geometric transformation of shapes between objects observed at different camera planes. This so-called the geometric fusion approach usually provides the most reliable fusion approach at the expense of high computation and communication costs. To tackle the complexity, a hierarchy of camera models with different levels of complexity was proposed to balance the effectiveness and efficiency of the camera network operation. Then different calibration and registration methods are proposed for each camera model. At last, I provide two specific examples to demonstrate the effectiveness of the model: 1)a fusion system to improve the segmentation of human body in a camera network consisted of thermal and regular visible light cameras and 2) a view dependent rendering system by combining the information from depth and regular cameras to collecting the scene information and generating new views in real time