35,173 research outputs found
Design of Self-Healing Key Distribution Schemes
A self-healing key distribution scheme enables dynamic groups of users of an unreliable network to establish group keys for secure communication. In such a scheme, a group manager, at the beginning of each session, in order to provide a key to each member of the group, sends packets over a broadcast channel. Every user, belonging to the group, computes the group key by using the packets and some private information. The group manager can start multiple sessions during a certain time-interval, by adding/removing users to/from the initial group. The main property of the scheme is that, if during a certain session some broadcasted packet gets lost, then users are still capable of recovering the group key for that session simply by using the packets they have received during a previous session and the packets they will receive at the beginning of a subsequent one, without requesting additional transmission from the group manager. Indeed, the only requirement that must be satisfied, in order for the user to recover the lost keys, is membership in the group both before and after the sessions in which the broadcast messages containing the keys are sent. This novel and appealing approach to key distribution is quite suitable in certain military applications and in several Internet-related settings, where high security requirements need to be satisfied. In this paper we continue the study of self-healing key distribution schemes, introduced by Staddon et al. [37]. We analyze some existing constructions: we show an attack that can be applied to one of these constructions, in order to recover session keys, and two problems in another construction. Then, we present a new mechanism for implementing the self-healing approach, and we present an efficient construction which is optimal in terms of user memory storage. Finally, we extend the self-healing approach to key distribution, and we present a scheme which enables a user to recover from a single broadcast message all keys associated with sessions in which he is member of the communication group
Trade-Off between Collusion Resistance and User Life Cycle in Self-Healing Key Distributions with t-Revocation
We solve the problem of resisting the collusion
attack in the one-way hash chain based self-healing key distributions introduced by Dutta et al., coupling it with the prearranged life cycle based approach of Tian et al. that uses the same self-healing mechanism introduced in Dutta et al. Highly efficient schemes are developed compared to the existing works with the trade-off in pre-arranged life cycles on users by the group manager and a slight increase in the storage overhead. For scalability of business it is often necessary to design more innovation and flexible business strategies in certain business models that allow contractual subscription or rental, such as subscription of mobile connection or TV channel for a
pre-defined period. The subscribers are not allowed to revoke before their contract periods (life cycles) are over. Our schemes fit into such business environment. The proposed schemes are proven to be computationally secure and resist collusion between new joined users and revoked users together with forward and backward secrecy. The security proof is in an appropriate security model. Moreover, our schemes do not forbid revoked users from rejoining in later sessions unlike the existing self-
healing key distribution schemes
Multiphase deployment models for fast self healing in wireless sensor networks
The majority of studies on security in resource limited wireless sensor networks (WSN) focus on finding an efficient balance among energy consumption, computational speed and memory usage. Besides these resources, time is a relatively immature aspect that can be considered in system design and performance evaluations. In a recent study(Castelluccia and Spognardi, 2007), the time dimension is used to lower the ratio of compromised links, thus, improving resiliency in key distribution in WSNs. This is achieved by making
the old and possibly compromised keys useful only for a limited amount of time. In this way, the effect of compromised keys diminish in time, so the WSN selfheals. In this study we further manipulate the time dimension and propose a deployment model that speeds up the resilience improvement process with a tradeoff between connectivity and resiliency. In our method, self healing speeds up by introducing nodes that belong to future generations in the time scale. In this way, the duration that the adversary can make use of compromised keys become smaller
A highly resilient and zone-based key predistribution protocol for multiphase wireless sensor networks
Pairwise key distribution among the sensor nodes is an essential problem for providing security in Wireless Sensor Networks (WSNs). The common approach for this problem is random key predistribution, which suffers from resiliency issues in case of node captures by adversaries. In the literature, the resiliency problem is addressed by zone-based deployment models that use prior deployment knowledge. Another remedy in the literature, which is for multiphase WSNs, aims to provide self-healing property via periodic deployments of sensor nodes with fresh keys over the sensor field. However, to the best of our knowledge, these two approaches have never been combined before in the literature. In this paper, we propose a zone-based key predistribution approach for multiphase WSNs. Our approach combines the best parts of these approaches and provides self-healing property with up to 9-fold more resiliency as compared to an existing scheme. Moreover, our scheme ensures almost 100% secure connectivity, which means a sensor node shares at least one key with almost all of its neighbors
KALwEN+: Practical Key Management Schemes for Gossip-Based Wireless Medical Sensor Networks
The constrained resources of sensors restrict the design of a key management scheme for wireless sensor networks (WSNs). In this work, we first formalize the security model of ALwEN, which is a gossip-based wireless medical sensor network (WMSN) for ambient assisted living. Our security model considers the node capture, the gossip-based network and the revocation problems, which should be valuable for ALwEN-like applications. Based on Shamir's secret sharing technique, we then propose two key management schemes for ALwEN, namely the KALwEN+ schemes, which are proven with the security properties defined in the security model. The KALwEN+ schemes not only fit ALwEN, but also can be tailored to other scalable wireless sensor networks based on gossiping
Organic Design of Massively Distributed Systems: A Complex Networks Perspective
The vision of Organic Computing addresses challenges that arise in the design
of future information systems that are comprised of numerous, heterogeneous,
resource-constrained and error-prone components or devices. Here, the notion
organic particularly highlights the idea that, in order to be manageable, such
systems should exhibit self-organization, self-adaptation and self-healing
characteristics similar to those of biological systems. In recent years, the
principles underlying many of the interesting characteristics of natural
systems have been investigated from the perspective of complex systems science,
particularly using the conceptual framework of statistical physics and
statistical mechanics. In this article, we review some of the interesting
relations between statistical physics and networked systems and discuss
applications in the engineering of organic networked computing systems with
predictable, quantifiable and controllable self-* properties.Comment: 17 pages, 14 figures, preprint of submission to Informatik-Spektrum
published by Springe
Software Defined Networks based Smart Grid Communication: A Comprehensive Survey
The current power grid is no longer a feasible solution due to
ever-increasing user demand of electricity, old infrastructure, and reliability
issues and thus require transformation to a better grid a.k.a., smart grid
(SG). The key features that distinguish SG from the conventional electrical
power grid are its capability to perform two-way communication, demand side
management, and real time pricing. Despite all these advantages that SG will
bring, there are certain issues which are specific to SG communication system.
For instance, network management of current SG systems is complex, time
consuming, and done manually. Moreover, SG communication (SGC) system is built
on different vendor specific devices and protocols. Therefore, the current SG
systems are not protocol independent, thus leading to interoperability issue.
Software defined network (SDN) has been proposed to monitor and manage the
communication networks globally. This article serves as a comprehensive survey
on SDN-based SGC. In this article, we first discuss taxonomy of advantages of
SDNbased SGC.We then discuss SDN-based SGC architectures, along with case
studies. Our article provides an in-depth discussion on routing schemes for
SDN-based SGC. We also provide detailed survey of security and privacy schemes
applied to SDN-based SGC. We furthermore present challenges, open issues, and
future research directions related to SDN-based SGC.Comment: Accepte
A cell outage management framework for dense heterogeneous networks
In this paper, we present a novel cell outage management (COM) framework for heterogeneous networks with split control and data planes-a candidate architecture for meeting future capacity, quality-of-service, and energy efficiency demands. In such an architecture, the control and data functionalities are not necessarily handled by the same node. The control base stations (BSs) manage the transmission of control information and user equipment (UE) mobility, whereas the data BSs handle UE data. An implication of this split architecture is that an outage to a BS in one plane has to be compensated by other BSs in the same plane. Our COM framework addresses this challenge by incorporating two distinct cell outage detection (COD) algorithms to cope with the idiosyncrasies of both data and control planes. The COD algorithm for control cells leverages the relatively larger number of UEs in the control cell to gather large-scale minimization-of-drive-test report data and detects an outage by applying machine learning and anomaly detection techniques. To improve outage detection accuracy, we also investigate and compare the performance of two anomaly-detecting algorithms, i.e., k-nearest-neighbor- and local-outlier-factor-based anomaly detectors, within the control COD. On the other hand, for data cell COD, we propose a heuristic Grey-prediction-based approach, which can work with the small number of UE in the data cell, by exploiting the fact that the control BS manages UE-data BS connectivity and by receiving a periodic update of the received signal reference power statistic between the UEs and data BSs in its coverage. The detection accuracy of the heuristic data COD algorithm is further improved by exploiting the Fourier series of the residual error that is inherent to a Grey prediction model. Our COM framework integrates these two COD algorithms with a cell outage compensation (COC) algorithm that can be applied to both planes. Our COC solution utilizes an actor-critic-based reinforcement learning algorithm, which optimizes the capacity and coverage of the identified outage zone in a plane, by adjusting the antenna gain and transmission power of the surrounding BSs in that plane. The simulation results show that the proposed framework can detect both data and control cell outage and compensate for the detected outage in a reliable manner
- …