4 research outputs found
Securing IP Mobility Management for Vehicular Ad Hoc Networks
The proliferation of Intelligent Transportation Systems (ITSs) applications, such as
Internet access and Infotainment, highlights the requirements for improving the underlying
mobility management protocols for Vehicular Ad Hoc Networks (VANETs). Mobility
management protocols in VANETs are envisioned to support mobile nodes (MNs), i.e.,
vehicles, with seamless communications, in which service continuity is guaranteed while
vehicles are roaming through different RoadSide Units (RSUs) with heterogeneous wireless
technologies.
Due to its standardization and widely deployment, IP mobility (also called Mobile IP
(MIP)) is the most popular mobility management protocol used for mobile networks including
VANETs. In addition, because of the diversity of possible applications, the Internet
Engineering Task Force (IETF) issues many MIP's standardizations, such as MIPv6 and
NEMO for global mobility, and Proxy MIP (PMIPv6) for localized mobility. However,
many challenges have been posed for integrating IP mobility with VANETs, including the
vehicle's high speeds, multi-hop communications, scalability, and ef ficiency. From a security
perspective, we observe three main challenges: 1) each vehicle's anonymity and location
privacy, 2) authenticating vehicles in multi-hop communications, and 3) physical-layer
location privacy.
In transmitting mobile IPv6 binding update signaling messages, the mobile node's Home
Address (HoA) and Care-of Address (CoA) are transmitted as plain-text, hence they can
be revealed by other network entities and attackers. The mobile node's HoA and CoA
represent its identity and its current location, respectively, therefore revealing an MN's HoA
means breaking its anonymity while revealing an MN's CoA means breaking its location
privacy. On one hand, some existing anonymity and location privacy schemes require
intensive computations, which means they cannot be used in such time-restricted seamless
communications. On the other hand, some schemes only achieve seamless communication
through low anonymity and location privacy levels. Therefore, the trade-off between the
network performance, on one side, and the MN's anonymity and location privacy, on the
other side, makes preservation of privacy a challenging issue. In addition, for PMIPv6
to provide IP mobility in an infrastructure-connected multi-hop VANET, an MN uses a
relay node (RN) for communicating with its Mobile Access Gateway (MAG). Therefore,
a mutual authentication between the MN and RN is required to thwart authentication
attacks early in such scenarios. Furthermore, for a NEMO-based VANET infrastructure,
which is used in public hotspots installed inside moving vehicles, protecting physical-layer
location privacy is a prerequisite for achieving privacy in upper-layers such as the IP-layer. Due to the open nature of the wireless environment, a physical-layer attacker can easily
localize users by employing signals transmitted from these users.
In this dissertation, we address those security challenges by proposing three security
schemes to be employed for different mobility management scenarios in VANETs, namely,
the MIPv6, PMIPv6, and Network Mobility (NEMO) protocols.
First, for MIPv6 protocol and based on the onion routing and anonymizer, we propose
an anonymous and location privacy-preserving scheme (ALPP) that involves two complementary
sub-schemes: anonymous home binding update (AHBU) and anonymous return
routability (ARR). In addition, anonymous mutual authentication and key establishment
schemes have been proposed, to authenticate a mobile node to its foreign gateway and
create a shared key between them. Unlike existing schemes, ALPP alleviates the tradeoff
between the networking performance and the achieved privacy level. Combining onion
routing and the anonymizer in the ALPP scheme increases the achieved location privacy
level, in which no entity in the network except the mobile node itself can identify this
node's location. Using the entropy model, we show that ALPP achieves a higher degree of
anonymity than that achieved by the mix-based scheme. Compared to existing schemes,
the AHBU and ARR sub-schemes achieve smaller computation overheads and thwart both
internal and external adversaries. Simulation results demonstrate that our sub-schemes
have low control-packets routing delays, and are suitable for seamless communications.
Second, for the multi-hop authentication problem in PMIPv6-based VANET, we propose
EM3A, a novel mutual authentication scheme that guarantees the authenticity of both
MN and RN. EM3A thwarts authentication attacks, including Denial of service (DoS), collusion,
impersonation, replay, and man-in-the-middle attacks. EM3A works in conjunction
with a proposed scheme for key establishment based on symmetric polynomials, to generate
a shared secret key between an MN and an RN. This scheme achieves lower revocation
overhead than that achieved by existing symmetric polynomial-based schemes. For a PMIP
domain with n points of attachment and a symmetric polynomial of degree t, our scheme
achieves t x 2^n-secrecy, whereas the existing symmetric polynomial-based authentication
schemes achieve only t-secrecy. Computation and communication overhead analysis as well
as simulation results show that EM3A achieves low authentication delay and is suitable
for seamless multi-hop IP communications. Furthermore, we present a case study of a
multi-hop authentication PMIP (MA-PMIP) implemented in vehicular networks. EM3A
represents the multi-hop authentication in MA-PMIP to mutually authenticate the roaming
vehicle and its relay vehicle. Compared to other authentication schemes, we show that our
MA-PMIP protocol with EM3A achieves 99.6% and 96.8% reductions in authentication
delay and communication overhead, respectively.
Finally, we consider the physical-layer location privacy attacks in the NEMO-based
VANETs scenario, such as would be presented by a public hotspot installed inside a moving
vehicle. We modify the obfuscation, i.e., concealment, and power variability ideas and
propose a new physical-layer location privacy scheme, the fake point-cluster based scheme,
to prevent attackers from localizing users inside NEMO-based VANET hotspots. Involving
the fake point and cluster based sub-schemes, the proposed scheme can: 1) confuse
the attackers by increasing the estimation errors of their Received Signal Strength (RSSs)
measurements, and 2) prevent attackers' monitoring devices from detecting the user's transmitted
signals. We show that our scheme not only achieves higher location privacy, but
also increases the overall network performance. Employing correctness, accuracy, and certainty
as three different metrics, we analytically measure the location privacy achieved by
our proposed scheme. In addition, using extensive simulations, we demonstrate that the
fake point-cluster based scheme can be practically implemented in high-speed VANETs'
scenarios
Quality of service and security in future mobile technologies
Future networks will comprise a wide variety of wireless networks. Users will expect to
be always connected from any location, and, as users move, connections will be switched
to available networks using vertical handover techniques.
The current approach of the operators is a centralized network, and the mobility management
is done at the infrastructure level. The decentralized mobility management is
another approach developed in many researches, however, not widely deployed. We are
interested in this type of decentralized mobility management, especially in a highly dynamic
environment when the network topology changes frequently.
We choose a particular case study, Vehicular Ad-hoc Networks (VANETs), which are
a new emerging network technology derived from ad-hoc networks and are an example
of future networks. In the field of Intelligent Transportation Systems (ITS), communications
without a wire between vehicles (V2V) appear as an accident prevention solution
offering a wider vision than conventional sensors. By linking vehicles to telecommunications
network (V2I), new perspectives are offered both passengers and driver with
conventional communication applications such as access Internet, e-learning, games or
chat. This means that future mobile networks like VANETs will have to integrate communications,
mobility, Quality of Service (QoS) and security.
We mainly interested in three issues: mobility, QoS and security. These three issues
are intrinsic to vehicles on motorway networks. We need to simultaneously manage QoS
and security while taking into account users mobility. In this thesis, we propose to contribute
on how to improve security without degrading the quality of service QoS in a
highly mobile environment as VANETs networks. To answer this research question, we
use simulations and experiments. Simulation using Network Simulator 2 (NS2) will be
used to show that security schemes have significant impacts on the throughput QoS, and
our proposed schemes can substantially improve the effective secure throughput with cooperative
communications
Robustness, Security and Privacy in Location-Based Services for Future IoT : A Survey
Internet of Things (IoT) connects sensing devices to the Internet for the purpose of exchanging information. Location information is one of the most crucial pieces of information required to achieve intelligent and context-aware IoT systems. Recently, positioning and localization functions have been realized in a large amount of IoT systems. However, security and privacy threats related to positioning in IoT have not been sufficiently addressed so far. In this paper, we survey solutions for improving the robustness, security, and privacy of location-based services in IoT systems. First, we provide an in-depth evaluation of the threats and solutions related to both global navigation satellite system (GNSS) and non-GNSS-based solutions. Second, we describe certain cryptographic solutions for security and privacy of positioning and location-based services in IoT. Finally, we discuss the state-of-the-art of policy regulations regarding security of positioning solutions and legal instruments to location data privacy in detail. This survey paper addresses a broad range of security and privacy aspects in IoT-based positioning and localization from both technical and legal points of view and aims to give insight and recommendations for future IoT systems providing more robust, secure, and privacy-preserving location-based services.Peer reviewe
Proceedings of the Third Edition of the Annual Conference on Wireless On-demand Network Systems and Services (WONS 2006)
Ce fichier regroupe en un seul documents l'ensemble des articles accéptés pour la conférences WONS2006/http://citi.insa-lyon.fr/wons2006/index.htmlThis year, 56 papers were submitted. From the Open Call submissions we accepted 16 papers as full papers (up to 12 pages) and 8 papers as short papers (up to 6 pages). All the accepted papers will be presented orally in the Workshop sessions. More precisely, the selected papers have been organized in 7 session: Channel access and scheduling, Energy-aware Protocols, QoS in Mobile Ad-Hoc networks, Multihop Performance Issues, Wireless Internet, Applications and finally Security Issues. The papers (and authors) come from all parts of the world, confirming the international stature of this Workshop. The majority of the contributions are from Europe (France, Germany, Greece, Italy, Netherlands, Norway, Switzerland, UK). However, a significant number is from Australia, Brazil, Canada, Iran, Korea and USA. The proceedings also include two invited papers. We take this opportunity to thank all the authors who submitted their papers to WONS 2006. You helped make this event again a success