20 research outputs found

    Secure and seamless prepayment for wireless mesh networks

    Get PDF
    Wireless Mesh Network (WMN) is multi-hop high-speed networking technology for broadband access. Compared to conventional network service providing systems, WMNs are easy to deploy and cost-effective. In this thesis, we propose a secure and seamless prepayment system for the Internet access through WMNs (SSPayWMN). Practical payment systems for network access generally depend on trustworthiness of service provider. However, in real life, service providers may unintentionally overcharge their clients. This misbehavior in the system may cause disputes between the clients and the service providers. Even if the service provider is rightful, it is very difficult to convince the customer since the service providers generally do not have justifiable proofs that can easily be denied by the clients. The main goal of SSPayWMN is to provide a secure payment scheme, which is fair to both operators and clients. Using cryptographic tools and techniques, all system entities are able to authenticate each other and provide/get service in an undeniable way. Moreover, SSPayWMN provides privacy and untraceability in order not to track down particular user’s network activities. We implemented SSPayWMN on a network simulator (ns-3) and performed performance evaluation to understand the latency caused by the system's protocols. Our results show that our protocols achieve low steady state latency and in overall put very little burden on the system

    Network Coding based Information Security in Multi-hop Wireless Networks

    Get PDF
    Multi-hop Wireless Networks (MWNs) represent a class of networks where messages are forwarded through multiple hops of wireless transmission. Applications of this newly emerging communication paradigm include asset monitoring wireless sensor networks (WSNs), command communication mobile ad hoc networks (MANETs), community- or campus-wide wireless mesh networks (WMNs), etc. Information security is one of the major barriers to the wide-scale deployment of MWNs but has received little attention so far. On the one hand, due to the open wireless channels and multi-hop wireless transmissions, MWNs are vulnerable to various information security threats such as eavesdropping, data injection/modification, node compromising, traffic analysis, and flow tracing. On the other hand, the characteristics of MWNs including the vulnerability of intermediate network nodes, multi-path packet forwarding, and limited computing capability and storage capacity make the existing information security schemes designed for the conventional wired networks or single-hop wireless networks unsuitable for MWNs. Therefore, newly designed schemes are highly desired to meet the stringent security and performance requirements for the information security of MWNs. In this research, we focus on three fundamental information security issues in MWNs: efficient privacy preservation for source anonymity, which is critical to the information security of MWNs; the traffic explosion issue, which targets at preventing denial of service (DoS) and enhancing system availability; and the cooperative peer-to-peer information exchange issue, which is critical to quickly achieve maximum data availability if the base station is temporarily unavailable or the service of the base station is intermittent. We have made the following three major contributions. Firstly, we identify the severe threats of traffic analysis/flow tracing attacks to the information security in network coding enabled MWNs. To prevent these attacks and achieve source anonymity in MWNs, we propose a network coding based privacy-preserving scheme. The unique “mixing” feature of network coding is exploited in the proposed scheme to confuse adversaries from conducting advanced privacy attacks, such as time correlation, size correlation, and message content correlation. With homomorphic encryption functions, the proposed scheme can achieve both privacy preservation and data confidentiality, which are two critical information security requirements. Secondly, to prevent traffic explosion and at the same time achieve source unobservability in MWNs, we propose a network coding based privacy-preserving scheme, called SUNC (Source Unobservability using Network Coding). Network coding is utilized in the scheme to automatically absorb dummy messages at intermediate network nodes, and thus, traffic explosion induced denial of service (DoS) can be naturally prevented to ensure the system availability. In addition to ensuring system availability and achieving source unobservability, SUNC can also thwart internal adversaries. Thirdly, to enhance the data availability when a base station is temporarily unavailable or the service of the base station is intermittent, we propose a cooperative peer-to-peer information exchange scheme based on network coding. The proposed scheme can quickly accomplish optimal information exchange in terms of throughput and transmission delay. For each research issue, detailed simulation results in terms of computational overhead, transmission efficiency, and communication overhead, are given to demonstrate the efficacy and efficiency of the proposed solutions

    Secure and Privacy-Preserving Data Aggregation Protocols for Wireless Sensor Networks

    Get PDF
    This chapter discusses the need of security and privacy protection mechanisms in aggregation protocols used in wireless sensor networks (WSN). It presents a comprehensive state of the art discussion on the various privacy protection mechanisms used in WSNs and particularly focuses on the CPDA protocols proposed by He et al. (INFOCOM 2007). It identifies a security vulnerability in the CPDA protocol and proposes a mechanism to plug that vulnerability. To demonstrate the need of security in aggregation process, the chapter further presents various threats in WSN aggregation mechanisms. A large number of existing protocols for secure aggregation in WSN are discussed briefly and a protocol is proposed for secure aggregation which can detect false data injected by malicious nodes in a WSN. The performance of the protocol is also presented. The chapter concludes while highlighting some future directions of research in secure data aggregation in WSNs.Comment: 32 pages, 7 figures, 3 table

    Design and Analysis of Security Schemes for Low-cost RFID Systems

    Get PDF
    With the remarkable progress in microelectronics and low-power semiconductor technologies, Radio Frequency IDentification technology (RFID) has moved from obscurity into mainstream applications, which essentially provides an indispensable foundation to realize ubiquitous computing and machine perception. However, the catching and exclusive characteristics of RFID systems introduce growing security and privacy concerns. To address these issues are particularly challenging for low-cost RFID systems, where tags are extremely constrained in resources, power and cost. The primary reasons are: (1) the security requirements of low-cost RFID systems are even more rigorous due to large operation range and mass deployment; and (2) the passive tags' modest capabilities and the necessity to keep their prices low present a novel problem that goes beyond the well-studied problems of traditional cryptography. This thesis presents our research results on the design and the analysis of security schemes for low-cost RFID systems. Motivated by the recent attention on exploiting physical layer resources in the design of security schemes, we investigate how to solve the eavesdropping, modification and one particular type of relay attacks toward the tag-to-reader communication in passive RFID systems without requiring lightweight ciphers. To this end, we propose a novel physical layer scheme, called Backscatter modulation- and Uncoordinated frequency hopping-assisted Physical Layer Enhancement (BUPLE). The idea behind it is to use the amplitude of the carrier to transmit messages as normal, while to utilize its periodically varied frequency to hide the transmission from the eavesdropper/relayer and to exploit a random sequence modulated to the carrier's phase to defeat malicious modifications. We further improve its eavesdropping resistance through the coding in the physical layer, since BUPLE ensures that the tag-to-eavesdropper channel is strictly noisier than the tag-to-reader channel. Three practical Wiretap Channel Codes (WCCs) for passive tags are then proposed: two of them are constructed from linear error correcting codes, and the other one is constructed from a resilient vector Boolean function. The security and usability of BUPLE in conjunction with WCCs are further confirmed by our proof-of-concept implementation and testing. Eavesdropping the communication between a legitimate reader and a victim tag to obtain raw data is a basic tool for the adversary. However, given the fundamentality of eavesdropping attacks, there are limited prior work investigating its intension and extension for passive RFID systems. To this end, we firstly identified a brand-new attack, working at physical layer, against backscattered RFID communications, called unidirectional active eavesdropping, which defeats the customary impression that eavesdropping is a ``passive" attack. To launch this attack, the adversary transmits an un-modulated carrier (called blank carrier) at a certain frequency while a valid reader and a tag interacts at another frequency channel. Once the tag modulates the amplitude of reader's signal, it causes fluctuations on the blank carrier as well. By carefully examining the amplitude of the backscattered versions of the blank carrier and the reader's carrier, the adversary could intercept the ongoing reader-tag communication with either significantly lower bit error rate or from a significantly greater distance away. Our concept is demonstrated and empirically analyzed towards a popular low-cost RFID system, i.e., EPC Gen2. Although active eavesdropping in general is not trivial to be prohibited, for a particular type of active eavesdropper, namely a greedy proactive eavesdropper, we propose a simple countermeasure without introducing extra cost to current RFID systems. The needs of cryptographic primitives on constraint devices keep increasing with the growing pervasiveness of these devices. One recent design of the lightweight block cipher is Hummingbird-2. We study its cryptographic strength under a novel technique we developed, called Differential Sequence Attack (DSA), and present the first cryptanalytic result on this cipher. In particular, our full attack can be divided into two phases: preparation phase and key recovery phase. During the key recovery phase, we exploit the fact that the differential sequence for the last round of Hummingbird-2 can be retrieved by querying the full cipher, due to which, the search space of the secret key can be significantly reduced. Thus, by attacking the encryption (decryption resp.) of Hummingbird-2, our algorithm recovers 36-bit (another 28-bit resp.) out of 128-bit key with 2682^{68} (2602^{60} resp.) time complexity if particular differential conditions of the internal states and of the keys at one round can be imposed. Additionally, the rest 64-bit of the key can be exhaustively searched and the overall time complexity is dominated by 2682^{68}. During the preparation phase, by investing 2812^{81} effort in time, the adversary is able to create the differential conditions required in the key recovery phase with at least 0.5 probability. As an additional effort, we examine the cryptanalytic strength of another lightweight candidate known as A2U2, which is the most lightweight cryptographic primitive proposed so far for low-cost tags. Our chosen-plaintext-attack fully breaks this cipher by recovering its secret key with only querying the encryption twice on the victim tag and solving 32 sparse systems of linear equations (where each system has 56 unknowns and around 28 unknowns can be directly obtained without computation) in the worst case, which takes around 0.16 second on a Thinkpad T410 laptop

    Towards end-to-end security in internet of things based healthcare

    Get PDF
    Healthcare IoT systems are distinguished in that they are designed to serve human beings, which primarily raises the requirements of security, privacy, and reliability. Such systems have to provide real-time notifications and responses concerning the status of patients. Physicians, patients, and other caregivers demand a reliable system in which the results are accurate and timely, and the service is reliable and secure. To guarantee these requirements, the smart components in the system require a secure and efficient end-to-end communication method between the end-points (e.g., patients, caregivers, and medical sensors) of a healthcare IoT system. The main challenge faced by the existing security solutions is a lack of secure end-to-end communication. This thesis addresses this challenge by presenting a novel end-to-end security solution enabling end-points to securely and efficiently communicate with each other. The proposed solution meets the security requirements of a wide range of healthcare IoT systems while minimizing the overall hardware overhead of end-to-end communication. End-to-end communication is enabled by the holistic integration of the following contributions. The first contribution is the implementation of two architectures for remote monitoring of bio-signals. The first architecture is based on a low power IEEE 802.15.4 protocol known as ZigBee. It consists of a set of sensor nodes to read data from various medical sensors, process the data, and send them wirelessly over ZigBee to a server node. The second architecture implements on an IP-based wireless sensor network, using IEEE 802.11 Wireless Local Area Network (WLAN). The system consists of a IEEE 802.11 based sensor module to access bio-signals from patients and send them over to a remote server. In both architectures, the server node collects the health data from several client nodes and updates a remote database. The remote webserver accesses the database and updates the webpage in real-time, which can be accessed remotely. The second contribution is a novel secure mutual authentication scheme for Radio Frequency Identification (RFID) implant systems. The proposed scheme relies on the elliptic curve cryptography and the D-Quark lightweight hash design. The scheme consists of three main phases: (1) reader authentication and verification, (2) tag identification, and (3) tag verification. We show that among the existing public-key crypto-systems, elliptic curve is the optimal choice due to its small key size as well as its efficiency in computations. The D-Quark lightweight hash design has been tailored for resource-constrained devices. The third contribution is proposing a low-latency and secure cryptographic keys generation approach based on Electrocardiogram (ECG) features. This is performed by taking advantage of the uniqueness and randomness properties of ECG's main features comprising of PR, RR, PP, QT, and ST intervals. This approach achieves low latency due to its reliance on reference-free ECG's main features that can be acquired in a short time. The approach is called Several ECG Features (SEF)-based cryptographic key generation. The fourth contribution is devising a novel secure and efficient end-to-end security scheme for mobility enabled healthcare IoT. The proposed scheme consists of: (1) a secure and efficient end-user authentication and authorization architecture based on the certificate based Datagram Transport Layer Security (DTLS) handshake protocol, (2) a secure end-to-end communication method based on DTLS session resumption, and (3) support for robust mobility based on interconnected smart gateways in the fog layer. Finally, the fifth and the last contribution is the analysis of the performance of the state-of-the-art end-to-end security solutions in healthcare IoT systems including our end-to-end security solution. In this regard, we first identify and present the essential requirements of robust security solutions for healthcare IoT systems. We then analyze the performance of the state-of-the-art end-to-end security solutions (including our scheme) by developing a prototype healthcare IoT system

    Fortified End-to-End Location Privacy and Anonymity in Wireless Sensor Networks: a Modular Approach

    Get PDF
    Wireless sensor network (WSN) consists of many hosts called sensors. These sensors can sense a phenomenon (motion, temperature, humidity, average, max, min, etc.) and represent what they sense in a form of data. There are many applications for WSNs; including object tracking and monitoring where in most of the cases these objects need protection. In these applications, data privacy itself might not be as important as the privacy of source location. In addition to the source location privacy, sink location privacy should also be provided. Providing an efficient end-to-end privacy solution would be a challenging task to achieve due to the open nature of the WSN. The key schemes needed for end-to-end location privacy are anonymity, observability, capture likelihood, and safety period. We extend this work to allow for countermeasures against multi-local and global adversaries. We present a network model that is protected against a sophisticated threat model: passive /active and local/multi-local/global attacks. This work provides a solution for end-to-end anonymity and location privacy as well. We will introduce a framework called fortified anonymous communication (FAC) protocol for WSN

    Secure covert communications over streaming media using dynamic steganography

    Get PDF
    Streaming technologies such as VoIP are widely embedded into commercial and industrial applications, so it is imperative to address data security issues before the problems get really serious. This thesis describes a theoretical and experimental investigation of secure covert communications over streaming media using dynamic steganography. A covert VoIP communications system was developed in C++ to enable the implementation of the work being carried out. A new information theoretical model of secure covert communications over streaming media was constructed to depict the security scenarios in streaming media-based steganographic systems with passive attacks. The model involves a stochastic process that models an information source for covert VoIP communications and the theory of hypothesis testing that analyses the adversary‘s detection performance. The potential of hardware-based true random key generation and chaotic interval selection for innovative applications in covert VoIP communications was explored. Using the read time stamp counter of CPU as an entropy source was designed to generate true random numbers as secret keys for streaming media steganography. A novel interval selection algorithm was devised to choose randomly data embedding locations in VoIP streams using random sequences generated from achaotic process. A dynamic key updating and transmission based steganographic algorithm that includes a one-way cryptographical accumulator integrated into dynamic key exchange for covert VoIP communications, was devised to provide secure key exchange for covert communications over streaming media. The discrete logarithm problem in mathematics and steganalysis using t-test revealed the algorithm has the advantage of being the most solid method of key distribution over a public channel. The effectiveness of the new steganographic algorithm for covert communications over streaming media was examined by means of security analysis, steganalysis using non parameter Mann-Whitney-Wilcoxon statistical testing, and performance and robustness measurements. The algorithm achieved the average data embedding rate of 800 bps, comparable to other related algorithms. The results indicated that the algorithm has no or little impact on real-time VoIP communications in terms of speech quality (< 5% change in PESQ with hidden data), signal distortion (6% change in SNR after steganography) and imperceptibility, and it is more secure and effective in addressing the security problems than other related algorithms

    Mobile Ad-Hoc Networks

    Get PDF
    Being infrastructure-less and without central administration control, wireless ad-hoc networking is playing a more and more important role in extending the coverage of traditional wireless infrastructure (cellular networks, wireless LAN, etc). This book includes state-of the-art techniques and solutions for wireless ad-hoc networks. It focuses on the following topics in ad-hoc networks: vehicular ad-hoc networks, security and caching, TCP in ad-hoc networks and emerging applications. It is targeted to provide network engineers and researchers with design guidelines for large scale wireless ad hoc networks

    Security, privacy and trust in wireless mesh networks

    Get PDF
    With the advent of public key cryptography, digital signature schemes have been extensively studied in order to minimize the signature sizes and to accelerate their execution while providing necessary security properties. Due to the privacy concerns pertaining to the usage of digital signatures in authentication schemes, privacy-preserving signature schemes, which provide anonymity of the signer, have attracted substantial interest in research community. Group signature algorithms, where a group member is able to sign on behalf of the group anonymously, play an important role in many privacy-preserving authentication/ identification schemes. On the other hand, a safeguard is needed to hold users accountable for malicious behavior. To this end, a designated opening/revocation manager is introduced to open a given anonymous signature to reveal the identity of the user. If the identified user is indeed responsible for malicious activities, then s/he can also be revoked by the same entity. A related scheme named direct anonymous attestation is proposed for attesting the legitimacy of a trusted computing platform while maintaining its privacy. This dissertation studies the group signature and direct anonymous attestation schemes and their application to wireless mesh networks comprising resource-constrained embedded devices that are required to communicate securely and be authenticated anonymously, while malicious behavior needs to be traced to its origin. Privacy-aware devices that anonymously connect to wireless mesh networks also need to secure their communication via efficient symmetric key cryptography, as well. In this dissertation, we propose an efficient, anonymous and accountable mutual authentication and key agreement protocol applicable to wireless mesh networks. The proposed scheme can easily be adapted to other wireless networks. The proposed scheme is implemented and simulated using cryptographic libraries and simulators that are widely deployed in academic circles. The implementation and simulation results demonstrate that the proposed scheme is effective, efficient and feasible in the context of hybrid wireless mesh networks, where users can also act as relaying agents. The primary contribution of this thesis is a novel privacy-preserving anonymous authentication scheme consisting of a set of protocols designed to reconcile user privacy and accountability in an efficient and scalable manner in the same framework. The three-party join protocol, where a user can connect anonymously to the wireless mesh network with the help of two semi-trusted parties (comprising the network operator and a third party), is efficient and easily applicable in wireless networks settings. Furthermore, two other protocols, namely two-party identification and revocation protocols enable the network operator, with the help of the semi-trusted third party, to trace suspected malicious behavior back to its origins and revoke users when necessary. The last two protocols can only be executed when the two semi-trusted parties cooperate to provide accountability. Therefore, the scheme is protected against an omni-present authority (e.g. network operator) violating the privacy of network users at will. We also provide arguments and discussions for security and privacy of the proposed scheme

    Security protocols for mobile ubiquitous e-health systems

    Get PDF
    Mención Internacional en el título de doctorWearable and implantable medical devices constitute an already established industry nowadays. According to a recent research [113], North America is currently the most important market followed by Europe, Asia-Pacific and the rest of the world. Additionally, the same document remarks the importance of the Asia-Pacific region due to the rising ageing population and the overpopulation in that area. The most common implantable medical devices include pacemakers, defibrillators, cochlear implants, insulin pumps, and neurostimulators among others. In recent years, the proliferation of smartphones and other mobile “smart” devices with substantial computational and communication capabilities have reshaped the way wireless body area network may be implemented. In their current generation (or in a near future), all of them share a common feature: wireless communication capabilities [127]. Moreover, implantable medical devices have the ability to support and store telemetry data facilitating the remote monitoring of the patient. Medical devices can be part of a wireless body area network, operating both as sensors and as actuators and making decisions in real time. On the other hand, a new kind of devices called wearables such as smart bracelets or smart watches have been equipped with several sensors like Photoplethysmogram (PPG) to record the heart beats, accelerometers to count the steps or Global Positioning System (GPS) to geopositioning users and were originally conceived as cheap solutions to help people to improve their workout. However these devices have demonstrated to be quite useful in many healthcare environments due to a huge variety of different and low-cost medical sensors. Thus, patients can be monitored for long periods of time without interfering in their daily life and taking their vital signs constantly under control. Security and privacy issues have been described as two of the most challenging problems of implantable medical devices and, more generally, wireless body area networks [6, 47, 84, 103]. As an example, it has been demonstrated that somebody equipped with a low cost device can eavesdrop on the data exchanged between a reader and a peacemaker and may even induce a cardiac arrest [71]. Health-related data have been the focus of several attacks almost since the adoption of computers in the healthcare domain. As a recent example, in 2010 personal data from more than 26 million of veterans were stolen from the Department of Veterans Affairs’ database in the US by an employee who had access to the database [104]. The Ponemon Institute pointed out that Germany and the US spent in 2013 more than 7.56and7.56 and 11 millions, respectively, to protect personal health records from attacks. This PhD dissertation explores the security and privacy of data in healthcare environments where confidential information is measured in real time by some sensors placed in, on, or around the human body. Security and privacy in medical conditions have been widely studied by the research community, nonetheless with the recent boom of wearable devices, new security issues have arisen. The first part of this dissertation is dedicated to the introduction and to expose both the main motivation and objectives of this PhD Thesis. Additionally the contributions and the organization of this document are also presented. In the second part a recent proposal has been analysed from the security and privacy points of view. From this study, vulnerabilities concerning to full disclosure, impersonation, traceability, de-synchronization, and Denial-of-Service (DoS) attacks have been found. These attacks make the protocol infeasible to be introduced with an adequate security and sufficient privacy protection level. Finally, a new protocol named Fingerprint⁺ protocol for Internet of Thing (IoT) is presented, which is based on ISO/IEC 9798-2 and ISO/IEC 18000-6C and whose security is formally verified using BAN logic. In the third part of this dissertation, a new system based on International Standard Organization (ISO) standards and security National Institute of Standards and Technology (NIST) recommendations have been proposed. First, we present a mutual entity authentication protocol inspired on ISO/IEC 9798 Part 2. This system could be deployed in a hospital where Radio Frequency IDentification (RFID) technology may be used to prune blood-handling errors, i.e., the identities of the patients and blood bags are confirmed (authentication protocol) and after that the matching between both entities is checked (verification step). Second, a secure messaging protocol inspired on ISO/IEC 11770 Part 2 and similar to that used in electronic passports is presented. Nowadays the new generation of medical implants possess wireless connectivity. Imagine a doctor equipped with a reader aims to access the records of vital signals stored on the memory of an implant. In this scenario, the doctor (reader) and the patient (implant) are first mutually authenticated and then a secure exchange of data can be performed. The fourth part of this Thesis provides an architecture based on two cryptographic protocols, the first one is for publishing personal data in a body area network composed of different sensors whereas the second one is designed for sending commands to those sensors by guaranteeing the confidentiality and fine-grained access control to the private data. Both protocols are based on a recently proposed public cryptography paradigm named ciphertext policy attribute-based encryption scheme which is lightweight enough to be embedded into wearable devices and sensors. Contrarily to other proposals made on this field, this architecture allows sensors not only to encrypt data but also to decrypt messages generated by other devices. The fifth part presents a new decentralized attribute based encryption scheme named Decentralized Ciphertext-Policy Attribute Based Searchable Encryption that incorporates ciphertext-policy attribute-based encryption with keyword search over encrypted data. This scheme allows users to (a) encrypt their personal data collected by a Wireless Body Area Network (WBAN) according to a policy of attributes; (b) define a set of keywords to enable other users (e.g., hospital stuff) to perform encrypted search over their personal (encrypted) data; (c) securely store the encrypted data on a semi-honest server and let the semi-honest server run the (encrypted) keyword search. Note that any user can perform a keyword query on the encrypted data, however the decryption of the resulting ciphertexts is possible only for users whose attribute satisfy the policy with which the data had been encrypted. We state and prove the security of our scheme against an honest-but-curious server and a passive adversary. Finally, we implement our system on heterogeneous devices and demonstrate its efficiency and scalability. Finally, this document ends with a conclusions achieved during this PhD and a summary of the main published contributions.Los dispositivos médicos implantables como los marcapasos o las bombas de insulina fueron concebidas originalmente para controlar automáticamente ciertos parámetros biológicos y, llegado el caso, poder actuar ante comportamientos anómalos como ataques cardíacos o episodios de hipoglucemia. Recientemente, han surgido uno dispositivos llamados wearables como las pulseras cuantificadoras, los relojes inteligentes o las bandas pectorales. Estos dispositivos han sido equipados con un número de sensores con capacidad de monitorizar señales vitales como el ritmo cardíaco, los movimientos (acelerómetros) o sistemas de posicionamiento (GPS) entre otros muchas opciones, siendo además una solución asequible y accesible para todo el mundo. A pesar de que el propósito original fue la mejora del rendimiento en actividades deportivas, estos dispositivos han resultado ser de gran utilidad en entornos médicos debido a su amplia variedad de sensores. Esta tecnología puede ayudar al personal médico a realizar seguimientos personalizados, constantes y en tiempo real del comportamiento de los pacientes, sin necesidad de interferir en sus vidas cotidianas. Esta Tesis doctoral está centrada en la seguridad y privacidad en entornos médicos, donde la información es recogida en tiempo real a través de una serie de sensores que pueden estar implantados o equipados en el propio paciente. La seguridad y la privacidad en entornos médicos ha sido el foco de muchos investigadores, no obstante con el reciente auge de los wearables se han generado nuevos retos debido a que son dispositivos con fuertes restricciones de cómputo, de memoria, de tamaño o de autonomía. En la primera parte de este documento, se introduce el problema de la seguridad y la privacidad en el paradigma de Internet de las cosas y haciendo especial hincapié en los entornos médicos. La motivación así como los principales objetivos y contribuciones también forman parte de este primer capítulo introductorio. La segunda parte de esta Tesis presenta un nuevo protocolo de autenticación basado en RFID para IoT. Este capítulo analiza previamente, desde el punto de vista de la seguridad y la privacidad un protocolo publicado recientemente y, tras demostrar que carece de las medidas de seguridad suficientes, un nuevo protocolo llamado Fingerprint⁺ compatible con los estándares de seguridad definidos en el estándar ISO/IEC 9798-2 y EPC-C1G2 (equivalente al estándard ISO/IEC 18000-6C) ha sido propuesto. Un nuevo sistema basado en estándares ISO y en recomendaciones realizadas por el NIST ha sido propuesto en la tercera parte de esta Tesis. En este capítulo se presentan dos protocolos bien diferenciados, el primero de ellos consiste en un protocolo de autenticación basado en el estándar ISO/IEC 9798 Part 2. A modo de ejemplo, este protocolo puede evitar problemas de compatibilidad sanguínea, es decir, primero se confirma que el paciente es quien dice ser y que la bolsa de sangre realmente contiene sangre (proceso de autenticación). Posteriormente se comprueba que esa bolsa de sangre va a ser compatible con el paciente (proceso de verificación). El segundo de los protocolos propuestos consiste en un protocolo seguro para el intercambio de información basado en el estándar ISO/IEC 11770 Part 2 (el mismo que los pasaportes electrónicos). Siguiendo con el ejemplo médico, imaginemos que un doctor equipado con un lector de radiofrecuencia desea acceder a los datos que un dispositivo implantado en el paciente está recopilando. En este escenario tanto el lector como el implante, se deben autenticar mutuamente para poder realizar el intercambio de información de manera segura. En el cuarto capítulo, una nueva arquitectura basada en el modelo de Publish/Subscribe ha sido propuesto. Esta solución está compuesta de dos protocolos, uno para el intercambio de información en una red de área personal y otro para poder reconfigurar el comportamiento de los sensores. Ambos protocolos están diseñados para garantizar tanto la seguridad como la privacidad de todos los datos que se envían en la red. Para ello, el sistema está basado en un sistema de criptografía de clave pública llamado Attribute Based Encryption que es suficientemente ligero y versátil como para ser implementado en dispositivos con altas restricciones de cómputo y de memoria. A continuación, en el quinto capítulo se propone una solución completamente orientada a entornos médicos donde la información que los sensores obtienen de los pacientes es cifrada y almacenada en servidores públicos. Una vez en estos servidores, cualquier usuario con privilegios suficientes puede realizar búsquedas sobre datos cifrados, obtener la información y descifrarla. De manera adicional, antes de que los datos cifrados se manden a la nube, el paciente puede definir una serie de palabras claves que se enlazarán a los datos para permitir posteriormente búsquedas y así obtener la información relacionada a un tema en concreto de manera fácil y eficiente. El último capítulo de esta Tesis se muestran las principales conclusiones obtenidas así como un resumen de las contribuciones científicas publicadas durante el período doctoral.Programa Oficial de Doctorado en Ciencia y Tecnología InformáticaPresidente: Arturo Ribagorda Garnacho.- Secretario: Jorge Blasco Alís.- Vocal: Jesús Garicia López de Lacall
    corecore