Sensor Systems for Prognostics and Health Management

Prognostics and health management (PHM) is an enabling discipline consisting of technologies and methods to assess the reliability of a product in its actual life cycle conditions to determine the advent of failure and mitigate system risk. Sensor systems are needed for PHM to monitor environmental, operational, and performance-related characteristics. The gathered data can be analyzed to assess product health and predict remaining life. In this paper, the considerations for sensor system selection for PHM applications, including the parameters to be measured, the performance needs, the electrical and physical attributes, reliability, and cost of the sensor system, are discussed. The state-of-the-art sensor systems for PHM and the emerging trends in technologies of sensor systems for PHM are presented

Network Security Testing Using Mobile Agents

This paper describes a prototype security testing tool that is currently under development at NIST. This prototype tool uses autonomous mobile agents to perform distributed, fault-tolerant, and adaptive network security testing. The security testing prototype is compared to existing methods, the design goals are outlined, its testing methodology is described, and the advantages and disadvantages of using mobile agents for security testing are discussed

A Solution for Wireless Privacy and Payments based on E-cash

The IEEE 802.11 Wireless Local Area Network (WLAN) specifications have been the subject of increased attention due to their rapid commercial adaptation and the introduction of new security and privacy concerns. The IEEE 802.1x standard was introduced in order to overcome the initial security shortcomings of the Wired Equivalent Privacy (WEP) protocol. The IEEE 802.1x standard is an extensible standard that couples 802.11 networks with various authentication services through the incorporation of an Extensible Authentication Protocol (EAP) authentication dialog. The existing implementations of EAP dialogs are based on standard cryptographic solutions for authentication and session key generation but do not, however, provide any form of user anonymity or privacy. Anonymity and privacy are currently of pressing interest, especially in the context of WLANs, which are simultaneously the best medium to provide privacy (there is no physical phone number or connection end-point with a predetermined owner) as well as the most threatening medium to user privacy, as they have the potential of disclosing not only the identity of the user, but also their physical location. At the same time, the potential "perfect hiding" capabilities of WLAN users also highlights the need to control anonymity by introducing more flexible authentication mechanisms. Moreover, payment for wireless services is completely decoupled from the above procedures, raising additional efficiency and privacy concerns. In this work we propose a new EAP authentication dialog based on anonymous electronic cash that provides for privacy, anonymity control, payment acceptance and billing, and authentication. Our solution is based on the notion of "public-key embedding e-cash," an e-cash variant we present and formalize..

Intrusion Detection Techniques in Sensor Networks

Research has been conducted in wired network Intrusion Detection Systems (IDS) for over 25 years. Although there is ongoing research in wired IDS techniques, it is considered a mature technology. Wireless area networks and personal area networks have been the focus of recent research, as they represent new risks and security challenges. Mobile Ad Hoc Networks (MANETs) have further challenged researchers to develop IDS techniques in an even more challenging environment. The promise of wireless sensor network technology to provide cost-effective monitoring of critical applications ranging from industrial control to border monitoring necessitates new research in the area of wireless sensor network IDS. The unattended nature and the inherent computational and communication limitations of sensor networks make them vulnerable to a broad range of attacks. Given the relative infancy of this new technology, the limited documented cases of actual sensor network attacks, the lack of publicly available network traces of sensor network attacks, most experience in this area is limited to simulations or laboratory emulations, with few approaches having been vetted in the field. This chapter outlines the unique challenges of wireless sensor network IDS and provides a survey of solutions proposed in the research literature

Privilege Management of Mobile Agents

Most mobile agent systems use internal data structures within an agent to control and specify its security requirements and properties. These structures typically contain authorization information regarding access to computational resources on distributed systems and conceptually serve as an internal passport for the agent. While these structures are often very similar semantically, they differ greatly in their implementation, depending to a large extent on the mechanisms used to protect their contents. This paper considers a general scheme for managing privileges using attribute certificates. An attribute certificate can be viewed as an external, digitally signed agent passport, which allows greater flexibility in meeting the needs of an application and overlaying a suitable management scheme. The paper presents the benefits of this approach and gives an example of how an agent system could be enhanced with this mechanism