Improvements to data transportation security in wireless sensor networks

Wireless Sensor Networks (WSNs) are computer networks consisting of miniaturised electronic devices that aim to gather and report information about their environment. The devices are limited in computational, data storage and communication ability. Furthermore, the devices communicate via a wireless, unregulated medium and usually operate on finite power sources. Security in Wireless Sensor Networks is the research area that seeks to provide adequate and energy-efficient security mechanisms for WSNs. Such provision is required in order to increase their range of possible applications and allow them to be deployed in critical and valuable environments. Existing security mechanisms for larger computer networks are inappropriate since they were not designed for the resourceconstrained environment of WSNs. There are some purpose-built solutions but this research has found potential security or efficiency problems with each of them. This thesis contributes SecRose, a security mechanism for the data-transportation layer of Wireless Sensor Networks. The solution attempts to provide higher level of security than currently provided, without introduction of significant energy overheads and by retaining backwards compatibility. SecRose achieves its security objectives by introducing a number of innovations and improvements. SecRose innovates in the provision of freshness and semantic security by altering the secret cryptographic keys. The process is managed at the transportation level by the basic key management mechanism. The integrity and safety of the key-changing operation is achieved by authenticating all packets and their acknowledgements. This behaviour contrasts with other proposals, which are based on openly transmitted Initialisation Vectors, and allows SecRose to provide better security than most of them, including TinySec, the accepted standard. In addition, measurements show that SecRose provides better energy-efficiency than other proposals. In particular, the solution requires less energy than TinySec in all cases and it can even be more efficient than the base Operating System, the TinyOS, which does not provide any security at all.EThOS - Electronic Theses Online ServiceGBUnited Kingdo

Sticky policies approach within cloud computing

This paper discusses a secure document sharing approach, which addresses confidentiality, integrity and authenticity concerns related to cloud-based data sharing. This research is focused on a secure construct that would integrate with other cloud ready standards and products for data protection. Sticky policies recently considered as one of the preferred cloud data protection techniques are here combined with standardized OOXML data package. The defined model leverages the Identity Based Encryption (IBE) scheme to attach sticky policies to the data. This paper also shows several security features and functions that are suitable for secure data sharing in the cloud. Technologies used for proposed construction are not new, therefore only their unique combination with AES key derived from XACML sticky policy via IBE and OOXML wrapper constitutes novelty of this research

A New Load-Balancing Aware Objective Function for RPL’s IoT Networks

The IPv6 Routing Protocol for Low-power and Lossy Networks (RPL) has been recently standardized as the de facto solution for routing in the context of the emerging Internet of Things (IoT) paradigm. RPL, along with other standards, has provided a baseline framework for IoT that has helped advance communications in the world of embedded resource-constrained networks. However, RPL still suffers from issues that may limit its efficiency such as the absence of an efficient load-balancing primitive. In this study, we show how RPL suffers from a load-balancing problem that may harm both the reliability of the protocol and its network lifetime. To address this problem, a novel load-balancing scheme is introduced that significantly enhances the reliability of RPL and fosters the protocol’s efficiency in terms of power consumption

Cloud-based identity and identity meta-data: secure and control own data in globalization era.

This paper proposes a new identity, and its underlying meta-data, model. The approach enables secure spanning of identity meta-data across many boundaries such as health-care, financial and educational institutions, including all others that store and process sensitive personal data. It introduces the new concepts of Compound Personal Record (CPR) and Compound Identifiable Data (CID) ontology, which aim to move toward own your own data model. The CID model ensures: authenticity of identity meta-data; high availability via unified Cloud-hosted XML data structure; and privacy through encryption, obfuscation and anonymity applied to Ontology-based XML distributed content. Additionally CID via XML ontologies is enabled for identity federation. The paper also proposes that access over sensitive data is strictly governed through an access control model with granular policy enforcement on the service side. This includes the involvement of relevant access control model entities which are enabled to authorize an ad-hoc break-glass data access which should give high accountability for data access attempts

Addressing the DAO Insider Attack in RPL’s Internet of Things Networks

In RPL routing protocol, the DAO (Destination Advertisement Object) control messages are announced by the child nodes to their parents to build downward routes. A malicious insider node can exploit this feature to send fake DAOs to its parents periodically, triggering those parents, in turn, to forward the fake messages upward to the root node. In this study, we show how this behaviour can have a detrimental side effect on the performance of the network, increasing power consumption, latency and reducing reliability. To address this problem, a new scheme is introduced to mitigate significantly the effect of the DAO attack on network performance

A Novel Adaptive and Efficient Routing Update Scheme for Low-Power Lossy Networks in IoT

In this paper, we introduce Drizzle, a new algorithm for maintaining routing information in the Low-power and Lossy Networks (LLNs). The aim is to address the limitations of the currently standardized routing maintenance (i.e. Trickle algorithm) in such networks. Unlike Trickle, Drizzle has an adaptive suppression mechanism that assigns the nodes different transmission probabilities based on their transmission history so to boost the fairness in the network. In addition, Drizzle removes the listen-only period presented in Trickle intervals leading to faster convergence time. Furthermore, a new scheme for setting the redundancy counter has been introduced with the goal to mitigate the negative side effect of the short-listen problem presented when removing the listen-only period and boost further the fairness in the network. The performance of the proposed algorithm is validated through extensive simulation experiments under different scenarios and operation conditions. In particular, Drizzle is compared to four routing maintenance algorithms in terms of control-plane overhead, power consumption, convergence time and packet delivery ratio (PDR) under uniform and random distributions and with lossless and lossy links. The results indicated that Drizzle reduces the control-plane overhead, power consumption and the convergence time by up to 76%, 20% and 34% respectively while maintaining approximately the same PDR rates

E-Health: chances and challenges of distributed, service oriented architectures

Societies are undergoing unprecedented demographic and socio-economical changes on a pace that has never been experienced before. Health care models are in transition to remain affordable for governments and individuals. Mobile technology and cloud computing will play a major role in order to help to achieve the necessary level of virtualization and service aggregation. There are, however, technological challenges in terms of security, trust, user friendliness and deployment of innovative E-Health strategies

A Survey of Limitations and Enhancements of the IPv6 Routing Protocol for Low-power and Lossy Networks: A Focus on Core Operations

Driven by the special requirements of the Low-power and Lossy Networks (LLNs), the IPv6 Routing Protocol for LLNs (RPL) was standardized by the IETF some six years ago to tackle the routing issue in such networks. Since its introduction, however, numerous studies have pointed out that, in its current form, RPL suffers from issues that limit its efficiency and domain of applicability. Thus, several solutions have been proposed in the literature in an attempt to overcome these identified limitations. In this survey, we aim mainly to provide a comprehensive review of these research proposals assessing whether such proposals have succeeded in overcoming the standard reported limitations related to its core operations. Although some of RPL’s weaknesses have been addressed successfully, the study found that the proposed solutions remain deficient in overcoming several others. Hence, the study investigates where such proposals still fall short, the challenges and pitfalls to avoid, thus would help researchers formulate a clear foundation for the development of further successful extensions in future allowing the protocol to be applied more widely

A Privacy preserving method using privacy enhancing techniques for location based services

Two of the major changes within computing, at the present time, are the move towards service-oriented architectures and the increasing usage of mobile devices to access these services. Along with this, as these devices are often moving, extra context information can be provided to a service, if the user is known, along with their actual location and their current trajectory. This includes useful applications such as providing the nearest bus stop to a user, and thus to show the buses which are due to arrive next. While this type of information is useful to the user for services that are trusted, there can be many issues related to the gathering of location information for non-trusted applications, such as for location-based marketing, or for user behaviour profiling. With simple security controls being applied to the access of the location information from mobile devices, it is important that users understand how their location information is being used. This paper reviews some of the current methods which are being proposed in order to reduce the impact of location tracking on user privacy, and presents a novel encryption method for preserving the location of a device, using Privacy-Enhancing Technologies, and which preserves the trajectory of the path of a user