A security architecture for personal networks

The proliferation of personal mobile computing devices such as laptops and mo-\ud bile phones, as well as wearable computing devices such as belt computers, digital\ud bracelets and bio-medical sensors has created an opportunity to create a wireless\ud network to share information and resources amongst personal devices. One such\ud paradigm which utilizes pervasive and ubiquitous computing to create a network of\ud personal devices, both in the local vicinity and those at remote locations, is called a\ud Personal Network (PN). The aim of a Personal Network is to provide its users with\ud new and improved services.\ud As Personal Networks edge closer to reality, security becomes an important con-\ud cern since any vulnerability in the system will limit its practical use. However the\ud mobile and constrained nature of its constituting devices places unique requirements\ud on the design of Personal Networks, such as the need for low power consumption\ud and the ability to self organize in the face of intermittent connectivity. One of our\ud conclusions in this regard was that the new characteristics and possibilities offered\ud by Personal Networks mean that old solutions are often not suitable in their current\ud form. Therefore in this thesis we introduce a novel security architecture especially\ud designed for Personal Networks.\ud As people with a network background, our aim was not to develop new PN\ud specific cryptographic protocols, but to develop a model for secure network archi-\ud tecture. In this regard our focus is more on defining mechanisms for access control,\ud rather than the security properties of specific protocols. For instance, we propose\ud mechanisms for device personalization, key management, resource discovery, authen-\ud tication and secure network formation/communication. Our proposals are then ana-\ud lyzed analytically based on the main drivers for our design choices, with some parts\ud evaluated using the Ns-2 network simulator. Where possible we have attempted\ud to reuse existing and well established security protocols, knowing that proposing\ud a novel protocol specific to PNs only introduces the possibility of security flaws\ud common to new protocols.\ud Given the infancy of the PN concept, our first contribution is in promoting the\ud development of this concept as related to security. In this regard we have identified the different architectural components which play a part in enabling security\ud and specified their functional roles. This required an understanding of typical user behavior as well as development of scenarios which highlight the challenges and\ud requirements in connecting heterogeneous personal devices in a self organizing manner. The second main contribution is in designing a secure architecture around these\ud entities which meets the rather unique requirements identified earlier. In this regard we have specified mechanisms for the secure formation and communication in\ud Personal Networks as well as communication between different Personal Networks

A security architecture for personal networks

Abstract Personal Network (PN) is a new concept utilizing pervasive computing to meet the needs of the user. As PNs edge closer towards reality, security becomes an important concern since any vulnerability in the system will limit its practical use. In this paper we introduce a security architecture designed for PNs. Our aim is to use secure but lightweight mechanisms suitable for resource constrained devices and wireless communication. We support pair-wise keys for secure cluster formation and use group keys for securing intra-cluster communication. In order to analyze the performance of our proposed mechanisms, we carry out simulations using ns-2. The results show that our mechanisms have a low overhead in terms of delay and energy consumption