View
215
Download
0
Category
Tags:
Preview:
Citation preview
Page 1
Theodore Zahariadis 1st Student workshop on Wireless Sensor Networks
AWISSENET AWISSENET AAd-hoc PAN & d-hoc PAN & WIWIreless reless SSensor ensor SESEcure cure
NETNETworkwork
Theodore Zahariadis
TEI of ChalkidaElectrical Engineering Department
Psachna, GR34400, Greece. Email: zahariad@teihal.gr
Athens, 1 November2008
AWISSENET AWISSENET AAd-hoc PAN & d-hoc PAN & WIWIreless reless SSensor ensor SESEcure cure
NETNETworkwork
Theodore Zahariadis
TEI of ChalkidaElectrical Engineering Department
Psachna, GR34400, Greece. Email: zahariad@teihal.gr
Athens, 1 November2008
Page 2 Theodore Zahariadis 1st Student workshop on Wireless Sensor Networks
Ultra-wide-band Sensor Node
Ultra small sensor node The smallest UWB sensor node in the
world: 10mm×10mm×10mm On board temperature sensor
Ultra low power Low power communication: 3nW/bps More than 9 years battery life using
button cell (CR-2032)(Communication every five minutes)
High speed communication From 250kbps to10Mbps
Antenna
Main board
Power supply board
Page 3 Theodore Zahariadis 1st Student workshop on Wireless Sensor Networks
Chips will be invisibleChips will be invisible
Newly developed ultra small µ-Chip, size of 50 µm x 50 µm Thickness 7.5 µm For directlyembedding intopaper
Compared with crystal of granulated sugar
Page 4 Theodore Zahariadis 1st Student workshop on Wireless Sensor Networks
Monitoring the Environment
Page 5 Theodore Zahariadis 1st Student workshop on Wireless Sensor Networks
Ad-hoc PAN & Sensor Networks
Ad-hoc PAN and Wireless Sensor Networks (AWSN) are expected to: form an integral part of the foreseen Future Internet (of Things) play a key role in the vision of offering mobile, personalised services,
whenever and wherever needed Support applications with broadband, wireless connectivity anytime and
anywhere.
Applications: environmental surveillance, asset management, physical phenomenon monitoring, creation of smart, interactive and immerse spaces
However, they face essential security and resilience limitations, especially across insecure, heterogeneous and multi-administration domains
Page 6 Theodore Zahariadis 1st Student workshop on Wireless Sensor Networks
Security and Operational Requirements (1/2)
Confidentiality: ensures that the data is well protected and remains secret from unauthorized parties
=> encrypting the data with a secret key that only intended recipients possess.
Data Integrity: ensures that any received data has not been altered or modified => applying an appropriate hashing technique prior to message encryption.
Data Freshness: implies that the data is recent and it ensures that old messages are not replayed.
=>a time related counter (nonce) can be added into the packet to ensure data freshness.
Non-repudiation: ensure that a node cannot deny the sending of a message that it originated.
=>digital signatures are used to ensure this requirement.
Availability of services and information: ensures that services and information can be accessed at the time they are required, despite of the presence of attacks.
=> lack of availability weakens the overall operation of an AWSN network, making it more vulnerable to a variety of attacks, such as denial of service.
Page 7 Theodore Zahariadis 1st Student workshop on Wireless Sensor Networks
Security and Operational Requirements (2/2)
Network reliability: is the capability to keep the functionality of the AWSN even if some nodes fail and is tightly coupled to resilience.
Authentication-survivability: is the capability to verify that the data received was really sent by a trusted sender and not by an adversary that injected data in the network.
Self-Organization and self-healing: is the ability of the AWSN to mitigate adverse situations as well as frequent nodes movement.
Secure Localization: is the ability of an AWSN to accurately and automatically locate each sensor in the network.
Scalability: is the ability to support a large number of wireless sensor nodes.
Page 8 Theodore Zahariadis 1st Student workshop on Wireless Sensor Networks
Sensor Node Constraints
Energy Limitation. Every security measure taken in order to mitigate attacks on an AWSN has an impact on energy consumption (e.g. encryption, hashing, overhead bits).
Transmission Range. The transmission range of wireless ad-hoc/sensor nodes is limited in order to conserve energy thus allowing the nodes to restrict their transmission range.
Limited memory and storage capacities. TelosB: 16-bit, 8 MHz RISC CPU, 10K RAM, 48K Program Memory, 1024K FLASH Mica mote2: 4 MHz 8-bit CPU, 4 KB of RAM, 128K Program memory, 512KFLASH.
Unattended Operation. The nodes may be deployed in an environment open to adversaries, interference, harsh environmental conditions, etc. The likelihood that a node suffers a physical attack in such an environment is therefore much higher than in another typical network which is located in a secure place and mainly faces attacks from a network.
Page 9 Theodore Zahariadis 1st Student workshop on Wireless Sensor Networks
Network Constraints
Mobility and Hierarchy. AWSN are ad hoc in nature with the composition of the network determined at the time of deployment. During the network mission, the composition of the network and its routing topology may change. This constraint must be taken into account since it might limit the ability to pre-configure AWSN nodes for specific purposes.
Data Rate and Packet Size. Both data rate and packet size affect the overall sensor node energy consumption, as explained in the previous section. Packet sizes within the AWSN are relatively small, while data rates are relatively low.
Unreliable Communications. Normally the packet-based routing of an AWSN is connectionless and thus inherently unreliable. Furthermore, the unreliable wireless communication channel also results in damaged packets.
Conflicts. Even if the channel is reliable, the communication may still be unreliable. This is due to the broadcast nature of the wireless sensor network.
Latency. The multi-hop routing, network congestion and node processing can lead to greater latency in the network, thus making it difficult to achieve synchronization among nodes.
Page 10 Theodore Zahariadis 1st Student workshop on Wireless Sensor Networks
AWISSENET Summary
AWISSENET (Ad-hoc personal area network & WIreless Sensor SEcure NETwork) is a project focused on security and resilience across ad-hoc PANs and wireless sensor networks.
AWISSENET optimisations will focus on four key principles: Discovery, evaluation and selection of trusted routes based on multiple security metrics
and key pre-distribution methods. The overall scheme must support secure routing even with disappearing nodes, multiple levels of in-network processing and multiple layers of aggregation.
Secure Service Discovery, providing network-level security framework, which will protect service discovery messages inside the AWISSENET, when crossing unknown domains or when interacting with public service providers.
Intrusion detection, intruder identification and recovery based on distributed trust to provide security against malicious attacks.
Highly Secure sensor nodes against attacks from malicious users having actual access to the sensor nodes.
The AWISSENET results will be packed in a security toolbox, which will be prototyped and validated in a large trial of more than 100 sensor nodes.
Page 11 Theodore Zahariadis 1st Student workshop on Wireless Sensor Networks
AWISSENET Consortium
Hellenic Aerospace Industry (GR) Alcatel-Lucent Deutschland (DE) Thales Communications (FR) Northern Venture (CY) Telecommunication Systems Institute (GR) University of Helsinki (FI) University Politechnico de Madrid (ES) TEI of Chalkida (GR)
AWISSENET Consortium in numbers 8 participants from 6 Member Countries 3 Industries, 1 SME and 4 Institutes/Universities
Page 12 Theodore Zahariadis 1st Student workshop on Wireless Sensor Networks
Generic Representation of an AWSN topology
IPNetwork
s1
s2
s3
s4
s5
s7
s6
s9
s10
s8
Sensor Node Aggregator Node Application Node
Sensory Network
3
SensoryNetwork
2
AN2
AN1
AP1
AP2
Page 15 Theodore Zahariadis 1st Student workshop on Wireless Sensor Networks
AWISSENET TRUST MODELINGDirect Trust
Forwarding (E1) # of Success # of Failures
Network-ACK (E2) # of Success # of Failures
Packet precision- Integrity (E3) # of Success # of Failures
Authentication (E4) # of Success # of Failures
Cryptography-Confidentiality (E5) # of Success # of Failures
Reputation RES (E6) # of Response # of no Response
Reputation Validation (E7) Value
Remaining Energy (E8) Value
Network ACK History Log (E9) 1 0 1 1 0 1 0 0 1 1 0 1 0 1 1 1
Number of Interactions (E10) Value
Distance to the sink node (E11) Value
BAii
BAii
BAii
BAiiBA
i FbSa
FbSaT
,,
,,,
initialnow
initialnowBA
VbVa
VbVaT
88
88,8
10
, 11
anoiC BA
k
i
BAii
BABA TWCDT1
,,, )*(
Page 16 Theodore Zahariadis 1st Student workshop on Wireless Sensor Networks
AWISSENET TRUST MODELINGIndirect Trust
Direct Trust Value of responding node DTA, Nj
Value
Reputation RES # of Response # of no Response
Reputation value of responding node DTNj,B Value
Reputation Correctness History Log
1 0 1 1 0 1 0 0 1 1 0 1 0 1
n
j
BNNABA jj DTDTWIT1
,,, )(
BABABABABA ITITWDTDTWTT ,,,,, )()(
Total Trust
Page 17 Theodore Zahariadis 1st Student workshop on Wireless Sensor Networks
Next Steps
Validate the trust model in JSIM and evaluate all parameters Define a trusted routing algorithm by combining trust metrics with
geographic routing algorithm (GPSR) Define a Secure cross-domain Service discovery mechanism
Wrist band
PaperLabel
CoinTags
Transparent Coin Tags
RFIDcard
RFIDReader
IPNetwork
Motes island Motes island RFID island Multimedia island
Recommended