Upload
tammy
View
23
Download
0
Tags:
Embed Size (px)
DESCRIPTION
pDCS: Security and Privacy Support for Data-Centric Sensor Networks. Min Shao, Sencun Zhu, Wensheng Zhang, and Guohong Cao Penn State University. Roadmap. Introduction to Data-Centric Sensor Networks Characteristics, motivation, security attacks Design Goals of pDCS pDCS Overview - PowerPoint PPT Presentation
Citation preview
pDCS: Security and Privacy Support for Data-Centric Sensor Networks
Min Shao, Sencun Zhu,Wensheng Zhang, and Guohong
CaoPenn State University
2
Roadmap Introduction to Data-Centric Sensor Networks Characteristics, motivation, security attacks
Design Goals of pDCS pDCS
Overview Privacy Enhanced Data-Location Mapping Improving the Query Efficiency
Performance Evaluation Conclusions
3
A Data-centric Sensor Network
A new paradigm for data dissemination
Through a DCS a zoologist knows the locations of all animals
u
v
H(deer)
4
Security Attacks
Passive attacklisten to the communication only
Query attacksend a query to sensor nodes to obtain the data
Readout attackread out the data/key in the captured sensor nodes
Mapping attackidentify the mapping relation between two cells
5
Design Goals of pDCS
Mapping RandomizationBackward Event Privacy
Preventing an attacker from compromising previous data
Forward Event PrivacyPreventing an attacker from compromising future data
Query ImprovementQuery Privacy
the probability that an attacker cannot find the ids of the storage cells from eavesdropping query messages
Query Efficiency
Event Privacy Level (EPL): the probability that an attacker cannot obtain both the sensor data and the encryption keys for an event of his interest
6
pDCS Overview Cell u first determines the location of
the storage cell v through a keyed hash function.
u encrypts the recorded information (Me) with its own cell key.
u then forwards the message towards the destination storage cell.
On receiving the message, v stores it locally
If an authorized user is interested in the event E in cell u, he determines v and sends a query to v.
u
v
7
Scheme I: Group-Key-Based Mapping
Mapping Function
Nr, Nc: number of rows and columns
K: a group-wide shared key
E: an event
Type I Querywhat is the information about an event E?
)mod()||1(),mod()||0( ccrr NEKHLNEKHL
8
BEPL & FEPL of Scheme I
p f1 (m,s)1 (ms /N) /m1 s /N
pb1 (m,s)1
1
N(i
m)(N 1 ms 1 i
)(m
i) /(N 1s 1
)i1
B1
N 1N
(i
m)(N 2 ms 2 i
)(m
i) /(N 2s 2
)i1
B2
B1 min(s 1,m),B2 min(s 2,m)
•m – #source cells•s - #compromised cells
9
Scheme II: Time-Based Mapping
Mapping Function
Group key KT is updated every T seconds. When its timer fires, a node derives the next group key KT=H(KT) and erases the previous key KT
Type II Query
what is about the event E during the time interval T?
Security Analysis higher BEPL than in Scheme I higher FEPL than in Scheme I
Lr H(0 |KT | E |T)mod(Nr )
T1
T2
v1
v2
10
Scheme III: Cell-Based Mapping
Mapping Function
Kij: the cell key of cell (i, j), updated in
every T seconds
Type III Queryhas event E happened in cell L(i, j)during the time interval T?
Security AnalysisBEPL=1the same FEPL as Scheme II
Lr H(0 | i | j | E |K ij |T)mod(Nr)
T1
T1
T2
T2
11
Mapping Schemes Summary
Scheme II
Time-Based
Scheme III
Cell-Based
Scheme I
Group-Key-Based
Query Granularity
low high
Privacy
low high
Message Overhead
low high
12
Secure Query and Improve efficiency
high message overhead query privacy=0
Basic Scheme
13
Secure Query and Improve efficiency (2)
Euclidean Steiner Tree (EST) Scheme
low message overhead
query privacy
22
2
n
n
14
Secure Query and Improve efficiency (3)
Keyed Bloom Filter (KBF) Scheme
Hi(x|kp) (i=1,…,k)
xkp
15
Secure Query and Improve efficiency (3)
Keyed Bloom Filter (KBF) Scheme
Hi(cj|kX)(j=1,2,…,7)
kX
c1 c2 c3
c4
c5c6c7
16
Performance Evaluation (1)
Query bandwidth overhead 20x20 cells
17
Performance Evaluation (2)
Query Delay
18
Performance Evaluation (3)
Query Privacy
19
Query Techniques Summary
EST Scheme KBF SchemeBasic Scheme
low high
Query Privacy
Message Overhead
high
low
low high
Query Delay
20
Conclusions
The first work to provide security and privacy to DCS
Propose solutions for building a secure data-centric sensor network (pDCS)Offer different levels of privacy in data-location mapping
Offer several query optimization techniques
Future Workimprove forward event privacy
Thank You!