A unified security framework with three key management schemes for wireless sensor networks

AJOU University, School of Information and Communication, Wonchundong, Yongtonggu, 443-749 Suwon, Gyunggi, South Korea; College of Signals, NUST, Pakistan; Communication Technologies, Sendai, Japan; University of Engineering and Technology, Pakistan
Computer Communications 01/2008; DOI: 10.1016/j.comcom.2008.05.043
Source: DBLP

ABSTRACT Pervasive computing environments find their practical manifestations through wireless sensor networks, which sense a relationship amongst themselves and the environment. Currently the proposed keying schemes for ensuring security, in wireless sensor networks, may be classified into public and private keying schemes, or their hybrid. However, an investigation in peer work underpins the fact that neither of these works relates the key management schemes with the granularity of key generation, distribution, renewal, and revocation. In this paper, we propose a unified security framework with three key management schemes, SACK, SACK-P, and SACK-H that incorporate symmetric key cryptography, asymmetric key cryptography and the hybrid, respectively. We have evaluated the key management schemes against a broad range of metrics such as energy, resource utilization, scalability and resilience to node compromises. Our evaluation comprises both analytical investigation and experimental validation. The results show that though SACK-P is heavy on resources, it provides maximal security and offers the best resilience to node compromises. On the contrary, SACK is very efficient in terms of storage and communication. Our results substantiate a relationship between the level of security and resource utilization and form a design benchmark for security frameworks.

  • [Show abstract] [Hide abstract]
    ABSTRACT: In the paradigms of the Internet of Things (IoT) as well as the evolving Web of Things (WoT) and the emerging Wisdom Web of Things (W2T), not only can the data collected by the sensor nodes (i.e., the things) in the wireless sensor networks (WSNs) be transmitted to and processed at Internet nodes and subsequently transformed into information, knowledge, wisdom and eventually into services to serve humans, but human users can also access, control and manage the sensor nodes in the WSNs through nodes in the Internet. Since data are the basis for enabling applications and services in W2T, it becomes imperative that enabling technologies for end-to-end security be developed to secure data communication between Internet user nodes and sensor server nodes to protect the exchange of data. However, traditional security protocols developed for the Internet rely mostly on symmetric authentication and key management based on public key algorithms, thus are deemed to be unsuitable for WSNs due to resource constraints in the sensor nodes. Specifically, acting as the server nodes in this scenario, sensor nodes cannot take on the heavy duty like regular servers in the Internet. Meanwhile, current security mechanisms developed for WSNs have mainly focused on the establishment of keys between neighboring nodes at the link layer and thus are not considered to be effective for end-to-end security in the W2T scenario. In this paper, we propose an end-to-end secure communication scheme for W2T in WSNs in which we follow an asymmetric approach for authentication and key management using signcryption and symmetric key encryption. In our proposed scheme, a great part of the work for authentication and access control is shifted to a gateway between a WSN and the Internet to reduce the burden and energy consumption in the sensor nodes. In addition, our scheme can ensure the privacy of user identities and key negotiation materials, and denial of service (DoS) attacks targeted at the sensor nodes can be effectively blocked at the gateway. We will also conduct quantitative analysis and an experiment to show that our proposed scheme can enhance the effectiveness of end-to-end security while reducing the cost of sensor nodes in terms of computation, communication and storage overhead as well as the latency of handshaking compared to similar schemes that are based on Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols.
    World Wide Web 07/2013; 16(4). · 1.20 Impact Factor
  • [Show abstract] [Hide abstract]
    ABSTRACT: IEEE 802.15.4 standard for low power wireless personal area networks (LoWPANs) is emerging as a promising technology to bring envisioned ubiquitous paragon, into realization. Considerable efforts are being carried on to integrate LoWPANs with other wired and wireless IP networks, in order to make use of pervasive nature and existing infrastructure associated with IP technologies. Designing a security solution becomes a challenging task as this involves threats from wireless domain of resource constrained devices as well as from extremely mature IP domain. In this paper we have i) identified security threats and requirements for LoWPANs ii) analyzed current security solutions and identified their shortcomings, iii) proposed a generic security framework that can be modified according to application requirements to provide desired level of security. We have also given example implementation scenario of our proposed framework for resource and security critical applications.
    Autonomous Decentralized Systems, 2009. ISADS '09. International Symposium on; 04/2009
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: Combinatorial designs are powerful mathematical tools with comprehensive and simple algebraic structures. Recently, many researchers have used combinatorial designs as key predistribution schemes in wireless sensor networks (WSNs). Previous studies on security of WSNs are mainly concentrated on those networks containing nodes with the same capabilities. Further, investigations reveal that high reliability and lifetime on networks can be achieved through hierarchical heterogeneous wireless sensor networks, where a small number of sensor nodes have more energy, memory, and transmission capability. Inspired by scheme due to Lee and Stinson, we propose a key predistribution scheme for a clustered heterogeneous WSN using transversal designs. This proposed scheme assigns key chains to sensor nodes before deployment and separates key pool of each cluster by adding a pseudo-random generated number after deployment. The performance evaluation and security analysis show that our proposed scheme can provide better security with significant reductions on communication overhead and storage space than other key management schemes without compromising connectivity. Copyright © 2014 John Wiley & Sons, Ltd.
    Security and Communication Networks 01/2014; · 0.43 Impact Factor

Full-text (2 Sources)

Available from
Nov 25, 2014