security policy reconfiguration solutions in wireless
play

Security Policy Reconfiguration Solutions in Wireless Sensor - PowerPoint PPT Presentation

Mar 04, 2023 •483 likes •830 views

University Division/Office Security Policy Reconfiguration Solutions in Wireless Sensor Networks UZH 655/678 Seminar: Internet Economics - Prof. Dr. Burkhard Stiller By Sanjiv Jha, Raphael Ochsenbein & Anastasia Ruvimova Supervisor: Dr.

  1. University Division/Office Security Policy Reconfiguration Solutions in Wireless Sensor Networks UZH 655/678 Seminar: Internet Economics - Prof. Dr. Burkhard Stiller By Sanjiv Jha, Raphael Ochsenbein & Anastasia Ruvimova Supervisor: Dr. Corinna Schmitt 08.10.13 Page 1

  2. Table of Contents ● Introduction ● Applying Security Policies to WSN ○ Security Issues & Attack Vectors ○ Defense Mechanisms ● Practical Solutions ○ Effective Key Management for WSN’s ○ Trust-based Enforcement of Security Policies ○ Dynamic Reconfiguration (Intra-trust and Famiware) ● Conclusion 08.10.13 University of Zurich, Division/Office, Title of the presentation, Author Page 2

  3. Introduction ● Wireless Sensor Networks (WSN)? ● WSN Existing Network examples. ● WSN Security Policies needs. Intelligent transport system 08.10.13 University of Zurich, Division/Office, Title of the presentation, Author Page 3

  4. Motivation for Security Reconfiguration in WSNs a. Constraints and Issues with existing security policy. b. Security Policy Reconfiguration? c. Benefits of Re- configuring the security policies. Page 4

  5. Terminology & Definitions WSN “Wireless sensor networks (WSNs) consist of hundreds or even thousands of small devices each with sensing, processing, and communication capabilities to monitor the real-world environment. They are envisioned to play an important role in a wide variety of areas ranging from critical military surveillance applications to forest fire monitoring and building security monitoring in the near future.” - I. F. Akyildiz, W. Su, Y. Sankarasubramaniam, and E. Cayirci, “A survey on sensor networks”, IEEE Communications Magazine, Vol. 40, No. 8, pp. 102-114, August 2002. Internet of things (IoT) “ A global infrastructure for the information society, enabling advanced services by interconnecting (physical and virtual) things based on existing and evolving interoperable information and communication technologies. NOTE 1 – Through the exploitation of identification, data capture, processing and communication capabilities, the IoT makes full use of things to offer services to all kinds of applications, whilst ensuring that security and privacy requirements are fulfilled. NOTE 2 – From a broader perspective, the IoT can be perceived as a vision with technological and societal implications.” - ITU-T: Y2060 - Overview of the Internet of things, 2012. https://www.itu.int/rec/T-REC-Y. 2060-201206-I. Page 5

  6. Security Issues & Attack Vectors ❏ Attacks on Secrecy and Authentication ❏ DoS Attacks ❏ Node Replication ❏ Privacy Page 6

  7. DoS Attacks - Denial of Service Physical Layer ❏ Jamming ❏ Tampering Link Layer ❏ Link Layer ❏ Purposefully Created Collisions ❏ Resource Exhaustion ❏ Unfairness in Allocation Page 7

  8. DoS Attacks (cont.) Network Layer Transport Layer ❏ Spoofed routing ❏ Flooding information ❏ De-synchronization ❏ Selective forwarding ❏ Sinkhole ❏ Sybil attack ❏ Wormhole ❏ Hello flood ❏ Acknowledgment spoofing Page 8

  9. Defense Mechanisms Page 9

  10. Defense Mechanisms ❏ Cryptography in WSNs ❏ Defense against DoS ❏ Public key cryptography attacks ❏ Symmetric key ❏ Defense in the cryptography physical layer ❏ Key management protocols ❏ Defense in the link ❏ Key management based layer on network structure ❏ Defense in the ❏ Key management on network layer probability of key sharing ❏ Secure ❏ Deterministic key broadcasting and distribution schemes multicasting ❏ Probabilistic key protocols distribution schemes ❏ Defense against attacks on routing protocols Page 10

  11. Defense Mechanisms (cont.) ❏ Defense against the Sybil attack ❏ Detection of node replication attack ❏ Defense against traffic analysis attack ❏ Defense against attacks on sensor privacy ❏ Intrusion detection ❏ Secure data aggregation ❏ Defense against physical attacks ❏ Trust management Page 11

  12. Solution 1: Effective Key Management in Dynamic Sensor Networks Seo, Seung-Hyun, Jongho Won, Shabana Sultana, and Elisa Bertino. Effective key management in dynamic wireless sensor networks, Information Forensics and Security, IEEE Transactions on 10, no. 2 (2015): 371-383. http://docs.lib. purdue. edu/cgi/viewcontent.cgi? article=1640&context=ccpubs. Page 12

  13. Effective Key Management in dynamic WSN’s (cont.) - Symmetric key encryption drawbacks: i high communication overhead ii large memory space iii not scalable iv not resilient to node compromise - Asymmetric key encryption (public key cryptography (PKC)) i ECC (elliptic curve cryptography): feasible performance-wise ii resilient to node compromise attacks iii more scalable and flexible iv vulnerable to message forgery, key compromise known-key attacks - Certificateless effective key management (CL-EKM) scheme i certificateless public key cryptography (CL-PKC) ii the user’s full private key is a combination of a partial private key generated by a key generation center (KGC) and the user’ s own secret value iii pairwise key between nodes: a pairing-free certificateless hybrid signcryption scheme (CL-HSC) Page 13

  14. Effective Key Management in dynamic WSN’s (cont.) - 3 Node Types i BS: Manages Network, collects Data, hosts a Key Generation Center (KGC) ii nodes with high processing capabilities (H-Sensors) iii nodes with low processing capabilities (L-Sensors) - 4 Key Types i a certificateless public/private key pair ii an individual key iii a pairwise key iv a cluster key - 7 Network Phases i system setup ii pairwise key generation iii cluster formation iv key update v node movement vi key revocation vii addition of a new node - BS Role i issues certificateless public/private key pairs for each node ii a unique individual key, shared only between the node and the BS is assigned to each node iii certificateless public/private key of a node is used to establish pairwise keys between any two nodes iv a cluster key is shared among the nodes in a cluster Page 14

  15. Effective Key Management in dynamic WSN’s (cont.) Page 15

  16. Effective Key Management in dynamic WSN’s (cont.) Page 16

  17. Solution 2: Trust-based Enforcement of Security Policies Roberto Vigo , Alessandro Celestini , Francesco Tiezzi , Rocco De Nicola , Flemming Nielson , and Hanne Riis Nielson Page 17

  18. Overview ❏ Security Policies are strengthened/loosened based on node’s reputation system ❏ Finding appropriate balance between resource consumption and security strength ❏ Trust is calculated stochastically, through probabilistic calculus Page 18

  19. The Logic & Logistics ❏ Implemented in modelling language StoKlaim ❏ Signature check determines trust score: reputation based on number of positive interactions ❏ Either: ❏ no policy is enforced (action denied) ❏ one policy is enforced (at base, but not target) ❏ two policies are enforced (at base and target) [8] Page 19

  20. Probabilities [8] ❏ Policy enforcement is dependent on threshold Page 20

  21. Solution 3: Dynamic Reconfiguration - Intra-trust and Famiware Dynamic Reconfiguration of Security Policies in Wireless Sensor Networks Mónica Pinto *, Nadia Gámez , Lidia Fuentes , Mercedes Amor , José Miguel Horcas and Inmaculada Ayala Page 21

  22. Dynamic Approach WSN is a network with myriad of sensors,·have constraints can be overcome by using Dynamic approach: ❏ Build secure applications that run on heterogeneous nodes with limited capabilities. ❏ Dynamic negotiation of security policies for WSNs. ❏ Monitor the changes in the context. ❏ Dynamic reconfiguration service to endow applications with self-protection. Page 22

  23. Femi Ware and Inter-trust Framework Dynamic Software Product Lines Dynamic Security Framework Page 23

  24. Dynamic Security Adaptation Fami Ware with Inter-Trust Integration: Page 24

  25. Conclusion ❏ The approaches and policies to be applicable not only for all sensors or the Internet of things, but also to the Mobile phones. This can be extended to e-voting and ambient home applications. ❏ Choose the right tool for the right situation Page 25

  26. Questions? Page 26

  27. Discussion Question 1: What level of security is needed for the following scenarios: a. Ambient control in homes b. Patient-monitoring in hospitals c. Disaster response (fire, earthquakes) d. Airplanes Page 27

  28. Discussion Question 2: In this wirelessly-connected world, do you trust currently employed security mechanisms? Page 28

  29. Discussion Question 3: Which of the presented practical solutions is the most useful? Page 29

  30. Discussion Question 4: How do you see the future of WSN’s? - Where will WSN’s bring a lot of added value? - What kind of products could be enabled by WSN’s? - For these products, what security mechanisms would be relevant? Page 30

  31. Thank You! Page 31

  32. Appendix 1 Page 32

  33. Appendix 2 Page 33

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Wireless Ad Hoc & Sensor Networks Wireless Ad Hoc & Sensor Networks Introduction -

Wireless Ad Hoc & Sensor Networks Wireless Ad Hoc & Sensor Networks Introduction -

Outline Wireless Ad Hoc & Sensor Networks Wireless Ad Hoc & Sensor Networks Introduction - Security Security challenges in Ad Hoc Networks y g Threats and Attacks Security Solutions Security Solutions

668 views • 15 slides
An Analysis of Wireless Security at U of M Dearborn: Found Problems and Proposed Solutions

An Analysis of Wireless Security at U of M Dearborn: Found Problems and Proposed Solutions

An Analysis of Wireless Security at U of M Dearborn: Found Problems and Proposed Solutions (CASL Only) Summary Basic Networking Concepts Description of vulnerabilities Demonstration Possible solutions Networking Addresses 3

288 views • 24 slides
and its Discontents Introduction The purpose of this presentation is to provide an overview of

and its Discontents Introduction The purpose of this presentation is to provide an overview of

Wireless Security and its Discontents Introduction The purpose of this presentation is to provide an overview of the strengths and weaknesses of Wireless Security solutions. We will cover: - Real-world examples of Wireless Security application

425 views • 38 slides
Covansys Technologies LLC A Trusted Partner in Wireless Network & IT Security Solutions The

Covansys Technologies LLC A Trusted Partner in Wireless Network & IT Security Solutions The

Covansys Technologies LLC A Trusted Partner in Wireless Network & IT Security Solutions The Demand for high bandwidth and stable reliable connectivity is on the rise. Enterprises are faced with challenge of meeting demand while remaining cost

350 views • 14 slides
Writing a book on wireless security available online is like writing a book on safe Internet

Writing a book on wireless security available online is like writing a book on safe Internet

Agenda The purpose of this presentation is to: FIRST Technical Colloquium Uppsala, Sweden Give an overview of Wireless technology Highlight the security issues Securing Your associated with IEEE 802.11b Wireless LAN wireless LANs Suggest

413 views • 16 slides
Xpanda security gates Security solutions Retail security gate solutions Industrial

Xpanda security gates Security solutions Retail security gate solutions Industrial

STOREFRONT PROTECTION Xpanda security gates Security solutions Retail security gate solutions Industrial security gate solutions Institutional security gate solutions Access control security gate solutions Office building

406 views • 13 slides
LLNL Site Update: Wireless/Wired Mobility Solutions Wireless/Wired Mobility Solutions July 15,

LLNL Site Update: Wireless/Wired Mobility Solutions Wireless/Wired Mobility Solutions July 15,

LLNL-PRES-442431 Performance Measures x.x, x.x, and x.x LLNL Site Update: Wireless/Wired Mobility Solutions Wireless/Wired Mobility Solutions July 15, 2010 Robin Goldstone Associate Program Leader for Networks and Convergence S&T PAD -

735 views • 5 slides
Retail security gate solutions Industrial security gate solutions Institutional

Retail security gate solutions Industrial security gate solutions Institutional

PHYSICAL SECURITY SOLUTIONS Quantum security gates can help you improve security quickly. Before or after a break-in. Retail security gate solutions Industrial security gate solutions Institutional security gate solutions Office

215 views • 18 slides
Wireless Security for Hotspots & Home PCCW Feb, 2009 Ubiquitous Wireless Indoor &

Wireless Security for Hotspots & Home PCCW Feb, 2009 Ubiquitous Wireless Indoor &

Wireless Security for Hotspots & Home PCCW Feb, 2009 Ubiquitous Wireless Indoor & Outdoor Wireless Security for Home Provides all-in-one DSL modem with Wi-Fi capability to residential customers Simplify setup to the

354 views • 21 slides
Wireless Security Why This Works Integrity Attacks Availability Black Holes Battery Exhaustion

Wireless Security Why This Works Integrity Attacks Availability Black Holes Battery Exhaustion

Wireless Security Wireless Security Confidentiality Integrity Wireless Architecture Access Points Which AP? The Evil Twin Attack Wireless Security Why This Works Integrity Attacks Availability Black Holes Battery Exhaustion Battery

785 views • 41 slides
The security of existing wireless networks Cellular networks GSM o UMTS o WiFi LANs

The security of existing wireless networks Cellular networks GSM o UMTS o WiFi LANs

The security of existing wireless networks Cellular networks GSM o UMTS o WiFi LANs Bluetooth Security and Cooperation in Wireless Networks Georg-August University Gttingen Security in Wireless Networks Wireless networks are

519 views • 48 slides
Wireless LAN Security Setup & Optimizing Wireless Client in Linux Hacking and Cracking

Wireless LAN Security Setup & Optimizing Wireless Client in Linux Hacking and Cracking

Wireless LAN Security Setup & Optimizing Wireless Client in Linux Hacking and Cracking Wireless LAN Setup Host Based AP ( hostap ) in Linux & freeBSD Securing & Managing Wireless LAN : Implementing 802.1x EAP-TLS

417 views • 29 slides
Wireless Security: A Perspective (aka. What Weve Done Wrong, and Some of What We Can Do About

Wireless Security: A Perspective (aka. What Weve Done Wrong, and Some of What We Can Do About

Wireless Security: A Perspective (aka. What Weve Done Wrong, and Some of What We Can Do About It) Wade Trappe Agenda Agenda Tales from the Dark Side of Security Wireless in Particular Decomposing the Problem into Problems

697 views • 40 slides
Hacking Hands on with wireless LAN routers, packet capture and wireless security Organised by

Hacking Hands on with wireless LAN routers, packet capture and wireless security Organised by

Free Technology Workshop Hacking Hands on with wireless LAN routers, packet capture and wireless security Organised by Steven Gordon Bangkadi 3 rd floor IT Lab 10:30-13:30 Friday 18 July 2014 http://ict.siit.tu.ac.th/moodle/ _______

795 views • 48 slides
Security in Pervasive Wireless Security in Pervasive Wireless Systems Systems Wade Trappe

Security in Pervasive Wireless Security in Pervasive Wireless Systems Systems Wade Trappe

Security in Pervasive Wireless Security in Pervasive Wireless Systems Systems Wade Trappe Breaking Down the Issues (summary) Breaking Down the Issues (summary) Wireless is easy to sniff. We still need encryption services and key management.

533 views • 13 slides
Wireless Security System 868 MHz RFID cards Vloit text Vloit text + Control Panel info

Wireless Security System 868 MHz RFID cards Vloit text Vloit text + Control Panel info

Wireless Security System 868 MHz Oasis is a wireless kit Sirens Wireless Security System 868 MHz RFID cards Vloit text Vloit text + Control Panel info Keypads ja-80_oasis_en_09_2011.ppt_c1 Wireless Security System 868 MHz Wireless

392 views • 16 slides
Islam in the identity of people from the ancient sultanates of Malaysia, Indonesia, Philippines

Islam in the identity of people from the ancient sultanates of Malaysia, Indonesia, Philippines

Islam in the identity of people from the ancient sultanates of Malaysia, Indonesia, Philippines Elsa Clav (Universitt Goethe, Frankfurt) When one looks at Southeast Asian pre-modern history, knowledge on the Philippines is few, scarce, not

552 views • 11 slides
Provenance-based Access Control Models July 31, 2014 Dissertation Defense Dang Nguyen Institute

Provenance-based Access Control Models July 31, 2014 Dissertation Defense Dang Nguyen Institute

Institute for Cyber Security Provenance-based Access Control Models July 31, 2014 Dissertation Defense Dang Nguyen Institute for Cyber Security University of Texas at San Antonio World-leading research with real-world impact! 1 Presentation

451 views • 44 slides
[G014] A Mechanistic Study of Hydroxide Anion Addition to Cyclobutane-1,2-dione by Density

[G014] A Mechanistic Study of Hydroxide Anion Addition to Cyclobutane-1,2-dione by Density

[G014] A Mechanistic Study of Hydroxide Anion Addition to Cyclobutane-1,2-dione by Density Functional Theory Calculations Nargis Sultana and Walter M.F. Fabian Institut fr Chemie, Karl Franzens Universitt Graz, A-8010 Graz, Austria Abstract

483 views • 5 slides
Lifelong Guidance Policy and Practice Initiatives in the EU Update on Progress Jyvaskyla, 6-7

Lifelong Guidance Policy and Practice Initiatives in the EU Update on Progress Jyvaskyla, 6-7

Lifelong Guidance Policy and Practice Initiatives in the EU Update on Progress Jyvaskyla, 6-7 November 2006 Ronald G. Sultana Euro-Mediterranean Centre for Educational Research University of Malta Key points Locating the progress report

398 views • 13 slides
Building High Performance Server Network Interfaces Joe Gervais Product Line Manager High

Building High Performance Server Network Interfaces Joe Gervais Product Line Manager High

Building High Performance Server Network Interfaces Joe Gervais Product Line Manager High Performance Networking Interconnect Hierarchy Interconnect Hierarchy Distance Bandwidth WAN LAN SAN GSN ST SYSTEM Latency Gigabyte System

439 views • 16 slides
Faculty Senate Town Meeting School of Engineering Bud Baeslack Dean September 17, 2003 SoE

Faculty Senate Town Meeting School of Engineering Bud Baeslack Dean September 17, 2003 SoE

Faculty Senate Town Meeting School of Engineering Bud Baeslack Dean September 17, 2003 SoE Performance Plan Overarching Goals Expand the Research Enterprise l Enhance Education l Achieve Diversity l Increase Scientific and Technological

463 views • 7 slides
A s A safegu guard f rd for or Jay Jayhaw hawk int ntegrity September 9, 2020 Co

A s A safegu guard f rd for or Jay Jayhaw hawk int ntegrity September 9, 2020 Co

A s A safegu guard f rd for or Jay Jayhaw hawk int ntegrity September 9, 2020 Co Conflict of Interest + Co Commitment Reporting Introduction Provost Barbara Bichelmeyer KU manages COI to safeguard public trust KU encourages

386 views • 26 slides
Fall 2020 Reopening Plan A Note from the Executive Director Dear NHCS Families, As I explained in

Fall 2020 Reopening Plan A Note from the Executive Director Dear NHCS Families, As I explained in

Fall 2020 Reopening Plan A Note from the Executive Director Dear NHCS Families, As I explained in my August 4th letter, we have made the difficult decision to begin the 2020-2021 school year remotely. While I know this news is hard for many,

592 views • 25 slides

More recommend