28-03-2014, 01:02 PM
On Communication Security in Wireless Ad-Hoc Sensor Networks
Communication Security .pdf (Size: 264.41 KB / Downloads: 15)
Abstract
Networks of wireless microsensors for monitoring
physical environments have emerged as an important new
application area for wireless technology. Key attributes of
these new types of networked systems are the severely
constrained computational and energy resources, and an
ad hoc operational environment. This paper is a study of
the communication security aspects of these networks.
Resource limitations and specific architecture of sensor
networks call for customized security mechanisms. Our
approach is to classify the types of data existing in sensor
networks, and identify possible communication security
threats according to that classification. We propose a
communication security scheme where for each type of
data we define a corresponding security mechanism. By
employing this multitiered security architecture where
each mechanism has different resource requirements, we
allow for efficient resource management, which is
essential for wireless sensor networks.
Introduction
Wireless sensor networks, applied to monitoring
physical environments, have recently emerged as an
important application resulting from the fusion of wireless
communications and embedded computing technologies
[1][3][13][18][19].
Sensor networks consist of hundred or thousands of
sensor nodes, low power devices equipped with one or
more sensors. Besides sensors, a sensor node typically
contains signal processing circuits, microcontrollers, and a
wireless transmitter/receiver. By feeding information
about the physical world into the existing information
infrastructure, these networks are expected to lead to a
future where computing is closely coupled with the
physical world and is even used to affect the physical
world via actuators.
Local broadcast
In sensor networks, local broadcast is a fundamental
communication primitive. Local broadcast is necessary to
build and maintain sensor networks architectures, and to
support the exchange of the data about detected events.
Any node in the network can be a sender or a receiver of a
broadcast message. These properties of sensor networks
have a significant impact on the security. In our security
scheme, we use shared symmetric keys for encryption.
Such a solution simplifies the key management and retains
the energy efficiency of local broadcast, but does not offer
strong authentication.
Communication Security Scheme
After we defined the three types of data in the
SensorWare network, and the possible threats to the
network, in this section we define the elements of the
security scheme. The three security levels described here
are based on private key cryptography utilizing group
keys. Applications and system software access the security
API as a part of the middleware defined by the
SensorWare architecture. Since all three types of data
contain more or less confidential information, the content
of all messages in the network is encrypted.
Security Level II
For data that contains locations of sensor nodes, we
provide a novel security mechanism that isolates parts of
the network, so that breach of security in one part of the
network does not affect the rest of the network.
According to our assumptions about the applications
expected to run in sensor networks, the locations of sensor
nodes are likely to be included in the majority of
messages. Thus, the overhead that corresponds to the
encryption of the location information significantly
influences the overall security overhead in the network.
This must be taken into account when the strength of the
encryption at this level is determined. Since the protection
level is lower for the location information than for mobile
code, the probability that the key for the level II can be
broken is higher. Having the key, an adversary could
potentially locate all nodes in the network. To constrain
the damage to only one part of the network, we propose
the following security mechanism. Sensor nodes use
location-based keys for level II encryption. The
location-based keys enable separation between the regions
where the location of nodes are compromised and the
areas where nodes continue to operate safely.
Conclusion
In this paper, we propose a communication security
scheme for sensor networks. The straightforward approach
to the secure communication in sensor networks could be
the application of a single security mechanism for all data
in the network. However, if the mechanism is chosen
according to the most sensitive data in the network,
security related resource consumption might be
unacceptable. On the other hand, a less consuming
mechanism could allow for serious security threats.
Therefore, the solution lies in the identification of
appropriate security requirements for various types of data
and the application of suitable security mechanisms. Using
the target tracking application as an example, and the
SensorWare architecture as a target platform, we define
here some security challenges in sensor networks, identify
different types of data, and propose and implement
elements of a communication security scheme.