Overview of Testbed Area PAWNS Testbed Secure Sensor Middleware Integrating Policy and Group Key Management Himanshu Khurana Senior Security Engineer,

Slides:

Advertisements

Similar presentations

A Survey of Key Management for Secure Group Communications Celia Li.

Advertisements

Trust relationships in sensor networks Ruben Torres October 2004.

Decentralized Reactive Clustering in Sensor Networks Yingyue Xu April 26, 2015.

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.

A Distributed Security Framework for Heterogeneous Wireless Sensor Networks Presented by Drew Wichmann Paper by Himali Saxena, Chunyu Ai, Marco Valero,

11/07/2003IETF-58 MSEC and AAA page 1 George Gross, IdentAware ™ Security IETF-58, Minneapolis, MN November 10 th 2003 Multicast.

MOTOROLA and the Stylized M Logo are registered in the US Patent and Trademark Office. All other product or service names are the property of their respective.

Decision Support Tools CBR & Modeling Jeff Allan University of Sheffield.

1/13/05NCASSR PNNL Visit1 Security Tools Area Overview, Credential Management Services, and the PKI Testbed Jim Basney Senior Research Scientist

Network Isolation Using Group Policy and IPSec Paula Kiernan Senior Consultant Ward Solutions.

TinySec: Security for TinyOS Chris Karlof Naveen Sastry David Wagner January 15, 2003

1 Intrusion Tolerance for NEST Bruno Dutertre, Steven Cheung SRI International NEST 2 Kickoff Meeting November 4, 2002.

Kerberos and PKI Cooperation Daniel Kouřil, Luděk Matyska, Michal Procházka Masaryk University AFS & Kerberos Best Practices Workshop 2006.

National Center for Supercomputing Applications PKI and CKM ® Scaling Study NCASSR Kick-off Meeting June 11-12, 2003 Jim Basney

Leveraging IP for Sensor Network Deployment Simon Duquennoy, Niklas Wirstrom, Nicolas Tsiftes, Adam Dunkels Swedish Institute of Computer Science Presenter.

Secure Multicast Xun Kang. Content Why need secure Multicast? Secure Group Communications Using Key Graphs Batch Update of Key Trees Reliable Group Rekeying.

College ICT Committee An Overview of DARS Stewart Watson 29 th April 2008 Copy for distribution.

Security in Wireless Sensor Networks Perrig, Stankovic, Wagner Jason Buckingham CSCI 7143: Secure Sensor Networks August 31, 2004.

WIRELESS SENSOR NETWORK SECURITY USING GROUP KEY MANAGEMENT SCHEME Presented By: Mohammed Saleh CS 599a Fall06.

Mobile and Pervasive Computing Overview Material taken from: “Fundamental Challenges in Mobile Computing” and “Pervasive Computing: Vision and Challenges”

.NET Mobile Application Development Introduction to Mobile and Distributed Applications.

Intel ® Research mote Ralph Kling Intel Corporation Research Santa Clara, CA.

Security Solutions for Wireless Sensor Networks 姓名 : 曹倫誠學號 : Date:2010/06/07.

Public Key Infrastructure Ammar Hasayen ….

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Best Practices in Deploying a PKI Solution BIEN Nguyen Thanh Product Consultant – M.Tech Vietnam

On the Risks of IBE Himanshu Khurana and Jim Basney NCSA, University of Illinois International Workshop on Applied PKC (IWAP), Dalian, China, Nov 2006.

MITHRIL: Adaptable Security for Survivability in Collaborative Computing Sites NCSA: Von Welch, Jim Basney, Himanshu Khurana NRL CCS: Ken Hornstein PNNL:

1 Secure Cooperative MIMO Communications Under Active Compromised Nodes Liang Hong, McKenzie McNeal III, Wei Chen College of Engineering, Technology, and.

Multiple Autonomous Ground/Air Robot Coordination Exploration of AI techniques for implementing incremental learning. Development of a robot controller.

IP-Based Emergency Applications and Services for Next Generation Networks PEACE Presented by Suji Gunaratne PhD.

1 Secure Ad-Hoc Network Eunjin Jung

Space-Based Network Centric Operations Research. Secure Autonomous Integrated Controller for Distributed Sensor Webs Objective Develop architectures and.

1 Securing Wireless Sensor Networks Wenliang (Kevin) Du Department of Electrical Engineering and Computer Science Syracuse University Excerpted from

Overlay Network Physical LayerR : router Overlay Layer N R R R R R N.

TRUST NSF Site Visit, Berkeley, March, 2007 Sensor Networks: Technology Transfer Stephen Wicker – Cornell University.

.Sense A Secure Framework for Sensor Network Data Acquisition, Monitoring and Command Screenshots We present.Sense, an end-to-end security framework for.

Information System Development Courses Figure: ISD Course Structure.

Group Rekeying for Filtering False Data in Sensor Networks: A Predistribution and Local Collaboration-Based Approach Wensheng Zhang and Guohong Cao.

The roots of innovation Future and Emerging Technologies (FET) Future and Emerging Technologies (FET) The roots of innovation Proactive initiative on:

Planning RETF Meeting1 Planning RETF Presentation Problem Statement Problem Statement Solution Solution Proposal Proposal Next Steps Next Steps.

Secure routing in wireless sensor network: attacks and countermeasures Presenter: Haiou Xiang Author: Chris Karlof, David Wagner Appeared at the First.

TinySec: A Link Layer Security Architecture for Wireless Sensor Networks Chris Karlof :: Naveen Sastry :: David Wagner Presented by Roh, Yohan October.

SeCol: Secure Collaborative Applications using Group Communication and Publish/Subscribe Systems Himanshu Khurana NCSA.

1 Intrusion Tolerance for NEST Bruno Dutertre, Steven Cheung SRI International NEST PI Meeting January 29, 2003.

GRIDS Center Middleware Overview Sandra Redman Information Technology and Systems Center and Information Technology Research Center National Space Science.

March 2004 At A Glance NASA’s GSFC GMSEC architecture provides a scalable, extensible ground and flight system approach for future missions. Benefits Simplifies.

GRID Overview Internet2 Member Meeting Spring 2003 Sandra Redman Information Technology and Systems Center and Information Technology Research Center National.

I Copyright © 2007, Oracle. All rights reserved. Module i: Siebel 8.0 Essentials Training Siebel 8.0 Essentials.

Module 1: Introducing Windows Server 2003 Network Infrastructure Planning, Tools, and Documentation.

ProActive Infrastructure Eric Brewer, David Culler, Anthony Joseph, Randy Katz Computer Science Division U.C. Berkeley ninja.cs.berkeley.edu Active Networks.

Design of an Integrated Robot Simulator for Learning Applications Brendon Wilson April 15th, 1999.

Information Technology Services Strategic Directions Approach and Proposal “Charting Our Course”

Efficient Group Key Management in Wireless LANs Celia Li and Uyen Trang Nguyen Computer Science and Engineering York University.

NSF Middleware Initiative Purpose To design, develop, deploy and support a set of reusable, expandable set of middleware functions and services that benefit.

Societal-Scale Computing: The eXtremes Scalable, Available Internet Services Information Appliances Client Server Clusters Massive Cluster Gigabit Ethernet.

Design and Implementation of Secure Layer over UPnP Networks Speaker: Chai-Wei Hsu Advisor: Dr. Chin-Laung Lei.

Security in Sensor Networks By: Tracy Barger, David Friedman, and Stavan Parikh.

SELS: A Secure List Service Himanshu Khurana, Adam Slagell, Rafael Bonilla NCSA, University of Illinois Appeared in the ACM Symposium of Applied.

MIT Lincoln Laboratory Dynamic Declarative Networking Exploiting Declarative Knowledge To Enable Energy Efficient Collaborative Sensing Daniel J. Van Hook.

11/8/2012Proprietary & Confidential1. Enhancing the learning environment to… Increase student & teacher competencies in technology Support the integration.

Cyberinfrastructure Overview of Demos Townsville, AU 28 – 31 March 2006 CREON/GLEON.

LetItFlow Architecture Specification Project Meeting Vienna, – Victor Carmocanu SIVECO Romania.

Low-Power Interoperability for the IPv6 Internet of Things Presenter - Bob Kinicki Low-Power Interoperability for the IPv6 Internet of Things Adam Dunkels,

Von Welch Emerging NCSA Security R&D NSF CyberSecurity Summit September 28th, 2004 Von Welch

Thanasis Korakis, FP7 FLEX Project Coordinator

Ebusiness Infrastructure Platform

Scheduled Accomplishments

Scalable Group Key Management with Partially Trusted Controllers

Presentation transcript:

Overview of Testbed Area PAWNS Testbed Secure Sensor Middleware Integrating Policy and Group Key Management Himanshu Khurana Senior Security Engineer, NCSA

Testbed Area Goal: provide a testbed for integration, evaluation, and demonstration of technologies developed by NCASSR Long-term Vision: a testbed integrated with NCASSR organizations’ and external testbeds for scalability testing and transfer of technology NCSA’s globus alliance and production environment efforts DHS/NSF Deter Testbed NRL Protean Lab Step-by-step approach Provide a means for testing individual NCASSR technologies Enhance collaboration between NCASSR and other organization projects to develop integrated technologies

Y2 Testbed Projects Five projects managed by three organizations SABRE – PI: Ouderkirk (PNNL) Multilevel – PI: Irvine ( NPS) CyberCIEGE – PI: Irvine (NPS) PKI Testbed – PI: Basney (NCSA) PAWNS – PI: Khurana (NCSA) PAWNS: A testbed for Programming Applications for a Wireless Network of (motes-based) Sensors Team Members: Himanshu Khurana, Peter Bajcsy, Rakesh Bobba, David Scherba Goal: Integrate, evaluate and demonstrate Hazard Awareness using sensors (PI: Bajcsy) Security services for sensor networks (PI: Khurana)

PAWNS/Hazard Awareness/Secure Sensor Middleware Technology Components Hazard Awareness and Response Deploy Point Sensors (“smart” motes) Using Robot Control Calibrate Spectral Cameras and Point Sensors Proactive Camera Control Using Point Sensors Hazard Analysis and Human Alert Hazard Confirmation and Elimination Using Robot Control Security and Reliability over multi-hop sensor networks Encrypt data between sensors and base station Key Management using Smart Dust, Public-Key and Random Graph techniques Tinysec link-layer encryption with Skipjack Reliability transfer of messages Link-level retransmission, erasure codes

Experimental Setup and Hazard Simulation * * Slide provided by Peter Bajcsy

Proactive Camera Control and Hazard Alert and Elimination * Proactive Camera Control Logic: If light = on then visible camera = on If light = off then thermal IR camera = on Based on image analysis re- direct human attention to hazardous situation * Slide provided by Peter Bajcsy

Integrating Policy and Group Key Mgmt Research Area: Secure Group Communication (SGC) GCSs enable collaborative applications such as C&C and conferencing Need for scalable security and multicast services Problems Scalable Group Key Management approaches require Group Controllers to bear significant trust liabilities Lack of tools to evaluate efficacy of key mgmt techniques Policy and key mgmt are both necessary to enable SGC but have not been integrated Goals/Approach Develop new key mgmt solutions that minimize trust liability in group controllers Implement SGC framework based on IETF MSEC WG Security Architecture specification Evaluate key mgmt solution in framework Framework integrates policy and key mgmt Team Members Himanshu Khurana, Luke St. Clair, Neelay Shah

Minimizing Trust Liability in GC Previous scalable key mgmt schemes use a trusted GC GC organizes long-term member (symmetric) keys in a tree to enable O(log n) scalability If GC is compromised, adversary gets access to data and key encryption keys and makes recovery costly Our solution (TASK) using proxy cryptography so that GC does not have access to data and key encrypting keys GC organizes shares of member (asymmetric) keys in a tree, uses shares to transform messages between members, enables O(log n) scalability If GC is compromised, adversary only gets shares which can be refreshed easily for quick and cheap recovery Publication Himanshu Khurana, Rafael Bonilla, Adam Slagell, Raja Afandi, Hyung- Seok Hahm, and Jim Basney. Scalable Group Key Management with Partially Trusted Controllers. To appear in the International Conference on Networking, Reunion Island, April 2005

SGC Framework Implementation Key Mgmt: Task, LKH Auth: Openssl, IKE Policy Spec: Antigone M1M2Mn M1M2 Key Mgmt Auth Policy Spec. Domain A Domain B GC Policy Server GC Policy Server … Reliable Multicast Layer: NORM, Spread

Testbed Area Funding (Y2) SABRE (Simulated Anomalous Behavior & REcognition)Ouderkirk PNNL/ Battelle$350,000 PAWNS (Programming & testing Applications on Wireless Network of Sensors)KhuranaNCSA$175,000 Multilevel Testbed Encryption Experiments/Trusted Channel ImplementationIrvineNPS$80,000 PKI TestbedBasneyNCSA$255,000 CyberCIEGE Extended ScenariosIrvineNPS$200,000 Thrust Total Budget: $1,060,000