Presentation is loading. Please wait.

Presentation is loading. Please wait.

A Security Framework with Trust Management for Sensor Networks Zhiying Yao, Daeyoung Kim, Insun Lee Information and Communication University (ICU) Kiyoung.

Similar presentations


Presentation on theme: "A Security Framework with Trust Management for Sensor Networks Zhiying Yao, Daeyoung Kim, Insun Lee Information and Communication University (ICU) Kiyoung."— Presentation transcript:

1 A Security Framework with Trust Management for Sensor Networks Zhiying Yao, Daeyoung Kim, Insun Lee Information and Communication University (ICU) Kiyoung Kim, Jongsoo Jang Electronics and Telecommunications Research Institute(ETRI) Korea Speaker: Kangwoo Lee

2 A N T S 2Contents Motivation Trust Management Based Security Framework Architecture Trust Management Component Network I/O Application Description Component Security Response Component Example Scenario Conclusion

3 A N T S 3Motivation ■ Sensor network applications (e.g. monitoring safety, tracking environmental pollutants) need security at design time ■ Existing research efforts ■ Focus on specific security fields, such as secure routing or intrusion tolerance ■ Main solutions recur to cryptographic algorithms, and are lacking the complementary tool for managing trust ■ Proposed solution ■ An effective security solutions from a system architectural view ■ Trustworthy relationship can be evaluated locally to guide node behavior

4 A N T S 4 Solution Illustration A B C D Local node Neighboring node of local node Radio range Monitor range (promiscuous mode) Receipt of packet Sensor Field Logically assess neighboring nodes trustworthiness Gather available network knowledge Manage (store & update) the trust value of neighboring node Securely take network action (routing, intrusion detection…) Monitor of packet A B C D

5 A N T S 5 Security Framework Architecture We consider a general sensor network case One base station n nodes The architecture running locally gives nodes the abilities Appropriate to different application requirements Collect traffic actively or passively Assess the trustworthiness of their neighboring nodes Guide network action

6 A N T S 6 Security Framework Application Description Component Used to set application-dependent parameters considering nature of sensor networks Security related information, such as: Key management scheme Hash function used Message authentication code length Trust level (Trust Regulation Table) Weight and adjustment factors used in trust evaluation procedure

7 A N T S 7 Security Framework Network I/O Responsibility: Receive incoming packets Send outgoing packets Control the rate of incoming and outgoing packets Pass required information for trust evaluation

8 A N T S 8 Security Framework Trust Management Component –1 A localized trust model Recommendation-based trust Trust-based recommendation Give an individual node the ability to estimate its local environment and take action to carry out its network duty A set of logical computation to get a numerical trust value

9 A N T S 9 Security Framework Trust Management Component –2 Entities Defined judge : performs evaluation suspect : the adjacent neighbor of the judge and will be evaluated juries : maintain the trust value of the same suspect with the judge and send it out periodically or intentionally Trust relationship not symmetric If A trust B, B maybe not trust A, where A and B are mutually neighboring nodes. time-evolving Need be updated upon receipt of new interactive communication or new recommendations. Judge Suspect Jury

10 A N T S 10 Security Framework Trust Management Component –3 Trust Evaluation Based on the localized trust model Two kinds of knowledge are needed personal reference direct interaction with the suspect reference reputation sent by the juries Trust value Deduced from the trust evaluation procedure Represented by real numbers, between 0 and 1 Indicate the extent of trust the judge may have in the suspect Conceptual Trust Model

11 A N T S 11 Security Framework Trust Management Component –4 Personal Reference Parameters about cryptographic operations Represent the security mechanisms used Can disclose attacks (e.g. message forgery and modification) Parameters about nodes’ interactive behavior Reflect nodes availability Can reveal attacks (e.g. dropping and denial-of- service)

12 A N T S 12 Security Framework Trust Management Component –5 Reference Reference generation Recommendation protocols Active protocol– reference request Anti-active protocol– abnormal personal reference report Reference computation trust-based recommendation

13 A N T S 13 Security Framework Trust Management Component – 6 Context Maintain weighted values, passed from parameter database Deliver necessary parameters to personal reference and trust value computation procedure Trust value Weighted summation between the personal reference and reference

14 A N T S 14 Security Framework Security Response Component Integrate the mostly existing security research directions in WSN Using available trustworthiness and a lightweight trust policy Refer to recommendation protocol Perform appropriate network activities based on the available trust relationship Reliability analysis, secure routing, intrusion detection, and intrusion tolerance

15 A N T S 15 Security Framework Example Scenario –1 We give an example to show the secure routing path selection between base station and node D as an example Define the routing selection metric as unit trust value in consideration of both security and energy-savings together, notated as uT. Each possible path holds an uT, which can be expressed as:

16 A N T S 16 Security Framework Example Scenario –2

17 A N T S 17Conclusion An complete security architecture from system view Adaptive to different application requirements Make good use of available network knowledge Deduce trustworthy relationship based on localized trust model Execute network action efficiently due to the available evidence

18 A N T S 18 Thanks for Listening !!


Download ppt "A Security Framework with Trust Management for Sensor Networks Zhiying Yao, Daeyoung Kim, Insun Lee Information and Communication University (ICU) Kiyoung."

Similar presentations


Ads by Google