Securing private wireless sensors in a shared environment in the internet of things context

of 6

Please download to get full document.

View again

All materials on our website are shared by users. If you have any questions about copyright issues, please report us to resolve them. We are always happy to assist you.
6 pages
0 downs
To lead to the Smart Cities, we should have the possibility of obtaining information from different places and objects anytime and anywhere, in order to collect sufficient data to anticipate problems and take a good decisions. This will promote to an
  Securing private wireless sensors in a sharedenvironment in the internet of things context Anass RGHIOUI* 1 , Said BOUCHKAREN 2 , Anass KHANNOUS 1 , Mohammed BOUHORMA 1 1 LIST FSTT (Laboratory of Informatics, Systems and Telecommunications) 2 LabTIC ENSAT (Laboratory of Technology of Information and Communication)Abdelmalek Essaadi UniversityTangier,  Abstract —To lead to the Smart Cities, we should have thepossibility of obtaining information from different places andobjects anytime and anywhere, in order to collect sufficientdata to anticipate problems and take a good decisions. Thiswill promote to an effective and autonomous organization bycreating interacted and communicated objects around the city.So, we need to install various and specific IP-based wirelesssensors everywhere to collect data remotely and in a real time.The idea of mixing sensors belonging to organizations fromdifferent specialties in the same places will involve severalexperts and encourages competition. But on the other side, itwill open the door to new security threats and issues, also thiswill impose new management problems like how to limit theaccess to each organization to its sensors.In this paper, we study the security of a set of IP-based wirelesssensors, which belongs to different organizations, and forma local network. We propose a model to ensure exchangedinformation confidentiality and manage the sensors accessibility,while considering the wireless sensors constrained characteristics.  Keywords — Smart City; IEEE 802.15.4; 6LoWPAN; Internet of Things; IoT; WSN; Network Security. I. I NTRODUCTION With the immense and rapid development of technology,integrating different devices to the internet becomes possible.Communication interaction are transformed from human-to-machine to machine-to-machine (M2M), and more specificallythings-to-things, that what create the Internet of Things (IoT)[1].This technology progress facilitates the leading of smartcities [2], where different cohabited object can communicateand interact to decide instead of human, or to help managersto make more effective decisions. It supports the improvementon many life applications like logistic, healthcare, industry ...etc. Mainly for monitoring requirement where we must usesensors devices to capture data in physical or environmentalconditions.Enabling wireless sensors based on the IEEE 802.15.4communication protocol [3], to connect to the internet byimplementing them by 6LoWPAN (IPv6 over Low powerWireless Area Network) technology [4], [5], gives the possi-bility to transfer sensed data through the network in the entireworld. 6LoWPAN was developed by IETF as an adaptationlayer between network layer and data link layer to pass IPv6packet of 1260 bytes into 802.15.4 that support only 127 bytesframes. This solution allows the use of existing resources likeinternet protocols and infrastructure, and addressing a hugenumber of devices since an IPv6 address is 128 bits long, thisprovides about 3.4 x 1038 addresses more than 667 millionbillion addresses per square millimeter of land surface.Inasmuch as the Internet of Things is based on an openarchitecture [6], and the weaker characteristics of wireless sen-sors as resource-constrained devices, security issues becomesmore sensitive. Attacks can come from two sides: 802.15.4side and IP side [7]. Another issue is the security managementin the case of implementing different sensors from differentorganization in the same place. In a normal situation, sensorsbelonging to the same organization form a local network managed by a base station, but in the IoT context, to givethe opportunity for intervention from different experts andencourage concurrence, sensors from different srcins shouldbe cohabited in the same local area.This paper provides a security model in the context of Inter-net of Things to ensure confidentiality and access managementof a set of IP-based wireless sensors, which belongs to differentmanagement agencies and form a local network.The structure of the paper is as follows: Section 2 givesa brief overview of Smart Cities, IoT, 6LoWPAN and IEEE802.15.4 and their main applications, Section 3 reviews the as-sumption and discusses the issues of our studied case security,Section 4 discusses the model for securing the network withthe focus on key establishment schemes, Section 5 presentsan analysis of our model in terms of energy, flexibility andsecurity. Finally, Section 6 concludes the paper.II. GENERAL CONTEXT  A. Smart Cities projects Smart City is a set of interconnected systems collaboratingtogether and using technology tools in order to offer a bettercity management system. Used tools are a whole of small con-nected devices accessed remotely. Interaction between themfacilitate communications and offer better coordination. Theyform a working group with huge possibilities in monitoring,surveillance, and management giving real time data to man-agers and citizens to anticipate problems and have sufficientinformation for better decisions.Most of actors involved in such projects are industrialsectors of energy, water, transport, telecom network and in- 978-1-4799-5587-9/14/$31.00 ©2014 IEEE National Security Days (JNS 2014)  frastructure companies, builders working on the hardwareequipment of smart cities, integrators and services companies.  B. Internet of Things concept  Internet of Things is a concept that aims to extend theinternet to the real world by associating labels bearing codes,RFID tags or URLs to objects or places, making them availableand accessible from anywhere and anytime.Many technologies must be used and integrated to achievethis goal. Devices are different, some of them, like WirelessSensor Network [8] are resource-constrained, they are not com-patible with internet communication protocols. These protocolsmust be adapted or new ones must be developed.Applications domains include: waste management, urbanplanning, environmental sensing, social interaction gadgets,sustainable urban environment, continuous care, emergencyresponse, intelligent shopping, smart product management,smart meters, home automation and smart events [9]. C. 6LoWPAN technology 6LoWPAN is a combination between the IPv6 and IEEE802.15.4, two totally different networks. The most importantdifference is the size of the IPv6 packet measuring 1280bytes, where the 802.15.4 supports only 127 octet packets. Thesolution proposed by the IETF 6LoWPAN working group is toadd an adaptation layer that optimizes IPv6 packets throughfragmentation and assemblies to be supported by the IEEE802.15.4 link layer (Figure 1). Fig. 1. 6LoWPAN WSN layers and main protocols 6LoWPAN network consists of one or more stub networksconnected to the internet through the Edge Router. This latter,called also Border Router, routes traffic in and out of theLoWPAN, which is the collection of 6LoWPAN nodes sharingthe same address prefix IPv6, ie the first 64 bits, it is usedwith IID (Interface Identifier) [10] to form the IP address.This address is formed using the SSA (Stateless AddressAutoconfiguration) [11] in the starting phase of the network construction: the bootstrapping. This phase is managed bythe data link layer which allows the establishment of firstcommunications between nodes to configure channel, securitykeys and addressing.After the bootstrapping phase, and once the data link layeris functional, 6LoWPAN Neighbor Discovery protocol [12]that was chosen instead of the Neighbor Discovery protocol[13] because of its incompatibility with the low-power wirelessnetworks - is used to start the construction of the entire network through some messages exchanged between nodes that allowhosts, routers and Edge Router autoconfiguration.Because of routing issues in 6LoWPAN, another team wascreated, IETF-ROLL (Routing over Low-power and LossyNetwork) working group, to seek a proper routing solution tothis kind of networks. They propose RPL (Routing Protocol forLow-power and Lossy-networks) [14]. It is a distance vectorrouting protocol for IPv6 which constructs a Directed AcyclicGraph. It is implemented in route-over.  D. IEEE 802.15.4 standard  802.15.4 is a family of ad hoc networks for low-resourcedevices known by their low power consumption, low range andlow debit. IEEE 802.15.4 protocol is implemented in the twolower layers, ie, data link layer and physical layer. It dividesdevices into two types: FFD (Full Function Device) with allpossible functions, must be at least one in a network, it acts asa PAN coordinator or a router and can communicate with alldevices within the same network. And RFD (Reduced FunctionDevice) with limited functions, it acts as a sensor or actuatorand can only communicate with FFDs [15].802.15.4 defines two types of topologies: star and mesh.In star topology, devices are placed in groups as clusters, eachcluster is managed by a cluster-head. Into a cluster, devicescommunicate only with their cluster-head. Cluster-heads cancommunicate with each other. In mesh topology, all devicescontribute to the formation of the network and every onecommunicates with others who are within his reach. Star topologyMesh topology FFD (Full Function Device)RFD (Reduced Function Device) Fig. 2. IEEE 802.15.4 topologies III. ASSUMPTIONS  A. Case study Among smart city projects is offering data accessibilityfrom specific places, objects, machines or products via internet.For that, it was a need to set up a lot of sensors belonging to  different organizations, institutions or companies. Dependingto the use even if they collect the same data, we must limit theaccess of each group of sensors to the organizations that theybelong. We should implementing them by a security systemthat preserve the confidentiality of sensed information, becauseevery organization would like to have a limit and exclusiveaccessibility to its sensors.In this case study, we suppose that it exists a 6LoWPANWSN (Figure 3) where sensors of different organizations areplaced in the same place and forming one local network, LoWPAN. The network may be linked to the internet byone or several edge routers. These edge routers are linked bya common backbone link and all sensors in this network havethe same IPv6 prefix. This LoWPAN is managed remotely bya remote server. Fig. 3. 6LoWPAN WSN architecture with a Remote Server and differentorganizations (Org. A and Org. B) We suppose that the LoWPAN, more precisely the 6LoW-PAN WSN in our case, consists of following units: an edgerouter ER, routers and hosts. Each one of routers and hostshas a unique identifier. Hosts do not communicate with eachother.All devices are located in the network in a distributed way,but no one is outside the reach of other network sensors. Thus,each node is connected to at least one router.The LoWPAN is managed from a distance by a remoteserver RS, it offers information and updates to the network sensors. It may play the role of the main base station.Communications within the LoWPAN are of two types:communications exchanged between the sensors and the edgerouters, and those exchanged between sensors themselvesto establish links and update the network topology. Othercommunications are those intended for outside the LoWPAN,for responsible organizations or for a remote server.  B. Suitable solution To achieve data confidentiality, we must keep secret ex-changed data between two devices, for that, we have to usecryptography. There is two types of cryptography, symmetricand asymmetric. In symmetric cryptography, both communi-cating parties must share the same security key. However, forasymmetric cryptography, each unit has two keys: a publicone that attributes it to each device that needs to communicatewith it, and a private one which keeps it secret, used todecrypt messages encrypted by the public key. The advantageof asymmetric cryptography is its managing security keysmechanism, instead of symmetric cryptography where theproblem of how a device will share its key privately withthe other one without being disclosed by unauthorized parties.Since energy conservation is an essential element in WSNnetworks, most of studies [1], [7], [15][18] recommends theuse of symmetric cryptography because, unlike asymmetriccryptography, it implements algorithms that do not require alot of calculation, as a benefit, it does not consume a lot of energy.The difficult task in symmetric cryptography is securitykey management since each sender must have the same sharedkey with the recipient to decrypt the encrypted messages. Bothmust have specific mechanism in order to exchange the securitykey without being unveiled by a malicious.IV. PROPOSED SOLUTIONThe main purpose of this paper is not to offer a completesecurity solution for IP-based WSN, the aim of our study is topropose a general security model to resolve the confidentialityissues: confidentiality of transmitted information and confiden-tiality of accessing to the device. Our scheme can be adaptedand implemented by any IP-based WSN as needed, dependingon the used application, in the context of IoT, in order toestablish a smart city project.Our solution is based on symmetric cryptography, it offersthree types of security keys: a pairwise key between theER and the network nodes, a pairwise key between twonodes, and a group key shared by all nodes belonging to thesame organization. Also, this solution manages pairwise nodesaccess from outside the LoWPAN.To generate a key, a node use a seed  S   and its secretID  N  IDi  . The  N  IDi  must not be shared in plaintext into thenetwork.The choice of the cryptographic algorithm and the methodto which he will combine between  S   and  N  IDi  to generate  TABLE I. L IST OF USED NOTATIONS ER Edge RouterRS Remote Server S   Generated seed by RS S  N i  Generated seed by  N  i N  i  Node i N  IDi  The ID of   N  i K  N iER  Pairwise key between  N  i  and ER K  N i,j Pairwise key between two nodes  N  i  and  N  i Org X Organization X (X may be A or B ...) K  OrgX  Group key shared between Org X nodes L 1  Level of a node towards ER the key, is left to the user according to his needs and hisdeployment environment.Communications between the edge routers, the remoteserver, and the organizations are well secured as they arepowerful and robust machines.  A. Predeployment configurations In the RS, we create a database of the nodes that will bepresent in the network. This database is implemented by dataconcerning these devices. The two necessary information forour solution are the identifier ID and the MAC address of eachnode.Also, each ER in this network will be implemented by adatabase of nodes within the LoWPAN. This database willrecord for each node its addresses (MAC and IP) and itspairwise security key shared whith this node.Every node  N  i  has three types of security keys:  K  N  i ER  apairwise key between  N  i  and the ER,  K  N  i,j between twonodes  N  i  and  N  j  (between a host and a router, or betweentwo routers), and group key  K  OrgX  shared between all of nodesbelonging to the same organization X.  B. Security keys establishment  In this section we explain the suggested methods forthe management and establishment of symmetric keys in thenetwork: the shared pairwise key between the edge router andnetwork nodes, the shared key between two communicated anode into the LoWPAN and the shared group key between thesame organizations nodes. 1) K  N  i ER  establishment:  The RS generates a seed  S  , sendsit to the ER of the LoWPAN that transfers it to the nodes inthe first row, the message is determined as a message of level L 1  since it begins from the ER that represents the head of the network. A node  N  i  receives this message, keeps the seedand increment the level in the received message as its level,so if the first message that is sent by the ER equal to 1, thefirst devices that receive this message will have  L 2 , and soon, each node that receives this message for the first time willincrement its level. Thus, each node records the one-hop senderaddress of this message as its gateway to the ER. Thereafter,each node send the received seed to other one-hop nodes, inthis case: if a node has already received the seed, it will check the level of the sender, if it is less than or equal to its level,it will reject it, otherwise it will record the sender address asits second gateway. If a device receives the message for thefirst time, it will proceed as cited before. So on, until all thenodes in the network receives the seed  S  . This way, each node N  i  will use the  S   with its own ID  N  IDi  to generate the secretkey  K  N  i ER . Since the RS has the seed and all devices IDs in itsdatabase, it will generate for each one its appropriate securitykey and send them securely to the ERs each one with its MACaddress. Upon receiving an encrypted message, ER will check the address of the sender to determine its key that will use todecrypt the message (Figure 4). RSER  Ni  GenerateSendSetBroadcastIncrementGenerate keysfor networknodesSend networknodes keys withtheir MACAddr   ER RS  S S L = 1 S L  Fig. 4.  K  N  i ER  establishment and sharing 2) K  N  i,j establishment:  After that each node in the net-work has a symmetric key  K  N  i ER  shared with the ER, theywill need to communicate with each other to share someinformation and update their routing tables. For this, eachdevice generates its own seed  S  N  i  and use it with its ID togenerate a symmetric key  K  N  i in order to share it with itsneighbors. If a node  N  i  wants to communicate with another N  j  , one of them must be a router node. Firstly, they exchangehello messages, including their level. The node which has thelevel less than the other, that is to say it is in a position nearestto the ER, will deal with authentication procedures and keyexchange. Assuming that  N  i  level less than  N  j . In this case, N  i  records in a message  N  j  MAC address and its own key K  N  i , encrypts this message by its key  K  N  i ER  and transfers itto ER. The latter, i.e. the ER, decrypting this message willunderstand that the node owner of the address contained inthe message, i.e.  N  j , wants to communicate with the nodesending the message, which is  N  i . The ER will check themby requesting RS. If it is OK, ER encrypts the sender nodekey  K  N  i with the solicited node key  K  N  j ER  and sends it to thislatter, i.e.  N  j  to use it to communicate securely with the othernode  N  i  (Figure 5). 3) K  OrgX  establishment:  In our model, RS acts as a proxybetween organizations and their nodes. Every organization thatimplements these sensors in the network must first registerthem within the RS, it must provide sensors ID and MACaddress. Through the database, the RS will identify each nodeby its owner, like that, each organization wants to communicate  RSER  Ni Nj  Generate + = HelloEncrypts  Nj  MAC address andby( Nj  - MAC , )Check Ni  and Nj  ( )   S  N  i  S  N  i   N  i  ID  K   N  i  += N   j  K   N  i  K   N  i  ER  N   j  MAC Addr  , K   N  i  ( ) K   N  i  ER  N   j   N  i  ( ) K   N  i  K   N   j  ER  RS ER N N  i  j  Fig. 5.  K  N  i,j establishment and sharing with its nodes must first pass through the RS. RS plays therole of intermediary between the node and the organization.RS will verify the access authorization of this organization tothis node. If it is OK, RS receives the sensor data through ERand forwards it after to this organization. In the case where anorganization wants to make an order to its nodes, an update or aconfiguration change to enhance security, we establish a groupkey with respect to each set of nodes belonging to the sameorganization. Each organization will generate a symmetric key K  OrgX  and send it in a secure way to RS. This latter checksthis organization nodes and sends them the  K  OrgX  to each oneencrypted by its symmetric key  K  N  i ER .V. D ISCUSSION OF THE PROPOSED SOLUTION We evaluate our work relative to three criteria: energyefficiency, an essential element for LoWPAN networks, flexi-bility and scalability of this model in a dynamic network likedistributed networks, and security our main objective of thisstudy.  A. Energy efficiency From energy point of view, which is an essential metric forLoWPAN networks, and a critical criterion of choice to adoptor not a solution, our model does not require a lot of calculationor data exchange between devices to establish security keys,it can be considered as an energy-economizer.Our model is based on symmetric cryptography that isrecommended by experts in the field as an appropriate solutionfor LoWPAN. Our proposal for key management in our schemehas three key types to secure communication within thisnetwork: communication between the edge router, the remoteserver and network nodes, and communication between nodes.A node uses its own information such as the ID to establishthe key, it does not store other additional information that willcharge its space storage. In terms of computation, a device onlyneeds to combine between the seed and its ID to generate thekey, an operation that not require excessive computation.  B. Flexibility and scalability In distributed topologies, two elements are important totake into consideration, flexibility and scalability, we deal withthis two concepts by modeling a schema that tolerates changesin topology and do not depend in a specific infrastructure.Our scheme is flexible towards changes in: topology, nodespositions, and network density. Each node has a specific keysharing with the edge router, in any position, both can establisha secure communication using their shared key. A device caneasily change a router by another, for route optimization, dueto a malfunction of a node, a change of position, or for anotherreason, it will request the connection establishment with thenew gateway, it has only to forward its request to the edgerouter for verification and exchange keys. In the case of a newdevice that is added to the network, it must be previously addedto the database of the remote server. Then, it has only has tosend a request the nearest router to establish a connection inthe same way mentioned above. C. Security metrics Our solution ensures confidentiality, authentication andauthorization of communications in the network.All communications and data exchanged in the network areencrypted, the only information exchanged in plaintext is theseed generated by the remote server that represents only oneelement among others that are well secured to establish thekey. Thus, any node unless those defined in the Remote serverhas permission to join the network, or has the possibility of establishing a security key.Also, no outsider device can communicate directly with aLoWPAN node, it must firstly pass by the remote server. Andonly authorized ones can communicate with network nodes,each one can receive only sensed data from its own sensors.We avoided any sharing of information that may presenta risk to the network, the key generation is done in the nodeitself. Thus, we do not share in the network nodes IDs, so nointruder can take a legitimate device ID by a sniffing attack.The remote server is a powerful and well secured machine, itwas given the role of monitoring the network basing on thedatabase of legitimate network devices.VI. C ONCLUSION We presented a settlement security keys for symmetriccryptography in order to secure a 6LoWPAN-based WirelessSensor Network in the context of the Internet of Things inthe case where many organizations implement their sensornodes in a shared environment. This model is based on theestablishment of three security pairwise keys in order to securecommunication between the remote server, edge router andnetwork nodes. This model should ensure the confidentialityand nodes authentication as no intruder cannot get a false
Related Search
We Need Your Support
Thank you for visiting our website and your interest in our free products and services. We are nonprofit website to share and download documents. To the running of this website, we need your help to support us.

Thanks to everyone for your continued support.

No, Thanks