End-to-End Security in Wireless Sensor Networks (WSNs) Talk by Claudio Anliker Supervised by Dr. Corinna Schmitt University of Zurich
|
|
- Oliver Sharp
- 8 years ago
- Views:
Transcription
1 End-to-End Security in Wireless Sensor (WSNs) Talk by Supervised by Dr. Corinna Schmitt University of Zurich
2 Content 1. Motivation 2. Security Issues and Principles 3. Internet-of-Things and Wireless Sensor 4. Examples 1. Example 1: Differentiated Key pre-distribution 2. Example 2: End-to-End Secure Communication between WSNs and the Internet 5. Conclusion 2
3 Motivation Growing importance of Wireless Sensor (WSNs) Many works devoted to hop-by-hop security Only a few consider end-to-end security Interesting security challenges due to different preconditions Future: Different directions and solution approaches High influence by applications 3
4 Content 1. Motivation 2. Security Issues and Principles 3. Internet-of-Things and Wireless Sensor 4. Examples 1. Example 1: Differentiated Key pre-distribution 2. Example 2: End-to-End Secure Communication between WSNs and the Internet 5. Conclusion 4
5 The Notion of «Security» Definition of (end-to-end) security depends on context «Inexistence of (successful) attacks» [3] «The state of being free from danger or threat» [4] To provide security, we need Confidentiality, authenticity, integrity and privacy! System security vs. network security 5
6 Symmetric Encryption Bob c Alice c = f(m, k) Eve? = f 1 (c,? ) m = f 1 (c, k) m {0, 1} n = message k = shared secret key c {0, 1} n = cipher text f = cryptographic function 6
7 The Key Distribution Problem secure channel share secret key Approaches: 1. Secure key exchange over insecure connections (e.g. Diffie-Hellman) 2. Use two keys for encryption / decryption Asymmetric encryption (e.g. RSA) 7
8 Asymmetric Encryption Bob c 1 Alice c 2 c 1 = f m 1, PU A m 2 = f c 2, PR B Eve? m 1 = f c 1, PR A c 2 = f(m 2, PU B ) PR x = private key of x PU x = public key of x c 1, c 2, PU A, PU B 8
9 Message Authentication Bob Alice c 1 Hi, I m Bob. Take this message! Eve c 1 = f m 1, PU A m 1 = f c 1, PR A Alice has no chance to ensure the authenticity of the message! 9
10 Message Authentication Code (MAC) Bob c 1 = f c m, PU A t 1 = f t c 1, k t (c 1, t 1 ) (c 1, t 1 ) (c 2, t 1 ) Eve Alice m 1 = f c c 1, PR A t 1 = f t c 1, k t t 1 = t 1 m 2 = f c 2, PR A t 2 = f c 1, k t t 2 t 1 c 2 = f c m 2, PU A 10
11 Content 1. Motivation 2. Security Issues and Principles 3. Internet-of-Things and Wireless Sensor 4. Examples 1. Example 1: Differentiated Key pre-distribution 2. Example 2: End-to-End Secure Communication between WSNs and the Internet 5. Conclusion 11
12 Internet-of-Things Network of uniquely identified objects Firstly defined in 1999 by Kevin Ashton Virtual representation of «things» in an internet-like structure Support daily processes by minimizing differences between real and virtual world Internet IP communication WSNs are an integral part of the IoT! From point-to-point to end-to-end communication 12
13 WSN Applications Monitoring! Deploy a WSN over a region to monitor some phenomenon Geo fencing Military: intrusion detection Structural health monitoring Natural disaster prevention (e.g floods) Health Care Traffic management Smart grid 13
14 WSNs vs IP Massive resource constraints Computational power (slower CPUs) Main memory (often in the range of B-KB) Power supply (batteries) «Young» technology, hence expect growing Importance Number of application scenarios Variety of requirements and contexts 14
15 Challenges in WSNs Key exchange: existing protocols are not feasible Asymmetric encryption (e.g. RSA) need lots of computations Trade-off between end-to-end security and information aggregation Deployment of ISO/OSI protocol stack difficult (resources) Current technologies (e.g. SSL/TLS) not feasible in WSNs 15
16 WSNs: Hop-by-Hop Security Sensors Sink WSN Encrypted links Use hop-by-hop principle to generate end-to-end security 16
17 WSNs: End-to-End Security Sensors User Internet WSN Sensor-to-sensor Sensor-to-user 17
18 E2E Security in WSNs: Summary Sensor-to-sensor: End-to-end: Sensors in-between cannot decrypt messages. No information aggregation possible Hop-by-Hop: Any two sensors need a shared secret key to communicate! Transmission radius is also important. Sensor-to-user: For communication over the Internet 18
19 Content 1. Motivation 2. Security Issues and Principles 3. Internet-of-Things and Wireless Sensor 4. Examples 1. Example 1: Differentiated Key pre-distribution 2. Example 2: End-to-End Secure Communication between WSNs and the Internet 5. Conclusion 19
20 The Key Distribution Problem - Reloaded Equip sensors with secret keys before deployment Key space K consists of a set of different keys. Sensors i and j Provide each sensor i with a random set K i k k K i K j i and j can communicate. K. Is referred to as key pre-distribution. 20
21 Key pre-distribution Secure? From a theoretical point of view, no Are the security flaws of practical relevance? Context-dependent Inherent trade-off Resilience ( probability of a sensor s attack resistence) Resources (can t distribute arbitrary many keys) and effect of node capturing 21
22 Key pre-distribution What if there is no such key k? Figure from [1] Differentiated key pre-distribution [1] 22
23 Example 1: Differentiated Key pre- Distribution (1) + Defines node classes and distributes the secret keys accordingly + Much more sophisticated, theoretically well-founded + Improves link resilience and probability of secure communication No breakthrough Mainly work arounds for existing problems/flaws No information about authentication and integrity provisioning 23
24 Example 1: Differentiated Key pre- Distribution (2) Figures from [1] Pe2e: Probability of secure message transmission between sensor and sink Nc: Number of sensors disclosed to an attacker r: Radius of communication for each sensor in meters GPSR (Greedy Perimeter Stateless Routing) and minhop: Routing schemes 24
25 Content 1. Motivation 2. Security Issues and Principles 3. Internet-of-Things and Wireless Sensor 4. Examples 1. Example 1: Differentiated Key pre-distribution 2. Example 2: End-to-End Secure Communication between WSNs and the Internet 5. Conclusion 25
26 Example 2: E2E Secure Communication between WSNs and the Internet (1) Proxy model Reduces the burden of sensors Decreases scalability Increases complexity (e.g. need for application specific proxies WSNs as an extension of the Internet IP! No proxy, but an edge-router for forwarding «Real» end-to-end security, edge-router sees no clear text 26
27 Example 2: E2E Secure Communication between WSNs and the Internet (2) Deployment and four phases Deployment phase: before actual deployment, exchange information for services and secure communication 1. User registration phase: users of the system get certificates and access passports 2. Request phase: the gateway verifies the request of the user Check the access rights 3. Session key agreement phase: exchange of security credentials 4. Key confirmation phase: verify the completion of the hand-shake Complicated protocol, for detailed explanation and analysis, consult [2] 27
28 Example 2: E2E Secure Communication between WSNs and the Internet (3) Sensor node Gateway Service Provider User CERT, AUTH Access control Id sensor, CERT Send different values such that the user can compute the shared key Verify the shared keys, secure connection established 28
29 Example 2: Properties (according to the authors) Mutual authentication Access control Mutual key confirmation Key freshness Privacy protection DDoS resistance Replay attacks still possible security flaws due to concrete implementations!? Performance: At least better than standard TLS!? Still assumes a secure pre-deployment phase! 29
30 Content 1. Motivation 2. Security Issues and Principles 3. Internet-of-Things and Wireless Sensor 4. Examples 1. Example 1: Differentiated Key pre-distribution 2. Example 2: End-to-End Secure Communication between WSNs and the Internet 5. Conclusion 30
31 Summary: P2P vs WSN End-to-End Security (1) Asymmetric Encryption Standards Key Distribution after Deployment Experience Authenticity Integrity Privacy Conventional WSN Sensor-to- Sensor Matured technologies Approaches exist Poor/no support 31
32 Summary: P2P vs WSN End-to-End Security (2) Two main security criteria Hardware and resources Application and context Challenge: Provision of security under massive resource constraints End-to-End Intermediate sensors perform only forwarding of cipher text. Privacy, authenticity, integrity Confidentiality: Data is not revealed at forwarding nodes! 32
33 References [1] W. Gu, N. Dutta, S. Chellappan, X. Bai, Providing End-to-end Secure Communications in Wireless Sensor, IEEE Transactions on Network and Service Management, IEEE, New York, NY, USA, Vol. 9, No. 3, pp , 2011 [2] H. Yu, J. He, T. Zhang, P. Xiao, Y. Zhang, Enabling End-to-end Secure Communications between Wireless Sensor and the Internet, Journal World Wide Web, Springer, New York, NY, USA, Vol.16, Issue 4, pp , 2013 [3] U. Maurer, Cryptography, Lecture Notes of the Course «Cryptography» taught at ETH Zurich, p. 3, 2014 [4] Definition from the Oxford Dictionaries (Online Version),
34 Discussion H1: The concept of key pre-distribution will not be replaced in the next 10 years. 34
35 Discussion H2: Optimization of current asymmetric encryption schemes will become a long-term solution due to technical advances in sensor design. The introduction of entirely new schemes is likely unnecessary. 35
36 Discussion H3: The WSN research community needs to introduce new schemes to provide user privacy before the paradigm of the Internet-of-Things (IoT) or Web-of- Things become reality. 36
37 Discussion H4: The manifold deployment scenarios of WSNs make the definition of multiple standards inevitable. 37
38 Discussion What is your opinion about WSNs? Smart traffic management Computer controlled cars Smart home or any other application? 38
39 39
40 Deployed Solutions 6LoWPAN as WSN version of IPv6 IPSec mandatory in IPv6, integration in 6LoWPAN in progress MicroSSL for 8-bit flash micro controller (1.3 KB) Sizzle: security architecture (using SSL and HTTP) Uses public key encryption, but is proxy based 40
Providing End-to-end Secure Communications in Wireless Sensor Networks
1 Providing End-to-end Secure Communications in Wireless Sensor Networks Wenjun Gu, Neelanjana Dutta, Sriram Chellappan and Xiaole Bai Abstract In many Wireless Sensor Networks (WSNs), providing end to
More information15 th TF-Mobility Meeting Sensor Networks. Torsten Braun Universität Bern braun@iam.unibe.ch www.iam.unibe.ch/~rvs
15 th TF-Mobility Meeting Sensor Networks Torsten Braun Universität Bern braun@iam.unibe.ch www.iam.unibe.ch/~rvs Overview 2 Ubiquitous Computing > Vision defined by Mark Weiser in 1991 Seamless integration
More informationSecurity. Contents. S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks 1
Contents Security requirements Public key cryptography Key agreement/transport schemes Man-in-the-middle attack vulnerability Encryption. digital signature, hash, certification Complete security solutions
More informationWireless Sensor Network Security. Seth A. Hellbusch CMPE 257
Wireless Sensor Network Security Seth A. Hellbusch CMPE 257 Wireless Sensor Networks (WSN) 2 The main characteristics of a WSN include: Power consumption constrains for nodes using batteries or energy
More informationClient Server Registration Protocol
Client Server Registration Protocol The Client-Server protocol involves these following steps: 1. Login 2. Discovery phase User (Alice or Bob) has K s Server (S) has hash[pw A ].The passwords hashes are
More informationChapter 10. Network Security
Chapter 10 Network Security 10.1. Chapter 10: Outline 10.1 INTRODUCTION 10.2 CONFIDENTIALITY 10.3 OTHER ASPECTS OF SECURITY 10.4 INTERNET SECURITY 10.5 FIREWALLS 10.2 Chapter 10: Objective We introduce
More informationWireless Sensor Networks Chapter 14: Security in WSNs
Wireless Sensor Networks Chapter 14: Security in WSNs António Grilo Courtesy: see reading list Goals of this chapter To give an understanding of the security vulnerabilities of Wireless Sensor Networks
More informationNetwork Security. Computer Networking Lecture 08. March 19, 2012. HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23
Network Security Computer Networking Lecture 08 HKU SPACE Community College March 19, 2012 HKU SPACE CC CN Lecture 08 1/23 Outline Introduction Cryptography Algorithms Secret Key Algorithm Message Digest
More informationIntroduction to Computer Security
Introduction to Computer Security Network Security Pavel Laskov Wilhelm Schickard Institute for Computer Science Circuit switching vs. packet switching OSI and TCP/IP layered models TCP/IP encapsulation
More informationTLS/SSL in distributed systems. Eugen Babinciuc
TLS/SSL in distributed systems Eugen Babinciuc Contents 1. Introduction to TLS/SSL 2. A quick review of cryptography 3. TLS/SSL in distributed systems 4. Conclusions Introduction to TLS/SSL TLS/SSL History
More informationSecurity Sensor Network. Biswajit panja
Security Sensor Network Biswajit panja 1 Topics Security Issues in Wired Network Security Issues in Wireless Network Security Issues in Sensor Network 2 Security Issues in Wired Network 3 Security Attacks
More informationChapter 7 Transport-Level Security
Cryptography and Network Security Chapter 7 Transport-Level Security Lectured by Nguyễn Đức Thái Outline Web Security Issues Security Socket Layer (SSL) Transport Layer Security (TLS) HTTPS Secure Shell
More informationSecurity Solutions for Wireless Sensor Networks
Dirk WESTHOFF, Joao GIRAO, Amardeo SARMA Abstract This paper describes security solutions for collecting and processing data in Wireless Sensor Networks (WSNs). Adequate security capabilities for medium
More informationIntroduction to Wireless Sensor Network Security
Smartening the Environment using Wireless Sensor Networks in a Developing Country Introduction to Wireless Sensor Network Security Presented By Al-Sakib Khan Pathan Department of Computer Science and Engineering
More informationNetwork Security Protocols
Network Security Protocols EE657 Parallel Processing Fall 2000 Peachawat Peachavanish Level of Implementation Internet Layer Security Ex. IP Security Protocol (IPSEC) Host-to-Host Basis, No Packets Discrimination
More information3.2: Transport Layer: SSL/TLS Secure Socket Layer (SSL) Transport Layer Security (TLS) Protocol
Chapter 2: Security Techniques Background Chapter 3: Security on Network and Transport Layer Network Layer: IPSec Transport Layer: SSL/TLS Chapter 4: Security on the Application Layer Chapter 5: Security
More informationINF3510 Information Security University of Oslo Spring 2011. Lecture 9 Communication Security. Audun Jøsang
INF3510 Information Security University of Oslo Spring 2011 Lecture 9 Communication Security Audun Jøsang Outline Network security concepts Communication security Perimeter security Protocol architecture
More informationIntroduction to Computer Security
Introduction to Computer Security Network Security Pavel Laskov Wilhelm Schickard Institute for Computer Science Circuit switching vs. packet switching OSI and TCP/IP layered models TCP/IP encapsulation
More information7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?
7 Network Security 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework 7.4 Firewalls 7.5 Absolute Security? 7.1 Introduction Security of Communications data transport e.g. risk
More informationWireless Network Security 14-814 Spring 2014
Wireless Network Security 14-814 Spring 2014 Patrick Tague Class #8 Broadcast Security & Key Mgmt 1 Announcements 2 Broadcast Communication Wireless networks can leverage the broadcast advantage property
More informationComputer Networks. Secure Systems
Computer Networks Secure Systems Summary Common Secure Protocols SSH HTTPS (SSL/TSL) IPSec Wireless Security WPA2 PSK vs EAP Firewalls Discussion Secure Shell (SSH) A protocol to allow secure login to
More informationNetwork Security Essentials Chapter 5
Network Security Essentials Chapter 5 Fourth Edition by William Stallings Lecture slides by Lawrie Brown Chapter 5 Transport-Level Security Use your mentality Wake up to reality From the song, "I've Got
More informationCS 356 Lecture 27 Internet Security Protocols. Spring 2013
CS 356 Lecture 27 Internet Security Protocols Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists
More informationAnnual review FLORENCE 2013. WP4 Network: prototypes
Annual review FLORENCE 2013 WP4 Network: prototypes WP4 prototypes Task 4.1 Smart SPD driven transmission P1: SPD-driven Smart Transmission Layer Task 4.2 Distributed self-x models P2: Recognizing and
More informationCSE/EE 461 Lecture 23
CSE/EE 461 Lecture 23 Network Security David Wetherall djw@cs.washington.edu Last Time Naming Application Presentation How do we name hosts etc.? Session Transport Network Domain Name System (DNS) Data
More informationSSL/TLS: The Ugly Truth
SSL/TLS: The Ugly Truth Examining the flaws in SSL/TLS protocols, and the use of certificate authorities. Adrian Hayter CNS Hut 3 Team adrian.hayter@cnsuk.co.uk Contents Introduction to SSL/TLS Cryptography
More informationSingle Sign-On Secure Authentication Password Mechanism
Single Sign-On Secure Authentication Password Mechanism Deepali M. Devkate, N.D.Kale ME Student, Department of CE, PVPIT, Bavdhan, SavitribaiPhule University Pune, Maharashtra,India. Assistant Professor,
More informationLecture Objectives. Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks. Agenda. References
Lecture Objectives Wireless Networks and Mobile Systems Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks Introduce security vulnerabilities and defenses Describe security functions
More informationUsing BroadSAFE TM Technology 07/18/05
Using BroadSAFE TM Technology 07/18/05 Layers of a Security System Security System Data Encryption Key Negotiation Authentication Identity Root Key Once root is compromised, all subsequent layers of security
More informationINTERNET SECURITY: FIREWALLS AND BEYOND. Mehernosh H. Amroli 4-25-2002
INTERNET SECURITY: FIREWALLS AND BEYOND Mehernosh H. Amroli 4-25-2002 Preview History of Internet Firewall Technology Internet Layer Security Transport Layer Security Application Layer Security Before
More informationStateless Approach to End-to-End Security for the Internet of Things (OSCAR Object Security Architecture for the IoT)
Stateless Approach to End-to-End Security for the Internet of Things (OSCAR Object Security Architecture for the IoT) Mališa Vučinić v, Bernard Tourancheau v, Franck Rousseau v, Andrzej Duda v, Laurent
More informationCryptography and Network Security
Cryptography and Network Security Spring 2012 http://users.abo.fi/ipetre/crypto/ Lecture 9: Authentication protocols, digital signatures Ion Petre Department of IT, Åbo Akademi University 1 Overview of
More informationIntroduction to Network Security. 1. Introduction. And People Eager to Take Advantage of the Vulnerabilities
TÜBİTAK Ulusal Elektronik ve Kriptoloji Araştırma Enstitüsü Introduction to Network Security (Revisit an Historical 12 year old Presentation) Prof. Dr. Halûk Gümüşkaya Why Security? Three primary reasons
More informationSecurity vulnerabilities in the Internet and possible solutions
Security vulnerabilities in the Internet and possible solutions 1. Introduction The foundation of today's Internet is the TCP/IP protocol suite. Since the time when these specifications were finished in
More informationMobile Security Wireless Mesh Network Security. Sascha Alexander Jopen
Mobile Security Wireless Mesh Network Security Sascha Alexander Jopen Overview Introduction Wireless Ad-hoc Networks Wireless Mesh Networks Security in Wireless Networks Attacks on Wireless Mesh Networks
More informationSecurity Considerations for Intrinsic Monitoring within IPv6 Networks: Work in Progress
Security Considerations for Intrinsic Monitoring within IPv6 Networks: Work in Progress Alan Davy and Lei Shi Telecommunication Software&Systems Group, Waterford Institute of Technology, Ireland adavy,lshi@tssg.org
More information12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust
Security in Wireless LANs and Mobile Networks Wireless Magnifies Exposure Vulnerability Information going across the wireless link is exposed to anyone within radio range RF may extend beyond a room or
More informationOverview. SSL Cryptography Overview CHAPTER 1
CHAPTER 1 Note The information in this chapter applies to both the ACE module and the ACE appliance unless otherwise noted. The features in this chapter apply to IPv4 and IPv6 unless otherwise noted. Secure
More informationOverview of CSS SSL. SSL Cryptography Overview CHAPTER
CHAPTER 1 Secure Sockets Layer (SSL) is an application-level protocol that provides encryption technology for the Internet, ensuring secure transactions such as the transmission of credit card numbers
More informationSecurity Policy Revision Date: 23 April 2009
Security Policy Revision Date: 23 April 2009 Remote Desktop Support Version 3.2.1 or later for Windows Version 3.1.2 or later for Linux and Mac 4 ISL Light Security Policy This section describes the procedure
More informationTransport Layer Security Protocols
SSL/TLS 1 Transport Layer Security Protocols Secure Socket Layer (SSL) Originally designed to by Netscape to secure HTTP Version 2 is being replaced by version 3 Subsequently became Internet Standard known
More informationFinal Exam. IT 4823 Information Security Administration. Rescheduling Final Exams. Kerberos. Idea. Ticket
IT 4823 Information Security Administration Public Key Encryption Revisited April 5 Notice: This session is being recorded. Lecture slides prepared by Dr Lawrie Brown for Computer Security: Principles
More informationSecurity (II) ISO 7498-2: Security Architecture of OSI Reference Model. Outline. Course Outline: Fundamental Topics. EE5723/EE4723 Spring 2012
Course Outline: Fundamental Topics System View of Network Security Network Security Model Security Threat Model & Security Services Model Overview of Network Security Security Basis: Cryptography Secret
More informationIntroduction to Cryptography
Introduction to Cryptography Part 3: real world applications Jean-Sébastien Coron January 2007 Public-key encryption BOB ALICE Insecure M E C C D channel M Alice s public-key Alice s private-key Authentication
More informationCRYPTOGRAPHY IN NETWORK SECURITY
ELE548 Research Essays CRYPTOGRAPHY IN NETWORK SECURITY AUTHOR: SHENGLI LI INSTRUCTOR: DR. JIEN-CHUNG LO Date: March 5, 1999 Computer network brings lots of great benefits and convenience to us. We can
More informationPart I. Universität Klagenfurt - IWAS Multimedia Kommunikation (VK) M. Euchner; Mai 2001. Siemens AG 2001, ICN M NT
Part I Contents Part I Introduction to Information Security Definition of Crypto Cryptographic Objectives Security Threats and Attacks The process Security Security Services Cryptography Cryptography (code
More informationTransport Level Security
Transport Level Security Overview Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: http://www.cse.wustl.edu/~jain/cse571-14/
More informationWeb Security Considerations
CEN 448 Security and Internet Protocols Chapter 17 Web Security Dr. Mostafa Hassan Dahshan Computer Engineering Department College of Computer and Information Sciences King Saud University mdahshan@ccis.ksu.edu.sa
More informationInternational Journal of Advancements in Research & Technology, Volume 2, Issue 7, July-2013 ISSN 2278-7763 473
473 Comparative Analysis of Hop-to-Hop and End-to-End Secure Communication Shital Y. Gaikwad M. Tech. (Second Year Student) (Computer Network and Information Security) SGGS Institute of Engineering and
More informationSecuring MANET Using Diffie Hellman Digital Signature Scheme
Securing MANET Using Diffie Hellman Digital Signature Scheme Karamvir Singh 1, Harmanjot Singh 2 1 Research Scholar, ECE Department, Punjabi University, Patiala, Punjab, India 1 Karanvirk09@gmail.com 2
More informationNetwork Security Fundamentals
APNIC elearning: Network Security Fundamentals 27 November 2013 04:30 pm Brisbane Time (GMT+10) Introduction Presenter Sheryl Hermoso Training Officer sheryl@apnic.net Specialties: Network Security IPv6
More informationNetwork Access Security. Lesson 10
Network Access Security Lesson 10 Objectives Exam Objective Matrix Technology Skill Covered Exam Objective Exam Objective Number Firewalls Given a scenario, install and configure routers and switches.
More informationChapter 17. Transport-Level Security
Chapter 17 Transport-Level Security Web Security Considerations The World Wide Web is fundamentally a client/server application running over the Internet and TCP/IP intranets The following characteristics
More informationFoundation University, Islamabad, Pakistan qasim_1987@hotmail.com
Kerberos Authentication in Wireless Sensor Networks Qasim Siddique Foundation University, Islamabad, Pakistan qasim_1987@hotmail.com ABSTRACT We proposed an authentication mechanism in the wireless sensor
More informationAPNIC elearning: Network Security Fundamentals. 20 March 2013 10:30 pm Brisbane Time (GMT+10)
APNIC elearning: Network Security Fundamentals 20 March 2013 10:30 pm Brisbane Time (GMT+10) Introduction Presenter/s Nurul Islam Roman Senior Training Specialist nurul@apnic.net Specialties: Routing &
More informationSECURITY ANALYSIS OF A SINGLE SIGN-ON MECHANISM FOR DISTRIBUTED COMPUTER NETWORKS
SECURITY ANALYSIS OF A SINGLE SIGN-ON MECHANISM FOR DISTRIBUTED COMPUTER NETWORKS Abstract: The Single sign-on (SSO) is a new authentication mechanism that enables a legal user with a single credential
More informationSome Security Trends over Wireless Sensor Networks
Some Security Trends over Wireless Sensor Networks ZORAN BOJKOVIC, BOJAN BAKMAZ, MIODRAG BAKMAZ Faculty of Transport and Traffic Engineering University of Belgrade Vojvode Stepe 305 SERBIA Abstract: -
More informationNetwork Security [2] Plain text Encryption algorithm Public and private key pair Cipher text Decryption algorithm. See next slide
Network Security [2] Public Key Encryption Also used in message authentication & key distribution Based on mathematical algorithms, not only on operations over bit patterns (as conventional) => much overhead
More informationA SECURE DATA TRANSMISSION FOR CLUSTER- BASED WIRELESS SENSOR NETWORKS IS INTRODUCED
A SECURE DATA TRANSMISSION FOR CLUSTER- BASED WIRELESS SENSOR NETWORKS IS INTRODUCED J Karunamayi 1, Annapurna V K 2 1 Student, Computer Network and Engineering,The National Institute of Engineering, Mysuru,
More informationOverview. Securing TCP/IP. Introduction to TCP/IP (cont d) Introduction to TCP/IP
Overview Securing TCP/IP Chapter 6 TCP/IP Open Systems Interconnection Model Anatomy of a Packet Internet Protocol Security (IPSec) Web Security (HTTP over TLS, Secure-HTTP) Lecturer: Pei-yih Ting 1 2
More informationIoT Security Platform
IoT Security Platform 2 Introduction Wars begin when the costs of attack are low, the benefits for a victor are high, and there is an inability to enforce law. The same is true in cyberwars. Today there
More informationWEB Security & SET. Outline. Web Security Considerations. Web Security Considerations. Secure Socket Layer (SSL) and Transport Layer Security (TLS)
Outline WEB Security & SET (Chapter 19 & Stalling Chapter 7) Web Security Considerations Secure Socket Layer (SSL) and Transport Layer Security (TLS) Secure Electronic Transaction (SET) Web Security Considerations
More informationSecurity for Ad Hoc Networks. Hang Zhao
Security for Ad Hoc Networks Hang Zhao 1 Ad Hoc Networks Ad hoc -- a Latin phrase which means "for this [purpose]". An autonomous system of mobile hosts connected by wireless links, often called Mobile
More informationSecurity Protocols HTTPS/ DNSSEC TLS. Internet (IPSEC) Network (802.1x) Application (HTTP,DNS) Transport (TCP/UDP) Transport (TCP/UDP) Internet (IP)
Security Protocols Security Protocols Necessary to communicate securely across untrusted network Provide integrity, confidentiality, authenticity of communications Based on previously discussed cryptographic
More informationThe Feasibility of SET-IBS and SET-IBOOS Protocols in Cluster-Based Wireless Sensor Network
The Feasibility of SET-IBS and SET-IBOOS Protocols in Cluster-Based Wireless Sensor Network R.Anbarasi 1, S.Gunasekaran 2 P.G. Student, Department of Computer Engineering, V.S.B Engineering College, Karur,
More informationAuthenticity of Public Keys
SSL/TLS EJ Jung 10/18/10 Authenticity of Public Keys Bob s key? private key Bob public key Problem: How does know that the public key she received is really Bob s public key? Distribution of Public Keys!
More informationLecture 9 - Network Security TDTS41-2006 (ht1)
Lecture 9 - Network Security TDTS41-2006 (ht1) Prof. Dr. Christoph Schuba Linköpings University/IDA Schuba@IDA.LiU.SE Reading: Office hours: [Hal05] 10.1-10.2.3; 10.2.5-10.7.1; 10.8.1 9-10am on Oct. 4+5,
More informationWeb Application Entity Session Management using the eid Card Frank Cornelis 03/03/2010. Fedict 2010. All rights reserved
Web Application Entity Session Management using the eid Card Frank Cornelis 03/03/2010 Fedict 2010. All rights reserved What is Entity Authentication? Entity authentication is the process whereby one party
More informationPacket Level Authentication Overview
Packet Level Authentication Overview Dmitrij Lagutin, Dmitrij.Lagutin@hiit.fi Helsinki Institute for Information Technology HIIT Aalto University School of Science and Technology Contents Introduction
More informationComputer security Lecture 9
Computer security Lecture 9 Communications and network security Jonathan Jogenfors Communication and network security: Threat model Passive attacks: Eavesdropping, Wiretapping, Sniffing, and Traffic analysis
More informationThree attacks in SSL protocol and their solutions
Three attacks in SSL protocol and their solutions Hong lei Zhang Department of Computer Science The University of Auckland zhon003@ec.auckland.ac.nz Abstract Secure Socket Layer (SSL) and Transport Layer
More informationAbout the Authors Preface Acknowledgements List of Acronyms
Contents About the Authors Preface Acknowledgements List of Acronyms xiii xv xvii xix Part One Wireless Ad Hoc, Sensor and Mesh Networking 1 1 Introduction 3 1.1 Information Security 4 1.1.1 Computer Security
More informationWhat is Web Security? Motivation
brucker@inf.ethz.ch http://www.brucker.ch/ Information Security ETH Zürich Zürich, Switzerland Information Security Fundamentals March 23, 2004 The End Users View The Server Providers View What is Web
More informationThe Secure Sockets Layer (SSL)
Due to the fact that nearly all businesses have websites (as well as government agencies and individuals) a large enthusiasm exists for setting up facilities on the Web for electronic commerce. Of course
More informationSECURITY ANALYSIS OF PASSWORD BASED MUTUAL AUTHENTICATION METHOD FOR REMOTE USER
SECURITY ANALYSIS OF PASSWORD BASED MUTUAL AUTHENTICATION METHOD FOR REMOTE USER Mrs. P.Venkateswari Assistant Professor / CSE Erode Sengunthar Engineering College, Thudupathi ABSTRACT Nowadays Communication
More informationNetwork Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1
Network Security Abusayeed Saifullah CS 5600 Computer Networks These slides are adapted from Kurose and Ross 8-1 roadmap 1 What is network security? 2 Principles of cryptography 3 Message integrity, authentication
More informationOutline. INF3510 Information Security. Lecture 10: Communications Security. Communication Security Analogy. Network Security Concepts
Outline INF3510 Information Security Lecture 10: Communications Security Network security concepts Communication security Perimeter security Protocol architecture and security services Example security
More informationIoT Security. Introduction. Threat Model
IoT Security Introduction In this 1248 white paper we summarise the various aspects of security which need to be considered when designing connected products for the Internet of Things. We give a general
More informationCS 4803 Computer and Network Security
Network layers CS 4803 Computer and Network Security Application Transport Network Lower level Alexandra (Sasha) Boldyreva IPsec 1 2 Roughly Application layer: the communicating processes themselves and
More informationSecurity Considerations for DirectAccess Deployments. Whitepaper
Security Considerations for DirectAccess Deployments Whitepaper February 2015 This white paper discusses security planning for DirectAccess deployment. Introduction DirectAccess represents a paradigm shift
More informationHow To Secure My Data
How To Secure My Data What to Protect??? DATA Data At Rest Data at Rest Examples Lost Infected Easily Used as Backup Lent to others Data Corruptions more common Stolen Left at airports, on trains etc Hard
More informationEmbedded Security: From Sensor Networks to Internet of Things (IoT)
Embedded Security: From Sensor Networks to Internet of Things (IoT) Dr. Wen Hu, Michael Bruenig, Thomas Kothmayr (TUM), Corinna Schmitt (U Zurich) Principal Research Scientist/Research Project Leader CSIRO
More informationAn Introduction to Cryptography as Applied to the Smart Grid
An Introduction to Cryptography as Applied to the Smart Grid Jacques Benoit, Cooper Power Systems Western Power Delivery Automation Conference Spokane, Washington March 2011 Agenda > Introduction > Symmetric
More informationSecure Sockets Layer (SSL ) / Transport Layer Security (TLS) Network Security Products S31213
Secure Sockets Layer (SSL ) / Transport Layer Security (TLS) Network Security Products S31213 UNCLASSIFIED Example http ://www. greatstuf f. com Wants credit card number ^ Look at lock on browser Use https
More informationChapter 3. Network Domain Security
Communication System Security, Chapter 3, Draft, L.D. Chen and G. Gong, 2008 1 Chapter 3. Network Domain Security A network can be considered as the physical resource for a communication system. This chapter
More informationSECURITY KEY MANAGEMENT AND AUTHENTICATION SCHEME FOR WIRELESS SENSOR NETWORKS
SECURITY KEY MANAGEMENT AND AUTHENTICATION SCHEME FOR WIRELESS SENSOR NETWORKS S. Jayapraba 1 and A.F.Sheik Hakkani 2 1 Department of MCA, Jayam College of Engineering and Technology, Bharathiyar University,
More informationRecommended 802.11 Wireless Local Area Network Architecture
NATIONAL SECURITY AGENCY Ft. George G. Meade, MD I332-008R-2005 Dated: 23 September 2005 Network Hardware Analysis and Evaluation Division Systems and Network Attack Center Recommended 802.11 Wireless
More informationWireless Sensor Network: Challenges, Issues and Research
ISBN 978-93-84468-20-0 Proceedings of 2015 International Conference on Future Computational Technologies (ICFCT'2015) Singapore, March 29-30, 2015, pp. 224-228 Wireless Sensor Network: Challenges, Issues
More informationThe OpenEapSmartcard platform. Pr Pascal Urien ENST Paris
The OpenEapSmartcard platform Pr Pascal Urien ENST Paris /20 Pascal URIEN, CARTES 2005, November 16 th 2005 Introduction 1/4: Network ages Analog networks (Tree age) 1876, Alexander Graham Bell invents
More informationMonitoring Data Integrity while using TPA in Cloud Environment
Monitoring Data Integrity while using TPA in Cloud Environment Jaspreet Kaur, Jasmeet Singh Abstract Cloud Computing is the arising technology that delivers software, platform and infrastructure as a service
More informationSTUDY OF VARIOUS WIRELESS NETWORK SECURITY ISSUES: A REVIEW
STUDY OF VARIOUS WIRELESS NETWORK SECURITY ISSUES: A REVIEW Jyoti 1, Mrs. Sonal Beniwal 2 1 M.Tech Scholar BPSMV, Khanpur, Sonepat 2 Assistant Professor, BPSMV, Khanpur, Sonepat Abstract: Wireless security
More informationImplementing Cisco IOS Network Security v2.0 (IINS)
Implementing Cisco IOS Network Security v2.0 (IINS) Course Overview: Implementing Cisco IOS Network Security (IINS) v2.0 is a five-day instructor-led course that is presented by Cisco Learning Partners
More informationEnd-to-end Secure Data Aggregation in Wireless Sensor Networks
End-to-end Secure Data Aggregation in Wireless Sensor Networks Keyur Parmar 1 Devesh Jinwala 2 1 Ph.D Scholar & Senior Research Fellow Department of Computer Engineering SVNIT, Surat, India 2 Professor
More informationSecurity Technical. Overview. BlackBerry Enterprise Service 10. BlackBerry Device Service Solution Version: 10.2
BlackBerry Enterprise Service 10 BlackBerry Device Service Solution Version: 10.2 Security Technical Overview Published: 2014-09-10 SWD-20140908123239883 Contents 1 About BlackBerry Device Service solution
More informationAssociate Prof. Dr. Victor Onomza Waziri
BIG DATA ANALYTICS AND DATA SECURITY IN THE CLOUD VIA FULLY HOMOMORPHIC ENCRYPTION Associate Prof. Dr. Victor Onomza Waziri Department of Cyber Security Science, School of ICT, Federal University of Technology,
More informationHow To Protect Your Data From Attack
Security in Communication Networks Lehrstuhl für Informatik 4 RWTH Aachen Prof. Dr. Otto Spaniol Dr. rer. nat. Dirk Thißen Page 1 Organization Lehrstuhl für Informatik 4 Lecture Lecture takes place on
More informationAttestation and Authentication Protocols Using the TPM
Attestation and Authentication Protocols Using the TPM Ariel Segall June 21, 2011 Approved for Public Release: 11-2876. Distribution Unlimited. c 2011. All Rights Reserved. (1/28) Motivation Almost all
More informationHow To Understand And Understand The Security Of A Key Infrastructure
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 12 Applying Cryptography Objectives Define digital certificates List the various types of digital certificates and how they are used
More informationCommunication Systems 16 th lecture. Chair of Communication Systems Department of Applied Sciences University of Freiburg 2009
16 th lecture Chair of Communication Systems Department of Applied Sciences University of Freiburg 2009 1 25 Organization Welcome to the New Year! Reminder: Structure of Communication Systems lectures
More informationSecuring IP Networks with Implementation of IPv6
Securing IP Networks with Implementation of IPv6 R.M.Agarwal DDG(SA), TEC Security Threats in IP Networks Packet sniffing IP Spoofing Connection Hijacking Denial of Service (DoS) Attacks Man in the Middle
More information