Wireless Networks

, Volume 21, Issue 4, pp 1289–1308 | Cite as

A lossy channel aware parameterisation of a novel security protocol for wireless IP-enabled sensors

  • Jasone Astorga
  • Eduardo Jacob
  • Nerea Toledo
  • Marina Aguado
  • Marivi Higuero
Article

Abstract

IP-enabled sensors can be globally addressable by any Internet-connected entity, and therefore, their protection presents different challenges than that of traditional sensors, as they are subject to any potential attacker in the Internet. For this reason, specific security protocols must be developed to address the security requirements of IP-enabled sensors. An interesting approach to achieve this aim is the Ladon security protocol, which allows resource-deprived devices to efficiently implement end-to-end authentication, authorisation and key establishment mechanisms. However, in so limited environments such as sensor networks, not only efficient protocols must be defined, but they must also be optimally parameterised. This paper constitutes a step forward in this direction. First, a state transition model of the Ladon protocol is presented to analytically describe its behaviour. Then, this model is used to select the most effective parameterisation of the protocol in terms of message retransmissions and execution of cryptographic operations. The obtained results show that the selected parameterisation allows maximising the probability of a successful secure session establishment, while keeping the overhead introduced by the protocol low. Additionally, the performance comparison carried out shows that Ladon outperforms alternative approaches to achieve the same objective in terms of message transmission and reception operations.

Keywords

IP-enabled sensors Ladon Optimal parameterisation Protocol overhead Security State transition model 

References

  1. 1.
    Montenegro, G., Kushalnagar, N., Hui, J. & Culler, D. (2007). Transmission of IPv6 packets over IEEE 802.15.4 networks, Tech. rep. 4944.Google Scholar
  2. 2.
    Astorga, J., Jacob, E., Huarte, M., & Higuero, M. (2012). Ladon: End-to-end authorisation support for resource-deprived environments. IET Information Security, 6(2), 93–101.CrossRefGoogle Scholar
  3. 3.
    Neuman, C., Yu, T., Hartman, S., & Raeburn, K. (2005). The Kerberos network authentication service (V5). Tech. rep. 4120.Google Scholar
  4. 4.
    Karlof, C., Sastry, N., & Wagner, D. (2004). TinySec: A link layer security architecture for wireless sensor networks. In Proceedings of the 2nd international conference on embedded networked sensor systems (SenSys ’04) (pp. 162–175). New York, NY: ACM.Google Scholar
  5. 5.
    Lighfoot, L. E., Ren, J., & Li, T. (2007). An energy efficient link-layer security protocol for wireless sensor networks. In Proceedings of the 2007 IEEE international conference on electro/information technology (pp. 233–238).Google Scholar
  6. 6.
    Luk, M., Mezzour, G., Perrig, A., & Gligor, V. (2007). MiniSec: A secure sensor network communication architecture. In Proceedings of the 6th international conference on information processing in sensor networks (IPSN ’07) (pp. 479–488). New York, NY: ACM Press.Google Scholar
  7. 7.
    Perrig, A., Szewczyk, R., Tygar, J. D., Wen, V., & Culler, D. E. (2002). SPINS: Security protocols for sensor networks. ACM Wireless Networks, 8(5), 521–534.CrossRefMATHGoogle Scholar
  8. 8.
    Ren, K., Lou, W., & Zhang, Y. (2008). LEDS: Providing location-aware end-to-end data security in wireless sensor networks. IEEE Transactions on Mobile Computing, 7(5), 585–598.CrossRefGoogle Scholar
  9. 9.
    Zhu, S., Setia, S., & Jajodia, S. (2003). LEAP: Efficient security mechanisms for large-scale distributed sensor networks. In Proceedings of the 10th ACM conference on computer and communications security (CCS ’03) (pp. 62–72). New York, NY: ACM.Google Scholar
  10. 10.
    Park, T., & Shin, K. G. (2004). LiSP: A lightweight security protocol for wireless sensor networks. ACM Transactions on Embedded Computing Systems, 3(3), 634–660.CrossRefGoogle Scholar
  11. 11.
    Chan, H., & Perrig, A. (2005). PIKE: Peer intermediaries for key establishment in sensor networks. In Proceedings of the 24th annual joint conference of the IEEE computer and communications societies (INFOCOM 2005) (pp. 524–535).Google Scholar
  12. 12.
    Barker, E., Barker, W., Burr, W., Polk, W., & Smid, M. (2012). NIST special publication 800-57. Recommendation for key management—Part 1. National Institute of Standards and Technology (NIST), U.S. Department of Commerce.Google Scholar
  13. 13.
    Watro, R., Kong, D., Cuti, S. F., Gardiner, C., Lynn, C., & Kruus, P. (2004). TinyPK: Securing sensor networks with public key technology. In Proceedings of the 2nd ACM workshop on security of ad hoc and sensor networks (SASN ’04) (pp. 59–64). New York, NY: ACM.Google Scholar
  14. 14.
    Shaikh, R. A., Lee, S., Khan, M. A. U., & Song, Y. J. (2006). LSec: Lightweight Security protocol for distributed wireless sensor network. In Proceedings of the 11th IFIP international conference on personal wireless communications (PWC ’06) (pp. 367–377).Google Scholar
  15. 15.
    Hill, J., Szewczyk, R., Woo, A., Hollar, S., Culler, D., & Pister, K. (2000). System architecture directions for networked sensors. ACM SIGPLAN Notices, 35(11), 93–104.CrossRefGoogle Scholar
  16. 16.
    de Meulenaer, G., Gosset, F., Standaert, F. X., & Pereira, O. (2008). On the energy cost of communication and cryptography in wireless sensor networks. In Proceedings of the 2008 IEEE international conference on wireless and mobile computing, networking and communications (WIMOB ’08) (pp. 580–585).Google Scholar
  17. 17.
    Amin, F., & Jahangir, A. H. (2011). Time and energy cost analysis of Kerberos security protocol in wireless sensor networks. In 7th international conference on information assurance and security (IAS ’11) (pp. 308–313).Google Scholar
  18. 18.
    Grosschädl, J., Szekely, A., & Tillich, S. (2007). The energy cost of cryptographic key establishment in wireless sensor networks. In Proceedings of the 2nd ACM symposium on information, computer and communications security (ASIACCS ’07) (pp. 380–382). New York, NY: ACM.Google Scholar
  19. 19.
    He, J., Rexford, J., & Chiang, M. (2007). Don’t optimize existing protocols, design optimizable protocols. SIGCOMM Computer Communication Review, 37(3), 53–58.CrossRefGoogle Scholar
  20. 20.
    Rexford, J. (2006). Network protocols designed for optimizability. In Proceedings of the 40th annual conference on information sciences and systems (pp. 351–354).Google Scholar
  21. 21.
    Koukoutsidis, I., & Siris, V. A. (2007). 802.11e EDCA protocol parameterization: A modeling and optimization study. In Proceedings of the 2007 IEEE international symposium on a world of wireless, mobile and multimedia networks (WoWMoM 2007) (pp. 1–9).Google Scholar
  22. 22.
    Friginal, J., de Andres, D., Ruiz, J.-C., & Gil, P. (2011). Resilience-driven parameterisation of ad hoc routing protocols: OLSRD as a case study. In Proceedings of the IEEE 30th international symposium on reliable distributed systems (SRDS ’11) (pp. 85–90). Washington, DC: IEEE Computer Society.Google Scholar
  23. 23.
    Lin, T. S. (2012). the optimization and parameterization of mac protocols in urban sensor networks. Master’s thesis, INSA Lyon.Google Scholar
  24. 24.
    Shu, F., Sakurai, T., Zukerman, M., & Vu, H. (2007). Packet loss analysis of the IEEE 802.15.4 MAC without acknowledgements. IEEE Communications Letters, 11(1), 79–81.CrossRefGoogle Scholar
  25. 25.
    Kaijser, P., Parker, T., & Pinkas, D. (1994). SESAME: The solution to security for open distributed systems. Computer Communications, 17(7), 501–518.CrossRefGoogle Scholar
  26. 26.
    Wettstein, G. H., Grosen, J. (2006). IDfusion. An open-architecture for Kerberos based authorization. In Proceedings of the AFS and Kerberos best practices workshop.Google Scholar
  27. 27.
    Astorga, J., Jacob, E., Toledo, N., & Aguado, M. (2014). Analytical evaluation of a time- and energy-efficient security protocol for IP-enabled sensors. Computers and Electrical Engineering, 40(2), 539–550.CrossRefGoogle Scholar

Copyright information

© Springer Science+Business Media New York 2014

Authors and Affiliations

  • Jasone Astorga
    • 1
  • Eduardo Jacob
    • 1
  • Nerea Toledo
    • 1
  • Marina Aguado
    • 1
  • Marivi Higuero
    • 1
  1. 1.Department of Communications EngineeringUniversity of the Basque Country UPV/EHUBilbaoSpain

Personalised recommendations