The Resurrecting Duckling: Security Issues for Ad-hoc Wireless Networks
In the near future, many personal electronic devices will be able to communicate with each other over a short range wireless channel. We investigate the principal security issues for such an environment. Our discussion is based on the concrete example of a thermometer that makes its readings available to other nodes over the air. Some lessons learned from this example appear to be quite general to ad-hoc networks, and rather different from what we have come to expect in more conventional systems: denial of service, the goals of authentication, and the problems of naming all need re-examination. We present the resurrecting duckling security policy model, which describes secure transient association of a device with multiple serialised owners.
KeywordsShared Secret Access Control List Battery Exhaustion Peanut Node Personal Electronic Device
Unable to display preview. Download preview PDF.
- 1.Anderson, R., Kuhn, M.: Tamper resistance – a cautionary note. In: Proc. 2nd USENIX Workshop on Electronic Commerce (1996)Google Scholar
- 3.Infrared Data Association, http://www.irda.org/
- 5.Biba, K.J.: Integrity considerations for secure computer systems. Technical Report MTR-3153, MITRE Corporation(April 1975)Google Scholar
- 6.HomeRF Working Group, http://www.homerf.org/
- 8.IEEE. IEEE standard for a high performance serial bus. IEEE Standard 1394 (1995)Google Scholar
- 9.Johnston, R.G., Garcia, A.R.E.: Vulnerability assessment of security seals. Journal of Security Administration 20(1), 15–27 (1997)Google Scholar
- 10.Lorenz, K.: Er redete mit dem Vieh, den Vögeln und den Fischen (King Solomon’s ring). Borotha-Schoeler, Wien (1949)Google Scholar
- 11.Sun Microsystems, http://java.sun.com/features/1998/03/rings.html
- 13.Bluetooth SIG, http://www.bluetooth.com/