A Security Framework with Trust Management for Sensor Networks

1
A Security Framework with Trust Management for
Sensor Networks

• Zhiying Yao, Daeyoung Kim, Insun Lee
• Information and Communication University (ICU)
• Kiyoung Kim, Jongsoo Jang
• Electronics and Telecommunications Research
  Institute(ETRI)
• Korea
• Speaker Kangwoo Lee

2
Contents

• Motivation
• Trust Management Based Security Framework
• Architecture
• Trust Management Component
• Network I/O
• Application Description Component
• Security Response Component
• Example Scenario
• Conclusion

3
Motivation

• Sensor network applications (e.g. monitoring
  safety, tracking environmental pollutants) need
  security at design time
• Existing research efforts
• Focus on specific security fields, such as secure
  routing or intrusion tolerance
• Main solutions recur to cryptographic algorithms,
  and are lacking the complementary tool for
  managing trust
• Proposed solution
• An effective security solutions from a system
  architectural view
• Trustworthy relationship can be evaluated locally
  to guide node behavior

4
Solution Illustration
Logically assess neighboring nodes trustworthiness
Manage (store update) the trust value of
neighboring node
Receipt of packet
Gather available network knowledge
Securely take network action (routing, intrusion
detection)
Local node
Neighboring node of local node
Radio range
Monitor range (promiscuous mode)
5
Security FrameworkArchitecture

• We consider a general sensor network case
• One base station
• n nodes
• The architecture running locally gives nodes the
  abilities
• Appropriate to different application requirements
  
• Collect traffic actively or passively
• Assess the trustworthiness of their neighboring
  nodes
• Guide network action

6
Security Framework Application Description
Component

• Used to set application-dependent parameters
  considering nature of sensor networks
• Security related information, such as
• Key management scheme
• Hash function used
• Message authentication code length
• Trust level (Trust Regulation Table)
• Weight and adjustment factors used in trust
  evaluation procedure

7
Security Framework Network I/O

• Responsibility
• Receive incoming packets
• Send outgoing packets
• Control the rate of incoming and outgoing packets
• Pass required information for trust evaluation

8
Security Framework Trust Management Component 1

• A localized trust model
• Recommendation-based trust
• Trust-based recommendation
• Give an individual node the ability to estimate
  its local environment and take action to carry
  out its network duty
• A set of logical computation to get a numerical
  trust value

9
Security Framework Trust Management Component 2

• Entities Defined
• judge performs evaluation
• suspect the adjacent neighbor of the judge and
  will be evaluated
• juries maintain the trust value of the same
  suspect with the judge and send it out
  periodically or intentionally
• Trust relationship
• not symmetric
• If A trust B, B maybe not trust A, where A and B
  are mutually neighboring nodes.
• time-evolving
• Need be updated upon receipt of new interactive
  communication or new recommendations.

10
Security Framework Trust Management Component 3

• Trust Evaluation
• Based on the localized trust model
• Two kinds of knowledge are needed
• personal reference
• direct interaction with the suspect
• reference
• reputation sent by the juries
• Trust value
• Deduced from the trust evaluation procedure
• Represented by real numbers, between 0 and 1
• Indicate the extent of trust the judge may have
  in the suspect

11
Security Framework Trust Management Component 4

• Personal Reference
• Parameters about cryptographic operations
• Represent the security mechanisms used
• Can disclose attacks (e.g. message forgery and
  modification)
• Parameters about nodes interactive behavior
• Reflect nodes availability
• Can reveal attacks (e.g. dropping and denial-of-
  service)

12
Security Framework Trust Management Component 5

• Reference
• Reference generation
• Recommendation protocols
• Active protocol reference request
• Anti-active protocol abnormal personal reference
  report
• Reference computation
• trust-based recommendation

13
Security Framework Trust Management Component 6

• Context
• Maintain weighted values, passed from parameter
  database
• Deliver necessary parameters to personal
  reference and trust value computation procedure
• Trust value
• Weighted summation between the personal reference
  and reference

14
Security Framework Security Response Component

• Integrate the mostly existing security research
  directions in WSN
• Using available trustworthiness and a lightweight
  trust policy
• Refer to recommendation protocol
• Perform appropriate network activities based on
  the available trust relationship
• Reliability analysis, secure routing, intrusion
  detection, and intrusion tolerance

15
Security Framework Example Scenario 1

• We give an example to show the secure routing
  path selection between base station and node D as
  an example
• Define the routing selection metric as unit trust
  value in consideration of both security and
  energy-savings together, notated as uT. Each
  possible path holds an uT, which can be expressed
  as

16
Security Framework Example Scenario 2
17
Conclusion

• An complete security architecture from system
  view
• Adaptive to different application requirements
• Make good use of available network knowledge
• Deduce trustworthy relationship based on
  localized trust model
• Execute network action efficiently due to the
  available evidence

18

• Thanks for Listening !!