Title: A Security Framework with Trust Management for Sensor Networks
1A Security Framework with Trust Management for
Sensor Networks
- Zhiying Yao, Daeyoung Kim, Insun Lee
- Information and Communication University (ICU)
- Kiyoung Kim, Jongsoo Jang
- Electronics and Telecommunications Research
Institute(ETRI) - Korea
- Speaker Kangwoo Lee
2Contents
- Motivation
- Trust Management Based Security Framework
- Architecture
- Trust Management Component
- Network I/O
- Application Description Component
- Security Response Component
- Example Scenario
- Conclusion
3Motivation
- Sensor network applications (e.g. monitoring
safety, tracking environmental pollutants) need
security at design time - Existing research efforts
- Focus on specific security fields, such as secure
routing or intrusion tolerance - Main solutions recur to cryptographic algorithms,
and are lacking the complementary tool for
managing trust - Proposed solution
- An effective security solutions from a system
architectural view - Trustworthy relationship can be evaluated locally
to guide node behavior
4Solution Illustration
Logically assess neighboring nodes trustworthiness
Manage (store update) the trust value of
neighboring node
Receipt of packet
Gather available network knowledge
Securely take network action (routing, intrusion
detection)
Local node
Neighboring node of local node
Radio range
Monitor range (promiscuous mode)
5Security FrameworkArchitecture
- We consider a general sensor network case
- One base station
- n nodes
- The architecture running locally gives nodes the
abilities - Appropriate to different application requirements
- Collect traffic actively or passively
- Assess the trustworthiness of their neighboring
nodes - Guide network action
6Security Framework Application Description
Component
- Used to set application-dependent parameters
considering nature of sensor networks - Security related information, such as
- Key management scheme
- Hash function used
- Message authentication code length
- Trust level (Trust Regulation Table)
- Weight and adjustment factors used in trust
evaluation procedure
7Security Framework Network I/O
- Responsibility
- Receive incoming packets
- Send outgoing packets
- Control the rate of incoming and outgoing packets
- Pass required information for trust evaluation
8Security Framework Trust Management Component 1
- A localized trust model
- Recommendation-based trust
- Trust-based recommendation
- Give an individual node the ability to estimate
its local environment and take action to carry
out its network duty - A set of logical computation to get a numerical
trust value
9Security Framework Trust Management Component 2
- Entities Defined
- judge performs evaluation
- suspect the adjacent neighbor of the judge and
will be evaluated - juries maintain the trust value of the same
suspect with the judge and send it out
periodically or intentionally - Trust relationship
- not symmetric
- If A trust B, B maybe not trust A, where A and B
are mutually neighboring nodes. - time-evolving
- Need be updated upon receipt of new interactive
communication or new recommendations.
10Security Framework Trust Management Component 3
- Trust Evaluation
- Based on the localized trust model
- Two kinds of knowledge are needed
- personal reference
- direct interaction with the suspect
- reference
- reputation sent by the juries
- Trust value
- Deduced from the trust evaluation procedure
- Represented by real numbers, between 0 and 1
- Indicate the extent of trust the judge may have
in the suspect
11Security Framework Trust Management Component 4
- Personal Reference
- Parameters about cryptographic operations
- Represent the security mechanisms used
- Can disclose attacks (e.g. message forgery and
modification) - Parameters about nodes interactive behavior
- Reflect nodes availability
- Can reveal attacks (e.g. dropping and denial-of-
service)
12Security Framework Trust Management Component 5
- Reference
- Reference generation
- Recommendation protocols
- Active protocol reference request
- Anti-active protocol abnormal personal reference
report - Reference computation
- trust-based recommendation
13Security Framework Trust Management Component 6
- Context
- Maintain weighted values, passed from parameter
database - Deliver necessary parameters to personal
reference and trust value computation procedure - Trust value
- Weighted summation between the personal reference
and reference
14Security Framework Security Response Component
- Integrate the mostly existing security research
directions in WSN - Using available trustworthiness and a lightweight
trust policy - Refer to recommendation protocol
- Perform appropriate network activities based on
the available trust relationship - Reliability analysis, secure routing, intrusion
detection, and intrusion tolerance
15Security Framework Example Scenario 1
- We give an example to show the secure routing
path selection between base station and node D as
an example - Define the routing selection metric as unit trust
value in consideration of both security and
energy-savings together, notated as uT. Each
possible path holds an uT, which can be expressed
as
16Security Framework Example Scenario 2
17Conclusion
- An complete security architecture from system
view - Adaptive to different application requirements
- Make good use of available network knowledge
- Deduce trustworthy relationship based on
localized trust model - Execute network action efficiently due to the
available evidence
18