Security Provision For Wireless Mesh Networks - PowerPoint PPT Presentation

About This Presentation
Title:

Security Provision For Wireless Mesh Networks

Description:

Security Provision For Wireless Mesh Networks Celia Li Computer Science and Engineering York University * Research Directions Goals Reducing the authentication ... – PowerPoint PPT presentation

Number of Views:97
Avg rating:3.0/5.0
Slides: 46
Provided by: JoshZa4
Category:

less

Transcript and Presenter's Notes

Title: Security Provision For Wireless Mesh Networks


1
Security Provision For Wireless
Mesh Networks
  • Celia Li
  • Computer Science and Engineering
  • York University

2
Outline
  • Overview of Wireless Mesh Networks (WMNs)
  • Overview of network security
  • Literature review and research directions
  • Access control
  • Authentication
  • Group key management
  • Conclusion

3
Outline
  • Overview of Wireless Mesh Networks (WMNs)
  • Overview of network security
  • Literature review and research directions
  • Access control
  • Authentication
  • Group key management
  • Conclusion

4
Wireless Mesh Networks (WMNs)
  • Wireless Mesh Router
  • Stationary in most cases
  • No power or computation constrains
  • Self-organized, self-configured
  • Providing multi-hop connectivity
  • Wireless Mesh Clients
  • Varying degrees of mobility
  • Having energy autonomy, computation
    transmission constrains
  • PDA, laptops, pocket PCs, cell phones
  • Network Gateways / Access Points
  • Acting both as Internet routers and wireless
    mesh routers
  • Applications of WMNs
  • Disaster recovery, security surveillance,
    Internet access in rural areas, municipal and
    metropolitan networking

5
Advantages of WMNs
  • Low cost installation
  • In hard-to-wire areas or building (e.g., water
    surface, mountains)
  • Large-scale deployment
  • Reliability
  • If some nodes are down, packets can be delivered
    via adjacent nodes due to the mesh structure
  • Self-management
  • Self-configuration and self-healing

6
WMNs vs. Wireline Networks
  • In wireline networks
  • Wired routers can be physically protected
  • In WMNs
  • Wireless routers are not physically protected
    easily if deployed outside.
  • Low cost deployment
  • Vulnerable to security attacks
  • e.g. eavesdropping, jamming, denial of service
  • Lower bandwidth, higher error rate

7
WMNs vs. Wireless Local Area Networks (WLANs)
  • In WMNs
  • Only a small number of selected mesh routers
    (gateways) require wired interafce
  • Multi-hop routing
  • In WLANs
  • Each access point has to have a wired interface
  • 1-hop wireless connection

8
WMNs vs. Mobile Ad-hoc Networks
  • Similarity
  • Both operate in a wireless multi-hop routing
    fashion.
  • Each node forwards data packets on behalf of
    other nodes.
  • In MANETs
  • Nodes are mobile or portable
  • With power or computational constraints
  • Dynamic network topology
  • In WMNs
  • Mesh routers are stationary in most cases
  • No power or computational constraints
  • Mesh clients mobility does not affect network
    topology

9
Outline
  • Overview of Wireless Mesh Networks (WMNs)
  • Overview of network security
  • Literature review and research directions
  • Access control
  • Authentication
  • Group key management
  • Conclusion

10
Security Property
  • Confidentiality
  • Content of a message is accessible only to
    authorized users
  • Integrity
  • Data cannot be modified without being detected
  • Authenticity
  • A node can be sure of the identity of the peer
    node it is communicating with.
  • Non-repudiation
  • Neither the sender nor the receiver of a message
    is able to deny the transmission/reception.
  • Availability
  • Authorized actions can in fact take place

11
Security Provision is Challenging in WMNs
  • Lower bandwidth and higher error rate of wireless
    channels
  • Limited power supply, memory or computing
    capability of mesh clients
  • Mobility of mesh clients
  • Vulnerable to security attacks
  • e.g., eavesdropping, traffic analysis or denial
    of service

12
Network Security Issues
  • Access control
  • Only authorized actions (e.g., membership
    enrollment, data transmission) can be performed.
  • Authentication
  • Ability to identify the members of the group
    (senders receivers)
  • Encryption
  • Converting data into a form that cannot be easily
    understood by unauthorized people
  • Key management
  • Generation, exchange, storage, safeguarding and
    replacement of keys
  • Secure routing
  • Ensures that a message is eventually delivered to
    all legitimate nodes within a reasonable amount
    of time, despite nodes that may corrupt, drop or
    misroute the message.

13
Security Requirements
  • Computation cost
  • Mutual authentication between router and client
  • Fast and secure handover operation
  • Efficient and secure multicast communication
  • Secure routing
  • Service availability

14
Our Research Focus
  • Security provision in WMNs
  • Access control
  • Authentication
  • Key management
  • Group key management
  • To provide secure distributions handling of
    cryptographic keying materials in a multicast
    group

15
Outline
  • Overview of Wireless Mesh Networks (WMNs)
  • Overview of network security
  • Literature review and research directions
  • Access control
  • Authentication
  • Group key management
  • Conclusion

16
Classification of Access Control
  • Access control operates against two risks
  • Unauthorized access to system resources
  • Improper use of system resources
  • Access Control List (ACL)
  • A list of permissions attached to an object
  • Who or what is allowed to access the object
  • What operations are allowed to be performed on
    the object
  • E.g., entry (Alice, delete) for file XYZ
  • Mandatory Access Control (MAC)
  • Assigning security labels or classifications to
    system resources
  • Giving access using the defined levels
  • E.g., top secret, secret, classified,
    unclassified
  • Role-based Access Control (RBAC)
  • Enforcing access to computer or network resources
    based on the roles of individual users within an
    enterprise
  • Assigning privileges to arbitrary roles
  • Assigning roles to real users

17
Access Control List (ACL)
  • In ACL, every piece of data, database or
    application has a list of users associated with
    it.
  • Advantages
  • Simple, easy, straightforward
  • Good for small-size organizations
  • Disadvantages
  • Difficult, time consuming, error prone when
    access control list becomes large

18
Mandatory Control List (MAC)
  • MAC enforces access control based on the security
    labels attached to users and objects.
  • Two principles for user access
  • Read down access
  • Write up access
  • Application
  • Used for government
  • and military users
  • Disadvantages
  • Not flexible
  • Not suitable for commercial applications

19
Role-based Access Control (RBAC)
  • RBAC is based on organization structure
  • User-role-privilege
  • Assign roles to users
  • Each role associates with a set of privileges or
    objects
  • Role hierarchies
  • Constraints
  • Mutual exclusive roles
  • Cardinality
  • Prerequisite roles
  • Advantages
  • Offering flexibility
  • Simplifying access
  • control administration
  • Reducing management cost

20
Security Principles for Access Control
  • Least privilege
  • Given no more privileges than necessary to
    perform a job
  • Separation of duty
  • No single individual be allowed to execute all
    transactions within the set.
  • E.g., initiating a payment vs. authorizing a
    payment.
  • Data abstraction
  • Defining permissions at a higher level rather
    than on read/write/ execute
  • E.g., defining permissions as credit/debit for an
    account object.

21
Access Control in Wireline Networks
  • Access control lists (ACLs)
  • Does not support three security principles
  • Least privilege
  • Separation of duties
  • Data abstraction
  • Costly and prone to error
  • Role-based access control (RBAC)
  • Support three security principles
  • Used to establish trust relationships for
    strangers on the Internet
  • Flexible, simplifying access control
    administration, reducing management cost

22
Access Control in Wireless Networks
  • ACLs in Wireless Metropolitan Networks
  • Based on packet marking packet filtering
  • Checking an access control list (ACL) to decide
    how to process packets
  • Supporting network roaming
  • RBAC in WLANs
  • Implemented with time and location constraints
  • Strength of authentication and encryption is
    chosen according to the role of the user

23
Access Control for WMNs
  • Previous work is not readily applicable to WMNs
  • Access control that relies on access control list
    (ACL) is no longer effective
  • Role-base access control (RBAC) is not suitable
    for multiple mesh domains
  • Desired properties of access control in WMNs
  • Fast access control for handover
  • Flexibility
  • Manageability
  • Low communication overhead

24
Research Directions
  • Developing an extended role-based access control
    (ERBAC) model for WMNs
  • Designing ERBAC for intra-domain access control
  • A role assignment algorithm
  • A role certificate generation and verification
    method
  • Designing ERBAC for Inter-Domain access control
  • A role mapping algorithm
  • A role negotiation protocol

25
Outline
  • Overview of Wireless Mesh Networks (WMN)
  • Overview of network Security
  • Literature Review and Research Directions
  • Access Control
  • Authentication
  • Group Key Management
  • Conclusion

26
Classification of Authentication (1/3)
  • Authentication is the process of proving ones
    identity to someone else
  • Type of cryptography
  • Symmetric key authentication
  • Public key authentication
  • Involvement of trusted third party
  • Without trusted third party
  • With trusted third party
  • Reciprocity of authentication
  • One-way authentication
  • Mutual authentication (two-way)

27
Classification of Authentication (2/3)
  • Type of cryptography
  • Symmetric key authentication
  • Verifying identity based on a secret key shared
    between the participants
  • Public key authentication
  • Based on a public-private key pair
  • Private key for signing
  • Public key for verification

A?B M B?A EKab(M) A DKab(EKab(M))M
A?B M B?A EB_private(M) A DB_public(EB_private(
M))M
  • Comparison
  • Public key authentication
  • Strong security
  • Mathematically complex
  • Symmetric key authentication
  • Efficient
  • Less demanding computationally
  • Hard to distribute shared keys in advance

28
Classification of Authentication (3/3)
  • Involvement of trusted third party
  • Without trusted third party
  • Two parties trust each other
  • With trusted third party
  • Two parties do not fully trust each other
  • Involves a trusted third party
  • Reciprocity of authentication
  • One-way authentication
  • Only one party needs to authenticate the other
  • Mutual authentication (two-way)
  • Both parties authenticate each other

29
Authentication Properties
  • Mutual authentication
  • Two-way authentication process between a client
    and an authentication server
  • Identity privacy
  • Hiding identity of a client
  • Identity username of a client, instead of the
    physical address.
  • Reply attack resistance
  • Sending the previously submitted data of a
    legitimate user back to the authenticator.
  • Counter measures timestamp, sequence number,
    unique nonce (challenge/response)
  • Fast reconnect
  • For wireless local area networks (WLANs)
  • Providing seamless connections when roaming
    occurs
  • Reusing the credentials from previous access point

30
Authentication Protocols in Wireline Networks
Symmetric Key Public key
Without trusted third party One-pass unilateral authentication One-pass unilateral authentication
Without trusted third party Two-pass unilateral authentication Two-pass unilateral authentication
Without trusted third party Three-pass mutual authentication Three-pass mutual authentication
With trusted third party Needham Schroeder authentication Needham Schroeder authentication
With trusted third party Kerberos authentication Secure socket layer (SSL) authentication
31
SSL (secure socket layer) vs. Kerberos
SSL Kerberos
Type of cryptography Public Key Symmetric Key
Trusted third party Yes, Asynchronous, Rely on certificate Yes, Synchronous, Rely on authentication server
Mutual authentication Optional Yes
Reply attack resistance Yes Yes
Identity privacy Yes No
Applications Large variable user base that is not known in advance, e.g., web Networked environment where all services and users are known in advance
Source Not free, patented material Free open source
32
Authentication Protocols in WLANs
  • Symmetric Key Authentication
  • Lightweight Extensible Authentication Protocol
    (LEAP)
  • Kerberos
  • Public Key Authentication
  • EAP-Transport Layer Security (EAP-TLS)

LEAP Kerberos EAP-TLS
Type of cryptography Symmetric Key Symmetric Key Public key
Trusted third party No Yes Yes
Mutual authentication Yes Yes Yes
Reply attack resistance No Yes Yes
Identity privacy No No No
Fast reconnect No Yes No
33
Authentication for WMNs
  • Previous work is not readily applicable to WMNs
  • Public key authentication
  • Time consuming and computationally intense
  • Symmetric key authentication
  • Does not provide efficient methods to handle
    handover latency

34
Research Directions
  • Goals
  • Reducing the authentication latency
  • Handling multiple domain authentication
  • Designing an authentication ticketing scheme
  • Supporting ticket generation, verification,
    revocation
  • Defending against ticket duplication, forgery,
    modification
  • Supporting both intra and inter domain
    authentication
  • Designing extended Kerberos protocol for
    Intra-Domain
  • Supporting mutual authentication (client-router,
    router-router)
  • Supporting fast handoff
  • Designing extended Kerberos protocol for
    Inter-Domain

35
Outline
  • Overview of Wireless Mesh Networks (WMN)
  • Overview of network Security
  • Literature Review and Research Directions
  • Access Control
  • Authentication
  • Group Key Management
  • Conclusion

36
Group Key Management (GKM)
  • Multicast An efficient way for group
    communications
  • Important applications of multicast
  • Pay-per-view movies, audio/video conference,
    distant learning, multiplayer online game, online
    chat group
  • Secure multicast communication requires Group Key
    Management
  • To provide secure distributions handling of
    cryptographic keying materials
  • Group Key
  • A piece of secret information that is known only
    to the current group members
  • Used to encrypt messages
  • Membership changes trigger rekeying process
  • Join a new group key must prevent a new member
    from decoding previous messages
  • Leave a new group key must prevent former group
    members from decoding future messages
  • Group Key Management Problem
  • How to ensure that only authorized users have
    access to the group key

37
Requirements for Group Key Management (1)
  • Group key secrecy
  • Computationally infeasible for a passive
    adversary to discover a group key
  • Forward secrecy
  • Evicted users cannot learn any future keys
  • Backward secrecy
  • New users should not have access to any old keys
  • Key independency
  • Disclosure of a key does not compromise other
    keys.

38
Requirements for Group Key Management (2)
  • Scalability (1-affects-n)
  • A membership change should affect only a small
    subset of members
  • Reliability
  • Providing a recovery mechanism for missing
    rekeying messages
  • Resistance to attacks
  • From both inside and outside the group
  • Low bandwidth overhead
  • Rekeying process should not induce a high number
    of rekeying messages

39
Group Key Management Classification
  • The entity who exercises the group control
  • Centralized
  • A single entity is the group controller who is
  • Responsible for key generation, key distribution
    and key refreshment
  • Ex logical key tree-based approach (LKH)
  • Decentralized
  • The group is divided into subgroups
  • Each subgroup is managed by its own controller
  • Ex Iolus framework
  • Contributory
  • No group controller
  • Each member contributes its share toward group
    key generation
  • Ex contributory key agreement supported by the
    Diffie-Hellman algorithm Cliques

40
Group Key Management Protocols
  • Centralized
  • LKH logical key tree hierarchical
  • LKH improved logical key tree hierarchical
  • OFT one-way function tree
  • ELK efficient large group key distribution
  • CFKM centralized flat table key management
  • Decentralized
  • MARKS multicast key management using
  • arbitrarily revealed key sequences
  • Iolus framework
  • DEP dual encryption protocol
  • IGKMP intra-domain group key management protocol
  • Kronos
  • Contributory
  • TGDH tree-base Diffie-Hellman protocol
  • STR
  • CLIQUES
  • BD

Tree-based
Non-hierarchical
Tree-based
Non-hierarchical
Tree-based
Non-hierarchical
41
Comparison of Group Key Management
  • Centralized
  • Easy to implement
  • Key tree structure reduces the rekeying overhead
  • Single point of failure, not scalable
  • Decentralized
  • Flexible, scalable and fault-tolerant
  • Introducing message delivery delay
  • Contributory
  • No single point of failure
  • Do not require pre-established secure channel
  • Higher workload on the member who does key
    distribution

42
Group Key Management in Mobile Ad-hoc Networks
  • Certificate based approach Smith04, Green05
  • Based on offline obtained certificates.
  • Scales well to handle join operations
  • Works well with very low mobility
  • Heavy computation cost
  • Group Diffie-Hellman-based approach Black98
  • Based on group Diffie-Hellman algorithm to
    establish group key
  • Base on GPS (group positioning system)
    information to construct multicast tree
  • Flooding the network with GPS information and key
    contribution
  • Low scalability

43
Group Key Management for WMNs
  • Existing group key management protocols cannot be
    directly applied to WMNs
  • Wireless channels
  • Lower bandwidth
  • More error-prone than wireline channels
  • More vulnerable to security attacks
  • Mesh clients
  • Limited power supply, memory or computing
    capability
  • High mobility
  • The distributed functionalities and decentralized
    authority make secure group communications in
    WMNs more complex.

44
Research Directions
  • Proposed solutions for WMNs
  • A framework for group key management in WMNs
  • A group key management scheme within a WMN
    cluster
  • Future work
  • Comprehensive performance evaluation of the
    proposed scheme in comparison with existing
    protocols
  • Using actual network performance metrics
  • throughput, loss rate, end-to-end delay and delay
    jitter
  • Determine the optimal parameters of proposed
    scheme
  • key tree degree, batch rekeying interval
  • Improving proposed scheme to support seamless
    roaming

45
Conclusions
  • Wireless mesh networks (WMNs)
  • A fast, inexpensive way to provide Internet
    access
  • More vulnerable to security attacks
  • Comprehensive review of existing approaches
    protocols
  • Access control
  • Authentication
  • Group key management
  • Identify the new challenges opportunities
  • Suggest future research direction on security in
    WMNs
Write a Comment
User Comments (0)
About PowerShow.com