1 / 15

Security in Wireless Residential Networks

Security in Wireless Residential Networks. Han Sang Kim. Introduction. A wide variety of traditional computing devices and embedded Internet appliances will be networked in homes. One interactive platform.

alice-goff
Download Presentation

Security in Wireless Residential Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Security inWireless Residential Networks Han Sang Kim

  2. Introduction • A wide variety of traditional computing devices and embedded Internet appliances will be networked in homes. • One interactive platform. • The broadcast nature of these networks and the heterogeneity of devices on these networks  New security problem

  3. Characteristics of Residential Networks • Lack of standardization for devices • Heterogeneity of devices’ capability - Home automation: usually operate at low data - Computer interconnection  The device capability are vastly different with respect to implementation of security mechanisms • Heterogeneous Application - Data traffic, real time service, simple on-off-dim, low data sensor information.

  4. Summary • A variety of devices connected by the WRN. The device require and support very different security services, protocols and mechanisms. • New security algorithms and protocols in development will be deployed in consumer electronic devices over time • A unified security standard appears remote and unsuitable for the WRN

  5. Requirements • Numerous and inconsistent based on the variety of end-nodes • Support variety of devices, different types of traffic, different applications • Systematically identify the elements in the WRN, their security capabilities and needs • Provide a mechanism which can unify a security architecture for the home

  6. Proposed Security Architecture for WRN • Access control for a heterogeneous WRN - device and application dependent • Approach - Device classification - security level classification • Universal access point - algorithm agility - containment security policy

  7. Categories of WRN devices • Low data rate low power fixed devices • Low data rate high power fixed devices • Low data rate low power mobile devices • High data rate high power fixed devices • High data rate low power mobile devices • High data rate high power mobile devices

  8. Categories of Security Services • No security • Moderate security • Wireline equivalent security • High security • Ultra-high security • Critically high security

  9. Algorithm-agile & Containment • Algorithm-agile: support multiple encryption algorithms and apply such algorithms  AP determine what encryption algorithm is applied to an incoming request for access and relay, and act accordingly based on security polices. • Containment: the ability of the network to keep certain security levels of information from leaking out of a particular region.  No traffic from low security device is relayed to a high security device.

  10. An example of security mechanism 1. [Dev || Dc || SL || Alg || MACk (Dev || Dc || SL)] Access Point 2. [Ek ( Dc || SL || Rn || TS)] MP3 Player 3. [Dev || Dest || Msg || h(Dest || Msg || Rn +1)] Dev: Device ID Dc: Device category SL: Security level Alg: Algorithm Rn: Nonce Dest: Destination address 4. [Msg || h(Msg || Rn || TS)] PDA

  11. Advantages and Limitations • Advantages - security architecture for universal access point - dynamically working - simple to implement and maintain - security mechanism is upgradeable • Limitations - does not solve the simple denial of service - bottleneck at the access point - not appropriate for some devices

  12. Our hybrid mechanism • Combine the security categorization mechanism with key distribution mechanism. • Key distribution mechanism: - Master key - Shared network key Access Point Key distribution Or Key update Encrypted by M1 M1 M2 Kn Appliance1 Appliance2 Mn: Master Key Kn: Shared Network Key Communication Encrypted by shared key kn

  13. Our hybrid mechanism 1. [ID1 || Dc || SL || Alg || MACmk1 (ID1 || Dc || SL)] Access Point 2. [Emk ( Dc || SL || Rn || TS)] Appliance1 3. [ID1 || Dest|| h(Dest || Rn +1)] 4. [Emk1 ( ID2|| SKey12 || TS)] [Emk2 ( ID1|| SKey12 || TS)] 5. [Eskey12 (ID12 || Msg)] Appliance2

  14. What we have done so far and will do? • Implementation our hybrid mechanism by step 4  Yes • Reduction of bottleneck  Yes • Containment police  Yes • Communication between nodes with shared network key  No • Algorithm-agile encryption/decryption  No • Employing other devices  No • Implementing our hybrid mechanism with a sensor  No

  15. References [1] H. Nakakita, K. Yamaguchi, M. Hashimoto, T. Saito, and M. Sakurai, “A Study on Secure Wireless Networks Consisting of Home Appliance”, IEEE Transactions on Consumer Electronics, Vol. 49 Issue 2 pp. 375-387, May 2003. [2] P. Krishnamurthy, J. Kabara, and T. Anusas-amornkul, “Security In Wireless Residential Networks”, IEEE Transactions on Consumer Electronics, Vol. 48 No. 1 pp. 157-166, February 2002. [3] Bruce Schneier, “Applied Cryptography”, John Wiley & Sons, 1996 [4] Andrew S. Tanenbaum, “Computer Networks”, Prentice Hall, 1996 [5] J.A. DiGirolamo, “Home networks – from toasters to HDTV”, Digest of Technical Paper in Intl. Conf. On Cons. Electronics, June, 1996. [6] R. Barry, “The future home network – one interactive and entertainment platform”, IEEE Seminar on HomeNet, June 1999. [7] http://www.bluetooth.com [8] C. Kaufman “Network Security: Prentice Hall, 1995 [9] http://security.ece.orst.edu [10] Suman Banerjee, Arunesh Mishra, “Location-based Secure Wireless Group Communication”, Mobile Computing and Communications Review, Volume 1, Number 2

More Related