Protocol design, implementation and integration for the protection of sensor data confidentiality and integrity

Panchapakesan, Santosh
Major Professor
Wensheng Zhang
Johnny S. Wong
Daji Qiao
Committee Member
Journal Title
Journal ISSN
Volume Title
Research Projects
Organizational Units
Computer Science
Organizational Unit
Journal Issue
Computer Science

Wireless sensor networks are data centric because in many applications, sensor nodes are required to generate data, collect data, storage data and process data queries. Meanwhile, wireless sensor networks are vulnerable to security attacks because they are deployed in unattended (often hostile) environments and do not have tamper resistant hardware. Therefore, secure and efficient data management schemes are necessary to sensor networks. In this thesis work, we study how to secure a representative type of sensor data management approach called data centric storage based (DCS) schemes, with focus on protecting data confidentiality and integrity.;Considerable efforts have been made for securing DCS, however, existing work has the limitations of (i) not considering user node compromise, (ii) lack of studies on real system implementation and detailed experiments, and (iii) lack of studies on integrating security schemes to defend against multiple attacks simultaneously. To overcome these limitations, we have conducted the following research: Firstly, we have designed a new data confidentiality protocol called DKVP (data and key vulnerability protection) scheme to protect sensor data confidentiality in presence of user node compromise. Secondly, we have implemented three polynomial-based sensor data confidentiality and integrity protection schemes, namely, the adaptive polynomial-based scheme for secure data storage and query (APB), the message authentication function based schemes for data integrity (MAF), and the DKVP scheme, on top of TinyOS/Mote platform. Thirdly, we have developed a prototype system that consists of (i) integrated data confidentiality and integrity protection modules (i.e., the APB, MAF and DKVP schemes), (ii) effective and friendly interfaces to application developers to facilitate inclusion of security features into application programs, and (iii) example programs to demonstrate the integration suite developed by us.;Extensive experiments have been conducted to study the feasibility and performance of the above designs and implementations. The results show that, if system parameters are properly chosen, desired security level can be achieved which is cost affordable by the current generation of sensor nodes such as MICA motes. In particular, our study shows that running the three integrated protocols together consumes only 27 msec of processing time and 60% of CPU usage.