1 / 21

pDCS: Security and Privacy Support for Data-Centric Sensor Networks

pDCS: Security and Privacy Support for Data-Centric Sensor Networks. Min Shao, Sencun Zhu, Wensheng Zhang, and Guohong Cao Penn State University. Roadmap. Introduction to Data-Centric Sensor Networks Characteristics, motivation, security attacks Design Goals of pDCS pDCS Overview

tammy
Download Presentation

pDCS: Security and Privacy Support for Data-Centric Sensor Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. pDCS: Security and Privacy Support for Data-Centric Sensor Networks Min Shao, Sencun Zhu, Wensheng Zhang, and Guohong Cao Penn State University

  2. Roadmap • Introduction to Data-Centric Sensor Networks • Characteristics, motivation, security attacks • Design Goals of pDCS • pDCS • Overview • Privacy Enhanced Data-Location Mapping • Improving the Query Efficiency • Performance Evaluation • Conclusions

  3. u v A Data-centric Sensor Network • A new paradigm for data dissemination • Through a DCS a zoologist knows the locations of all animals H(deer)

  4. Security Attacks • Passive attack • listen to the communication only • Query attack • send a query to sensor nodes to obtain the data • Readout attack • read out the data/key in the captured sensor nodes • Mapping attack • identify the mapping relation between two cells

  5. Design Goals of pDCS • Mapping Randomization • Backward Event Privacy • Preventing an attacker from compromising previous data • Forward Event Privacy • Preventing an attacker from compromising future data • Query Improvement • Query Privacy • the probability that an attacker cannot find the ids of the storage cells from eavesdropping query messages • Query Efficiency • Event Privacy Level (EPL): the probability that an attacker • cannot obtain both the sensor data and the encryption keys for an event of his interest

  6. u v pDCS Overview • Cell u first determines the location of the storage cell v through a keyed hash function. • u encrypts the recorded information (Me) with its own cell key. • u then forwards the message towards the destination storage cell. • On receiving the message, v stores it locally • If an authorized user is interested in the event E in cell u, he determines v and sends a query to v.

  7. Scheme I: Group-Key-Based Mapping • Mapping Function Nr, Nc: number of rows and columns K: a group-wide shared key E: an event • Type I Query • what is the information about an event E?

  8. BEPL & FEPL of Scheme I • m – #source cells • s - #compromised cells

  9. Scheme II: Time-Based Mapping • Mapping Function Group key KT is updated every T seconds. When its timer fires, a node derives the next group key KT=H(KT) and erases the previous key KT • Type II Query • what is about the event E during the time interval T? • Security Analysis • higher BEPL than in Scheme I • higher FEPL than in Scheme I T1 v1 T2 v2

  10. Scheme III: Cell-Based Mapping • Mapping Function Kij: the cell key of cell (i, j), updated in every T seconds • Type III Query • has event E happened in cell L(i, j) during the time interval T? • Security Analysis • BEPL=1 • the same FEPL as Scheme II T1 T2 T2 T1

  11. Message Overhead low high Mapping Schemes Summary Scheme I Group-Key-Based Scheme II Time-Based Scheme III Cell-Based Privacy low high Query Granularity low high

  12. Secure Query and Improve efficiency Basic Scheme • high message overhead • query privacy=0

  13. Secure Query and Improve efficiency (2) Euclidean Steiner Tree (EST) Scheme • low message overhead • query privacy

  14. Secure Query and Improve efficiency (3) Keyed Bloom Filter (KBF) Scheme x kp Hi(x|kp) (i=1,…,k)

  15. Secure Query and Improve efficiency (3) Keyed Bloom Filter (KBF) Scheme c1 c2 c3 kX c4 c7 c6 c5 Hi(cj|kX)(j=1,2,…,7)

  16. Performance Evaluation (1) Query bandwidth overhead 20x20 cells

  17. Performance Evaluation (2) Query Delay

  18. Performance Evaluation (3) Query Privacy

  19. Query Delay low high Message Overhead high low Query Techniques Summary Basic Scheme EST Scheme KBF Scheme Query Privacy low high

  20. Conclusions • The first work to provide security and privacy to DCS • Propose solutions for building a secure data-centric sensor network (pDCS) • Offer different levels of privacy in data-location mapping • Offer several query optimization techniques • Future Work • improve forward event privacy

  21. Thank You!

More Related