An identity-based key agreement scheme for large scale sensor networks

To solve the problems of high memory occupation, low connectivity and poor resiliency against node capture, which existing in the random key pre-distribution techniques while applying to the large scale Wireless Sensor Networks （WSNs）, an Identity-Based Key Agreement Scheme （IBKAS） is proposed based on identity-based encryption and Elliptic Curve Diffie-Hellman （ECDH）. IBKAS can resist man-in-the-middle attacks and node-capture attacks through encrypting the key agreement parameters using identity-based encryption. Theoretical analysis indicates that comparing to the random key pre-distribution techniques, IBKAS achieves significant improvement in key connectivity, communication overhead, memory occupation, and security strength, and also enables efficient secure rekcying and network expansion. Furthermore, we implement IBKAS for TinyOS-2.1.2 based on the MICA2 motes, and the experiment results demonstrate that IBKAS is feasible for infrequent key distribution and rekeying for large scale sensor networks.     

A dual-mode energy efficient encryption protocol for wireless sensor networks

This paper presents a novel link-layer encryption protocol for wireless sensor networks. The protocol design aims to reduce energy consumption by reducing security related communication overhead. This is done by merging security related data of consecutive packets. The merging (or combining packets) based on simple mathematical operations helps to reduce energy consumption by eliminating the requirement to send security related fields in headers and trailers. We name our protocol as the Compact Security Protocol referred to as C-Sec. In addition to energy savings, the C-Sec protocol also includes a unique security feature of hiding the packet header information. This feature makes it more difficult to trace the flow of wireless communication, and helps to minimize the cost of defending against replay attacks. We performed rigorous testing of the C-Sec protocol and compared it with well-known protocols including TinySec, MiniSec, SNEP and Zigbee. Our performance evaluation demonstrates that the C-Sec protocol outperforms other protocols in terms of energy savings. We also evaluated our protocol with respect to other performance metrics including queuing delay and error probability.     

Identity-based key agreement and encryption for wireless sensor networks

1 Introduction WSN has received considerable attention during last decade [1?4] (see, for example, the proceedings of the ACM and IEEE Workshops on WSN). It has wide variety of applications, including military sensing and tracking, environment and securit…     

无线传感器网络中带消息恢复机制的PBC广播认证协议

为了在无线传感器网络(WSN)中保证安全等级的情况下最小化通信和计算成本,提出了一种带消息恢复机制的基于配对密码学的广播认证协议。该机制不需要同时传输原始签名信息和新生成的签名信息,认证/消息恢复过程能自动恢复原始签名信息。首先初始化系统,基站产生系统参数;然后用户从基站获取密钥,访问WSN;最后当用户需要广播消息给WSN时,用户使用包含消息恢复机制的身份签名(IBS)协议写下签名消息,生成签名后进行消息广播。实验性能分析表明,与IMBAS和IDBAS相比,本文协议的广播消息大小分别减少了30%和22.3%,在112比特位安全等级,总能耗至少减少30%左右,在80比特位安全等级至少可降低15%的总能耗。     

An improved key distribution mechanism for large-scale hierarchical wireless sensor networks

Wireless sensor networks are often deployed in hostile environments and operated on an unattended mode. In order to protect the sensitive data and the sensor readings, secret keys should be used to encrypt the exchanged messages between communicating nodes. Due to their expensive energy consumption and hardware requirements, asymmetric key based cryptographies are not suitable for resource-constrained wireless sensors. Several symmetric-key pre-distribution protocols have been investigated recently to establish secure links between sensor nodes, but most of them are not scalable due to their linearly increased communication and key storage overheads. Furthermore, existing protocols cannot provide sufficient security when the number of compromised nodes exceeds a critical value. To address these limitations, we propose an improved key distribution mechanism for large-scale wireless sensor networks. Based on a hierarchical network model and bivariate polynomial-key generation mechanism, our scheme guarantees that two communicating parties can establish a unique pairwise key between them. Compared with existing protocols, our scheme can provide sufficient security no matter how many sensors are compromised. Fixed key storage overhead, full network connectivity, and low communication overhead can also be achieved by the proposed scheme.     

An effective key management scheme for heterogeneous sensor networks

Security is critical for sensor networks used in military, homeland security and other hostile environments. Previous research on sensor network security mainly considers homogeneous sensor networks. Research has shown that homogeneous ad hoc networks have poor performance and scalability. Furthermore, many security schemes designed for homogeneous sensor networks suffer from high communication overhead, computation overhead, and/or high storage requirement. Recently deployed sensor network systems are increasingly following heterogeneous designs. Key management is an essential cryptographic primitive to provide other security operations. In this paper, we present an effective key management scheme that takes advantage of the powerful high-end sensors in heterogeneous sensor networks. The performance evaluation and security analysis show that the key management scheme provides better security with low complexity and significant reduction on storage requirement, compared with existing key management schemes.     

An efficient anonymous communication protocol for wireless sensor networks

Anonymous communication is very important for many wireless sensor networks, because it can be used to hide the identity of important nodes, such as the base station and a source node. In sensor networks, anonymous communication includes several important aspects, such as source anonymity, communication relationship anonymity, and base station anonymity. Existing sensor network anonymous schemes either cannot achieve all the anonymities or have large computation, storage, and communication overheads. In this paper, we propose an efficient anonymous communication protocol for sensor networks that can achieve all the anonymities while having small overheads on computation, storage, and communication. We compare our anonymous communication protocol with several existing schemes, and the results show that our protocol provides strong anonymity protection and has low overheads. Copyright © 2011 John Wiley & Sons, Ltd.     

HIKES: Hierarchical key establishment scheme for wireless sensor networks

This paper presents a hierarchical key establishment scheme called HIKES. The base station in this scheme, acting as the central trust authority, empowers randomly selected sensors to act as local trust authorities authenticating, on its behalf, the cluster members and issuing private keys. HIKES uses a partial key escrow scheme that enables any sensor node selected as a cluster head to generate all the cryptographic keys needed to authenticate other sensors within its cluster. This scheme localizes secret key issuance and reduces the communication cost with the base station. HIKES provides an efficient broadcast authentication in which source authentication is achieved in a single transmission and a good defense for the routing mechanism. HIKES defends the routing mechanism against most known attacks and is robust against node compromise. HIKES also provides high addressing flexibility and network connectivity to all sensors in the network, allowing sensor addition and deletion. Simulation results have shown that HIKES provides an energy‐efficient and scalable solution to the key management problem. Copyright © 2012 John Wiley & Sons, Ltd.     

One-way hash chain-based self-healing group key distribution scheme with collusion resistance capability in wireless sensor networks

In order to resolve the collusion resistance problem in the one-way hash chain-based self-healing group key distribution schemes and improve the performance of previous self-healing group key distribution schemes, we propose a self-healing group key distribution scheme based on the revocation polynomial and a special one-way hash key chain for wireless sensor networks (WSNs) in this paper. In our proposed scheme, by binding the time at which the user joins the group with the capability of recovering previous group session keys, a new method is addressed to provide the capability of resisting the collusion attack between revoked users and new joined users, and a special one-way hash chain utilization method and some new methods to construct the personal secret, the revocation polynomial and the key updating broadcast packet are presented. Compared with existing schemes under same conditions, our proposed scheme not only supports more revoked users and sessions, but also provides a stronger security. Moreover, our proposed scheme reduces the communication overhead, and is especially suited for a large scale WSN in bad environments where a strong collusion attack resistance capability is required and many users will be revoked.     

无线传感器网络中能量有效的波束成形机制

针对无线传感器网络中单个节点能量和通信距离均受限,以及传统波束成形机制中由于忽略能耗均衡而造成单个节点过早死亡的特点,提出了一种能量有效的波束成形机制。首先分析了节点个数、发射系数、功率受限、相位等因素对网络能耗的影响,给出了对应的设计原则。然后,基于此原则来选择参与发射的节点,并结合节点的剩余能量和相位来调整各自的发射系数。理论分析和仿真结果表明,该机制有效地增加了数据成功传输的次数,均衡了节点间的能耗,延长了网络寿命。     

Energy efficient node-to-node authentication and communication confidentiality in wireless sensor networks

A distributed Wireless Sensor Network (WSN) is a collection of low-end devices with wireless message exchange capabilities. Due to the scarcity of hardware resources, the lack of network infrastructures, and the threats to security, implementing secure pair-wise communications among any pair of sensors is a challenging problem in distributed WSNs. In particular, memory and energy consumption as well as resilience to sensor physical compromise are the most stringent requirements. In this paper, we introduce a new threat model to communications confidentiality in WSNs, the smart attacker model. Under this new, more realistic model, the security features of previously proposed schemes decrease drastically. We then describe a novel pseudo-random key pre-deployment strategy ESP that combines all the following properties: (a) it supports an energy-efficient key discovery phase requiring no communications; (b) it provides node to node authentication; (c) it is highly resistant to the smart attacker.We provide both asymptotic results and extensive simulations of the schemes that are beingproposed. This work was partially funded by the WEB-MINDS project supported by the Italian MIUR under the FIRB program, and by the PRIN 2003 “Web-based Management and Representation of Spatial and Geographic Data” program from the Italian MIUR. Roberto Di Pietro is partially funded by ISTI-CNR, WNLab, Pisa, with a Post-doc grant under the IS-MANET program. Roberto Di Pietro received the Ph.D. in Computer Science from the University of Roma “La Sapienza”, Italy, in 2004. He received the Bs. and Ms. degree in Computer Science from the University of Pisa, Italy, in 1994. Since 1995 he has been working for the technical branch of the Italian Army and the Internal Affairs Ministry. His main research interests include: security for mobile ad hoc and wireless networks, security for distributed systems, secure multicast, applied cryptography and computer forensics. Luigi V. Mancini received the PhD degre in Computer Science from the University of Newcastle upon Tyne, UK, in 1989, and the Laurea degree in Computer Science from the University of Pisa, Italy, in 1983. From 2000, he is a full professor of Computer Science at the Dipartimento di Informatica of the University of Rome “La Sapienza”. Since 1994, he is a visiting research professor of the Center for Secure Information Systems, GMU, Virginia, USA. Currently he is the advisor of six Ph.D students. His current research interests include: computer network and information security, wireless network security, fault-tolerant distributed systems, large-scale peer-to-peer systems, and hard-real-time distributed systems. He published more than 60 scientific papers in international conferences and journals such as: ACM TISSEC, IEEE TKDE, IEEE TPDS, and IEEE TSE. He served in the program committees of several international conferences which include: ACM Conference on Computer and Communication Security, ACM Conference on Conceptual Modeling, ACM Symposium on Access Control Models and Technology, ACM Workshop of Security of Ad-hoc and Sensor Networks, IEEE Securecomm, IEEE Conference on Cluster Computing. He is also the program chair of the first two editions of the IEEE Workshop on Hot Topics in Peer-to-Peer Systems held in 2004 (Volendam, Holand) and in 2005 (San Diego, California). Currently, he is a member of the Scientific Board of the Italian Communication Police force, and the director of the Master degree program in Computer and Network Security of the University of Rome “La Sapienza”, Italy. Alessandro Mei received the Laurea degree in computer science from the University of Pisa, Italy, in 1994, and the PhD degree in mathematics from the University of Trento, Italy, in 1999. In 1998, he was at the Department of EE-Systems of the University of Southern California, Los Angeles, as a visiting scholar for one year. After holding a postdoctoral position at the University of Trento, in 2001 he joined the Faculty of Science of the University of Rome "La Sapienza", Italy, as an assistant professor of computer science. His main research interests include security of distributed systems and networks, algorithms for parallel, distributed, and optical systems and reconfigurable computing. He was presented with the Best Paper Award of the 16th IEEE International Parallel and Distributed Processing Symposium in 2002, the EE-Systems Outstanding Research Paper Award of the University of Southern California for 2000, and the Outstanding Paper Award of the Fifth IEEE/ACM International Conference on High Performance Computing in 1998. He is a member of the ACM and the IEEE and, from 2005, he is an Associate Editor of IEEE Transactions on Computers.     

On the design of secure user authenticated key management scheme for multigateway‐based wireless sensor networks using ECC

In wireless sensor networks (WSNs), there are many critical applications (for example, healthcare, vehicle tracking, and battlefield), where the online streaming data generated from different sensor nodes need to be analyzed with respect to quick control decisions. However, as the data generated by these sensor nodes usually flow through open channel, so there are higher chances of various types of attacks either on the nodes or on to the data captured by these nodes. In this paper, we aim to design a new elliptic curve cryptography–based user authenticated key agreement protocol in a hierarchical WSN so that a legal user can only access the streaming data from generated from different sensor nodes. The proposed scheme is based upon 3‐factor authentication, as it applies smart card, password, and personal biometrics of a user (for ticket generation). The proposed scheme maintains low computation cost for resource‐constrained sensor nodes, as it uses efficient 1‐way cryptographic hash function and bitwise exclusive‐OR operations for secure key establishment between different sensor nodes. The security analysis using the broadly accepted Burrows‐Abadi‐Needham logic, formal security verification using the popular simulation tool (automated validation of Internet security protocols and applications), and informal security show that the proposed scheme is resilient against several well‐known attacks needed for a user authentication scheme in WSNs. The comparison of security and functionality requirements, communication and computation costs of the proposed scheme, and other related existing user authentication schemes shows the superior performance of the proposed scheme.     

An efficient weighted trust‐based malicious node detection scheme for wireless sensor networks

The aim of wireless sensor networks (WSNs) is to gather sensor data from a monitored environment. However, the collected or reported information might be falsified by faults or malicious nodes. Hence, identifying malicious nodes in an effective and timely manner is essential for the network to function properly and reliably. Maliciously behaving nodes are usually detected and isolated by reputation and trust‐based schemes before they can damage the network. In this paper, we propose an efficient weighted trust‐based malicious node detection (WT‐MND) scheme that can detect malicious nodes in a clustered WSN. The node behaviors are realistically treated by accounting for false‐positive and false‐negative instances. The simulation results confirm the timely identification and isolation of maliciously behaving nodes by the WT‐MND scheme. The effectiveness of the proposed scheme is afforded by the adaptive trust‐update process, which implicitly performs trust recovery of temporarily malfunctioning nodes and computes a different trust‐update factor for each node depending on its behavior. The proposed scheme is more effective and scalable than the related schemes in the literature, as evidenced by its higher detection ratio (DR) and lower misdetection ratio (MDR), which only slightly vary with the network's size. Moreover, the scheme sustains its efficient characteristics without significant power consumption overheads.     

An adaptable and scalable group access control scheme for managing wireless sensor networks

Access control is a prime technology to prevent unauthorized access to private information, which is one of the essential issues appearing in secure group communication (SGC) of wireless sensor networks (WSNs). Many studies have made good progress on access control; however, their methods are inadequate to cope with this new issue for SGC-based WSNs since of their inflexibility, inefficiency, insecurity, or small-scale.     

An unequal cluster-based routing protocol in wireless sensor networks

Clustering provides an effective method for prolonging the lifetime of a wireless sensor network. Current clustering algorithms usually utilize two techniques; selecting cluster heads with more residual energy, and rotating cluster heads periodically to distribute the energy consumption among nodes in each cluster and extend the network lifetime. However, they rarely consider the hot spot problem in multihop sensor networks. When cluster heads cooperate with each other to forward their data to the base station, the cluster heads closer to the base station are burdened with heavier relay traffic and tend to die much faster, leaving areas of the network uncovered and causing network partitions. To mitigate the hot spot problem, we propose an Unequal Cluster-based Routing (UCR) protocol. It groups the nodes into clusters of unequal sizes. Cluster heads closer to the base station have smaller cluster sizes than those farther from the base station, thus they can preserve some energy for the inter-cluster data forwarding. A greedy geographic and energy-aware routing protocol is designed for the inter-cluster communication, which considers the tradeoff between the energy cost of relay paths and the residual energy of relay nodes. Simulation results show that UCR mitigates the hot spot problem and achieves an obvious improvement on the network lifetime. Guihai Chen obtained his B.S. degree from Nanjing University, M. Engineering from Southeast University, and PhD from University of Hong Kong. He visited Kyushu Institute of Technology, Japan in 1998 as a research fellow, and University of Queensland, Australia in 2000 as a visiting professor. During September 2001 to August 2003, he was a visiting professor at Wayne State University. He is now a full professor and deputy chair of Department of Computer Science, Nanjing University. Prof. Chen has published more than 100 papers in peer-reviewed journals and refereed conference proceedings in the areas of wireless sensor networks, high-performance computer architecture, peer-to-peer computing and performance evaluation. He has also served on technical program committees of numerous international conferences. He is a member of the IEEE Computer Society. Chengfa Li was born 1981 and obtained his Bachelor’s Degree in mathematics in 2003 and his Masters Degree in computer science in 2006, both from Nanjing University, China. He is now a system programmer at Lucent Technologies Nanjing Telecommunication Corporation. His research interests include wireless ad hoc and sensor networks. Mao Ye was born in 1981 and obtained his Bachelor’s Degree in computer science from Nanjing University, China, in 2004. He served as a research assistant At City University of Hong Kong from September 2005 to August 2006. He is now a PhD candidate with research interests in wireless networks, mobile computing, and distributed systems. Jie Wu is a professor in the Department of Computer Science and Engineering at Florida Atlantic University. He has published more than 300 papers in various journal and conference proceedings. His research interests are in the areas of mobile computing, routing protocols, fault-tolerant computing, and interconnection networks. Dr. Wu serves as an associate editor for the IEEE Transactions on Parallel and Distributed Systems and several other international journals. He served as an IEEE Computer Society Distinguished Visitor and is currently the chair of the IEEE Technical Committee on Distributed Processing (TCDP). He is a member of the ACM, a senior member of the IEEE, and a member of the IEEE Computer Society.     

Spectrally efficient communication for wireless sensor networks using a cooperative MIMO technique

The multi-input multi-output (MIMO) communication framework is adopted for wireless sensor networks by having multiple sensors equipped with single-element antennas cooperate in transmission. A power method-based iterative algorithm is developed that computes the optimal transmit and receive eigen-filters distributively among the sensors while transferring most of the computational burden to the central collector node. Since the proposed algorithm implicitly exploits the channel state information (CSI) both at the receiver and the transmitter, it is expected that the resulting spectral efficiency is higher than what can be achieved by receive CSI-only space-time coding. This intuition is confirmed by employing a variable-rate adaptive modulation scheme for the eigen-transmission and comparing its spectral efficiency with that of orthogonal space time block codes (OSTBCs) at specific target bit error rates. The performance is also evaluated using realistic channel estimation as well as the least mean square (LMS) and recursive least square (RLS) algorithms for iterative eigencoding. This material is based upon work supported by the Air Force Office of Scientific Research under Award No. FA9550-04-C-0074 and Toyon Research Corporation Subcontract No. SC6431-1. Seung-Jun Kim received B.S. and M.S. from Seoul National University in 1996 and 1998, respectively, and Ph.D. from University of California, Santa Barbara in 2005, all in electrical engineering. From 1998 to 2000, he served as a Korea Overseas Volunteer at Chiang Rai Teachers College in Chiang Rai, Thailand. Since 2005, he has been with NEC Laboratories America in Princeton, NJ. His research interests lie in detection/estimation theory, spread-spectrum communications, multiple antenna techniques and cross-layer design. Richard E. Cagley received the B.S. degree in engineering from Harvey Mudd College, Claremont, CA in 1997 and the M.S. and Ph.D. degrees in electrical engineering from the University of California, Santa Barbara in 1999 and 2003 respectively. Dr. Cagley currently holds a position with Toyon Research Corporation, Goleta, CA. Prior to joining Toyon, he held positions with Fujant Incorporated, Jet Propulsion Laboratories, and Qualcomm Corporation. His general research interests are in the areas of physical and MAC layer design for wireless communication. This includes multiuser detection, interference cancellation, space-time processing, spectrum management, and digital receiver design. Ronald A. Iltis received the B.A. (Biophysics) from The Johns Hopkins University in 1978, the M.Sc in Engineering from Brown University in 1980, and the Ph.D. in Electrical Engineering from the University of California, San Diego in 1984. Since 1984, he has been with the University of California, Santa Barbara, where he is currently a Professor in the Department of Electrical and Computer Engineering. His current research interests are in CDMA, software radio, radiolocation, and nonlinear estimation. He has also served as a consultant to government and private industry in the areas of adaptive arrays, neural networks and spread-spectrum communications. Dr. Iltis was previously an Editor for the IEEE Transactions on Communications. In 1990 he received the Fred W. Ellersick award for best paper at the IEEE MILCOM conference.     

基于信息覆盖的无线传感器网络访问控制机制

通过周期性地信息扩散,设计THC(two-hop cover)算法,使传感器节点能够在用户移动过程中及时得到用户的认证信息.基于THC算法,引入Merkle散列树和单向链等安全机制,采用分布式的访问控制模式,提出了适用于随机移动用户的传感器网络访问控制机制.分析和实验表明,本机制既适用移动用户,也适用静止用户,计算、通信、存储开销低,能够抵制节点捕获、重放、DoS等攻击.     

Controlled sink mobility for prolonging wireless sensor networks lifetime

This paper demonstrates the advantages of using controlled mobility in wireless sensor networks (WSNs) for increasing their lifetime, i.e., the period of time the network is able to provide its intended functionalities. More specifically, for WSNs that comprise a large number of statically placed sensor nodes transmitting data to a collection point (the sink), we show that by controlling the sink movements we can obtain remarkable lifetime improvements. In order to determine sink movements, we first define a Mixed Integer Linear Programming (MILP) analytical model whose solution determines those sink routes that maximize network lifetime. Our contribution expands further by defining the first heuristics for controlled sink movements that are fully distributed and localized. Our Greedy Maximum Residual Energy (GMRE) heuristic moves the sink from its current location to a new site as if drawn toward the area where nodes have the highest residual energy. We also introduce a simple distributed mobility scheme (Random Movement or RM) according to which the sink moves uncontrolled and randomly throughout the network. The different mobility schemes are compared through extensive ns2-based simulations in networks with different nodes deployment, data routing protocols, and constraints on the sink movements. In all considered scenarios, we observe that moving the sink always increases network lifetime. In particular, our experiments show that controlling the mobility of the sink leads to remarkable improvements, which are as high as sixfold compared to having the sink statically (and optimally) placed, and as high as twofold compared to uncontrolled mobility. Stefano Basagni holds a Ph.D. in electrical engineering from the University of Texas at Dallas (December 2001) and a Ph.D. in computer science from the University of Milano, Italy (May 1998). He received his B.Sc. degree in computer science from the University of Pisa, Italy, in 1991. Since Winter 2002 he is on faculty at the Department of Electrical and Computer Engineering at Northeastern University, in Boston, MA. From August 2000 to January 2002 he was professor of computer science at the Department of Computer Science of the Erik Jonsson School of Engineering and Computer Science, The University of Texas at Dallas. Dr. Basagni’s current research interests concern research and implementation aspects of mobile networks and wireless communications systems, Bluetooth and sensor networking, definition and performance evaluation of network protocols and theoretical and practical aspects of distributed algorithms. Dr. Basagni has published over four dozens of referred technical papers and book chapters. He is also co-editor of two books. Dr. Basagni served as a guest editor of the special issue of the Journal on Special Topics in Mobile Networking and Applications (MONET) on Multipoint Communication in Wireless Mobile Networks, of the special issue on mobile ad hoc networks of the Wiley’s Interscience’s Wireless Communications & Mobile Networks journal, and of the Elsevier’s journal Algorithmica on algorithmic aspects of mobile computing and communications. Dr. Basagni serves as a member of the editorial board and of the technical program committee of ACM and IEEE journals and international conferences. He is a senior member of the ACM (including the ACM SIGMOBILE), senior member of the IEEE (Computer and Communication societies), and member of ASEE (American Society for Engineering Education). Alessio Carosi received the M.S. degree “summa cum laude” in Computer Science in 2004 from Rome University “La Sapienza.” He is currently a Ph.D. candidate in Computer Science at Rome University “La Sapienza.” His research interests include protocols for ad hoc and sensor networks, underwater systems and delay tolerant networking. Emanuel Melachrinoudis received the Ph.D. degree in industrial engineering and operations research from the University of Massachusetts, Amherst, MA. He is currently the Director of Industrial Engineering and Associate Chairman of the Department of Mechanical and Industrial Engineering at Northeastern University, Boston, MA. His research interests are in the areas of network optimization and multiple criteria optimization with applications to telecommunication networks, distribution networks, location and routing. He is a member of the Editorial Board of the International Journal of Operational Research. He has published in journals such as Management Science, Transportation Science, Networks, European Journal of Operational Research, Naval Research Logistics and IIE Transactions. Chiara Petrioli received the Laurea degree “summa cum laude” in computer science in 1993, and the Ph.D. degree in computer engineering in 1998, both from Rome University “La Sapienza,” Italy. She is currently Associate Professor with the Computer Science Department at Rome University “La Sapienza.” Her current work focuses on ad hoc and sensor networks, Delay Tolerant Networks, Personal Area Networks, Energy-conserving protocols, QoS in IP networks and Content Delivery Networks where she contributed around sixty papers published in prominent international journals and conferences. Prior to Rome University she was research associate at Politecnico di Milano and was working with the Italian Space agency (ASI) and Alenia Spazio. Dr. Petrioli was guest editor of the special issue on “Energy-conserving protocols in wireless Networks” of the ACM/Kluwer Journal on Special Topics in Mobile Networking and Applications (ACM MONET) and is associate editor of IEEE Transactions on Vehicular Technology, the ACM/Kluwer Wireless Networks journal, the Wiley InterScience Wireless Communications & Mobile Computing journal and the Elsevier Ad Hoc Networks journal. She has served in the organizing committee and technical program committee of several leading conferences in the area of networking and mobile computing including ACM Mobicom, ACM Mobihoc, IEEE ICC,IEEE Globecom. She is member of the steering committee of ACM Sensys and of the international conference on Mobile and Ubiquitous Systems: Networking and Services (Mobiquitous) and serves as member of the ACM SIGMOBILE executive committee. Dr. Petrioli was a Fulbright scholar. She is a senior member of IEEE and a member of ACM. Z. Maria Wang received her Bachelor degree in Electrical Engineering with the highest honor from Beijing Institute of Light Industry in China, her M.S. degree in Industrial Engineering/Operations Research from Dalhousie University, Canada and her Ph.D. in Industrial Engineering/Operations Research from Northeastern University, Boston. She served as a R&D Analyst for General Dynamics. Currently MS. Wang serves as an Optimization Analyst with Nomis Solutions, Inc.     

WSN中同构模型下动态组密钥管理方案

研究了同构网络模型的组密钥管理问题,首次给出了一个明确的、更完整的动态组密钥管理模型,并提出了一种基于多个对称多项式的动态组密钥管理方案。该方案能够为任意多于2个且不大于节点总数的节点组成的动态多播组提供密钥管理功能,解决了多播组建立、节点加入、退出等所引发的与组密钥相关的问题。该方案支持节点移动,具有可扩展性,并很好地解决了密钥更新过程中多播通信的不可靠性。组成员节点通过计算获得组密钥,只需要少量的无线通信开销,大大降低了协商组密钥的代价。分析比较认为,方案在存储、计算和通信开销方面具有很好的性能,更适用于资源受限的无线传感器网络。     

SKWN: Smart and dynamic key management scheme for wireless sensor networks

In the era of the Internet of Things (IoT), we are witnessing to an unprecedented data production because of the massive deployment of wireless sensor networks (WSNs). Typically, a network of several hundred sensors is created to ensure the interactions between the cyber world and the physical world. Unfortunately, the intensive use of this kind of networks has raised several security issues. Indeed, many WSN‐based applications require secure communication in order to protect collected data. This security is generally ensured by encryption of communication between sensors, which requires the establishment of many cryptographic keys. Managing these keys, within a protocol, is an important task that guarantees the effectiveness of the security mechanism. The protocol should be intelligently adaptable not only to intrusion events but also to the security level needed by some applications. An efficient protocol optimizes also sensors energy and consequently increases the network life cycle. In this paper, we propose, a smart and dynamic key management scheme for hierarchical wireless sensor networks (SKWN). Our protocol offers three subschemes to deal with key establishment, key renewal, and new node integration. Regarding existing schemes, SKWN does not only provide reliable security mechanisms, but it also optimizes energy consumption and overheads related to the communication and memory usage. Furthermore, our approach relies on a machine learning approach to monitor the state of the network and decide the appropriate security level. We provide a formal approach and its implementation, together with simulations allowing to compare resources usage with respect to existing approaches.