Dependable and Secure Sensor Data Storage with Dynamic Integrity Assurance

Recently, distributed data storage has gained increasing popularity for efficient and robust data management in wireless sensor networks (WSNs). But the distributed architecture also makes it challenging to build a highly secure and dependable yet lightweight data storage system. On the one hand, sensor data are subject to not only Byzantine failures, but also dynamic pollution attacks, as along the time the adversary may modify/pollute the stored data by compromising individual sensors. On the other hand, the resource-constrained nature of WSNs precludes the applicability of heavyweight security designs. To address the challenges, we propose a novel dependable and secure data storage scheme with dynamic integrity assurance in this paper. Based on the principle of secret sharing and erasure coding, we first propose a hybrid share generation and distribution scheme to achieve reliable and fault-tolerant initial data storage by providing redundancy for original data components. To further dynamically ensure the integrity of the distributed data shares, we then propose an efficient data integrity verification scheme exploiting the technique of algebraic signatures. The proposed scheme enables individual sensors to verify in one protocol execution all the pertaining data shares simultaneously in the absence of the original data. Extensive security and performance analysis shows that the proposed schemes have strong resistance against various attacks and are practical for WSNs.

[1]  Thomas J. E. Schwarz Verification of Parity Data in Large Scale Storage Systems , 2004, PDPTA.

[2]  Douglas M. Blough,et al.  An approach for fault tolerant and secure data storage in collaborative work environments , 2005, StorageSS '05.

[3]  Hugo Krawczyk,et al.  Keying Hash Functions for Message Authentication , 1996, CRYPTO.

[4]  I. Reed,et al.  Polynomial Codes Over Certain Finite Fields , 1960 .

[5]  Wenjing Lou,et al.  A new approach for random key pre-distribution in large-scale wireless sensor networks , 2006, Wirel. Commun. Mob. Comput..

[6]  David E. Culler,et al.  SPINS: Security Protocols for Sensor Networks , 2001, MobiCom '01.

[7]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[8]  Michael O. Rabin,et al.  Efficient dispersal of information for security, load balancing, and fault tolerance , 1989, JACM.

[9]  Moti Yung,et al.  Perfectly Secure Key Distribution for Dynamic Conferences , 1992, Inf. Comput..

[10]  Claudio Soriente,et al.  Catch Me (If You Can): Data Survival in Unattended Sensor Networks , 2008, 2008 Sixth Annual IEEE International Conference on Pervasive Computing and Communications (PerCom).

[11]  Ethan L. Miller,et al.  Store, Forget, and Check: Using Algebraic Signatures to Check Remotely Administered Storage , 2006, 26th IEEE International Conference on Distributed Computing Systems (ICDCS'06).

[12]  Peter Desnoyers,et al.  Capsule: an energy-optimized object storage system for memory-constrained sensor devices , 2006, SenSys '06.

[13]  Wensheng Zhang,et al.  Securing distributed data storage and retrieval in sensor networks , 2007, Pervasive Mob. Comput..

[14]  Gene Tsudik,et al.  Forward-Secure Sequential Aggregate Authentication , 2007, IACR Cryptol. ePrint Arch..

[15]  Sencun Zhu,et al.  Least privilege and privilege deprivation: towards tolerating mobile sink compromises in wireless sensor networks , 2005, MobiHoc '05.

[16]  Witold Litwin,et al.  Algebraic signatures for scalable distributed data structures , 2004, Proceedings. 20th International Conference on Data Engineering.

[17]  Gene Tsudik,et al.  Extended Abstract: Forward-Secure Sequential Aggregate Authentication , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[18]  Dirk Westhoff,et al.  Tinypeds: Tiny Persistent Encrypted Data Storage 3 in Asynchronous Wireless Sensor Networks 4 , 2006 .

[19]  Ethan L. Miller,et al.  Designing a secure reliable file system for sensor networks , 2007, StorageSS '07.

[20]  Wenjing Lou,et al.  LEDS: Providing Location-Aware End-to-End Data Security in Wireless Sensor Networks , 2008, IEEE Trans. Mob. Comput..

[21]  Peter Desnoyers,et al.  TSAR: a two tier sensor storage architecture using interval skip graphs , 2005, SenSys '05.

[22]  Stefano Chessa,et al.  Dependable and Secure Data Storage in Wireless Ad Hoc Networks: An Assessment of DS 2 , 2004, WONS.

[23]  Donggang Liu,et al.  Location-based pairwise key establishments for static sensor networks , 2003, SASN '03.