Authentication and En-route Data Filtering for Wireless Sensor Networks in the Internet of Things Scenario

To become an indispensable part of the Internet of Things (IoT), wireless sensor networks (WSNs) have to be integrated into the Internet. Under such circumstances, any IP-enabled node in the Internet shall be able to directly communicate with any sensor node in a WSN. Then, multiple sensor nodes can be used to monitor an event and jointly generate a report to be sent to one or more Internet nodes for monitoring purposes. Hence, it becomes imperative that every event report that is transmitted from within the WSN be authenticated to intended Internet users and efficiently filtered on its way to the Internet users. However, most present authentication and en-route data filtering schemes developed for WSNs don’t consider the Internet scenario while traditional mechanisms developed for the Internet can hardly be suitable due to resource constraints of sensor nodes in WSNs. In this paper, we propose an authentication and en-route data filtering scheme for WSNs in the IoT scenario in which signature shares based on the most efficient ID-based signature scheme are generated and distributed by making use of verifiable secret sharing cryptography. Security analysis shows that the proposed scheme can defend against node compromise attacks as well as denial of service (DoS) attacks that cause report disruption and selective forwarding problems. Energy consumption as the result of computation and communication is also analyzed to show the advantages of our scheme compared to some other comparable schemes.

[1]  Yuguang Fang,et al.  SPREAD: enhancing data confidentiality in mobile ad hoc networks , 2004, IEEE INFOCOM 2004.

[2]  Haiyun Luo,et al.  Statistical En-route Detection and Filtering of Injected False Data in Sensor Networks , 2004, INFOCOM 2004.

[3]  Qun Li,et al.  Achieving robust message authentication in sensor networks: a public-key based approach , 2010, Wirel. Networks.

[4]  Sushil Jajodia,et al.  An interleaved hop-by-hop authentication scheme for filtering of injected false data in sensor networks , 2004, IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004.

[5]  Wenjing Lou,et al.  LEDS: Providing Location-Aware End-to-End Data Security in Wireless Sensor Networks , 2006, Proceedings IEEE INFOCOM 2006. 25TH IEEE International Conference on Computer Communications.

[6]  Feng Zhao,et al.  Secure-TWS: Authenticating node to multi-user communication in shared sensor networks , 2009, 2009 International Conference on Information Processing in Sensor Networks.

[7]  Weidong Kou,et al.  Identity-Based Anonymous Remote Authentication for Value-Added Services in Mobile Networks , 2009, IEEE Transactions on Vehicular Technology.

[8]  Guilin Wang,et al.  An Authentication Framework for Wireless Sensor Networks using Identity-Based Signatures , 2010, 2010 10th IEEE International Conference on Computer and Information Technology.

[9]  David E. Culler,et al.  Transmission of IPv6 Packets over IEEE 802.15.4 Networks , 2007, RFC.

[10]  Paul Feldman,et al.  A practical scheme for non-interactive verifiable secret sharing , 1987, 28th Annual Symposium on Foundations of Computer Science (sfcs 1987).

[11]  Gabriel Montenegro,et al.  IPv6 over Low-Power Wireless Personal Area Networks (6LoWPANs): Overview, Assumptions, Problem Statement, and Goals , 2007, RFC.

[12]  Yuguang Fang,et al.  Location-based compromise-tolerant security mechanisms for wireless sensor networks , 2006, IEEE Journal on Selected Areas in Communications.

[13]  Jingsha He,et al.  Trust-based Mutual Authentication for Bootstrapping in 6LoWPAN , 2012, J. Commun..

[14]  Jingsha He,et al.  Enabling end-to-end secure communication between wireless sensor networks and the Internet , 2012, World Wide Web.

[15]  William A. Arbaugh,et al.  Toward resilient security in wireless sensor networks , 2005, MobiHoc '05.

[16]  Min Wu,et al.  A Double Key-sharing Based False Data Filtering Scheme in Wireless Sensor Networks , 2013, J. Comput..