A Survey on Security Issues of M2M Communications in Cyber-Physical Systems

In this paper, we present a survey of security and privacy preserving issues in M2M communications in Cyber-Physical Systems. First, we discuss the security challenges in M2M communications in wireless networks of Cyber-Physical Systems and outline the constraints, attack issues, and a set of challenges that need to be addressed for building secure Cyber-Physical Systems. Then, a secure architecture suitable for Cyber-Physical Systems is proposed to cope with these security issues. Eventually, the corresponding countermeasures to the security issues are discussed from four aspects: access control, intrusion detection, authentication and privacy preserving, respectively. Along the way we highlight the advantages and disadvantages of various existing security schemes and further compare and evaluate these schemes from each of these four aspects. We also point out the open research issues in each subarea and conclude with possible future research directions on security in Cyber-Physical Systems. It is believed that once these challenges are surmounted, applications with intrinsic security considerations will become immediately realizable.

[1]  Weijia Li,et al.  An authentication scheme for locating compromised sensor nodes in WSNs , 2010, J. Netw. Comput. Appl..

[2]  Wensheng Zhang,et al.  GP 2 S: Generic Privacy-Preservation Solutions for Approximate Aggregation of Sensor Data ∗ , 2008 .

[3]  Zinaida Benenson,et al.  Realizing Robust User Authentication in Sensor Networks , 2005 .

[4]  Carlo Maria Medaglia,et al.  An Overview of Privacy and Security Issues in the Internet of Things , 2010 .

[5]  Karl N. Levitt,et al.  Using Specification-Based Intrusion Detection for Automated Response , 2003, RAID.

[6]  Manachai Toahchoodee,et al.  A Spatio-temporal Access Control Model Supporting Delegation for Pervasive Computing Applications , 2008, TrustBus.

[7]  Jianying Zhou,et al.  Applying intrusion detection systems to wireless sensor networks , 2006, CCNC 2006. 2006 3rd IEEE Consumer Communications and Networking Conference, 2006..

[8]  Honglin Hu,et al.  Converged Mobile Cellular Networks and Wireless Sensor Networks for Machine-to-Machine Communications , 2012, KSII Trans. Internet Inf. Syst..

[9]  Jiafu Wan,et al.  Advances in Cyber-Physical Systems Research , 2011, KSII Trans. Internet Inf. Syst..

[10]  Catholijn M. Jonker,et al.  Formal Analysis of Models for the Dynamics of Trust Based on Experiences , 1999, MAAMAW.

[11]  Siu-Ming Yiu,et al.  Security Issues and Challenges for Cyber Physical System , 2010, 2010 IEEE/ACM Int'l Conference on Green Computing and Communications & Int'l Conference on Cyber, Physical and Social Computing.

[12]  Sencun Zhu,et al.  Towards event source unobservability with minimum network traffic in sensor networks , 2008, WiSec '08.

[13]  Edward A. Lee Cyber Physical Systems: Design Challenges , 2008, 2008 11th IEEE International Symposium on Object and Component-Oriented Real-Time Distributed Computing (ISORC).

[14]  Adrian Perrig,et al.  Secure sensor network routing: a clean-slate approach , 2006, CoNEXT '06.

[15]  Inhyok Cha,et al.  Trust in M2M communication , 2009, IEEE Vehicular Technology Magazine.

[16]  Yong Wang,et al.  A survey of security issues in wireless sensor networks , 2006, IEEE Communications Surveys & Tutorials.

[17]  Wuu Yang,et al.  An Improved Dynamic User Authentication Scheme for Wireless Sensor Networks , 2007, IEEE GLOBECOM 2007 - IEEE Global Telecommunications Conference.

[18]  José María Sierra,et al.  A light-weight authentication scheme for wireless sensor networks , 2011, Ad Hoc Networks.

[19]  Dharma P. Agrawal,et al.  Intrusion Detection in Homogeneous and Heterogeneous Wireless Sensor Networks , 2008, IEEE Transactions on Mobile Computing.

[20]  Antonio Alfredo Ferreira Loureiro,et al.  Decentralized intrusion detection in wireless sensor networks , 2005, Q2SWinet '05.

[21]  Xue Liu,et al.  PDA: Privacy-Preserving Data Aggregation in Wireless Sensor Networks , 2007, IEEE INFOCOM 2007 - 26th IEEE International Conference on Computer Communications.

[22]  Kui Ren,et al.  Distributed Privacy-Preserving Access Control in Sensor Networks , 2012, IEEE Transactions on Parallel and Distributed Systems.

[23]  Manachai Toahchoodee,et al.  A Spatio-temporal Role-Based Access Control Model , 2007, DBSec.

[24]  Yu-Jung Huang,et al.  Lightweight authentication scheme for wireless sensor networks , 2012, 2012 IEEE Global High Tech Congress on Electronics.

[25]  Roberto Di Pietro,et al.  Energy efficient node-to-node authentication and communication confidentiality in wireless sensor networks , 2006, Wirel. Networks.

[26]  Weisong Shi,et al.  Preserving source location privacy in monitoring-based wireless sensor networks , 2006, Proceedings 20th IEEE International Parallel & Distributed Processing Symposium.

[27]  Sajal K. Das,et al.  Privacy preservation in wireless sensor networks: A state-of-the-art survey , 2009, Ad Hoc Networks.

[28]  S. Shankar Sastry,et al.  Secure Control: Towards Survivable Cyber-Physical Systems , 2008, 2008 The 28th International Conference on Distributed Computing Systems Workshops.

[29]  Shiuh-Pyng Shieh,et al.  An efficient broadcast authentication scheme in wireless sensor networks , 2006, ASIACCS '06.

[30]  Antonio Alfredo Ferreira Loureiro,et al.  Malicious node detection in wireless sensor networks , 2004, 18th International Parallel and Distributed Processing Symposium, 2004. Proceedings..

[31]  Shivakant Mishra,et al.  Countermeasures Against Traffic Analysis Attacks in Wireless Sensor Networks , 2005, First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05).

[32]  Yang Yu,et al.  Query privacy in wireless sensor networks , 2007, 2007 4th Annual IEEE Communications Society Conference on Sensor, Mesh and Ad Hoc Communications and Networks.

[33]  Eric Helms,et al.  Evaluating access control of open source electronic health record systems , 2011, SEHC '11.

[34]  Rajeev Shorey,et al.  Mobile, Wireless and Sensor Networks: Technology, Applications and Future Directions , 2005 .

[35]  Shivakant Mishra,et al.  Decorrelating wireless sensor network traffic to inhibit traffic analysis attacks , 2006, Pervasive Mob. Comput..

[36]  Wenjing Lou,et al.  Multi-user Broadcast Authentication in Wireless Sensor Networks , 2007, 2007 4th Annual IEEE Communications Society Conference on Sensor, Mesh and Ad Hoc Communications and Networks.

[37]  Jingsha He,et al.  A Distributed Intrusion Detection Scheme for Wireless Sensor Networks , 2008, 2008 The 28th International Conference on Distributed Computing Systems Workshops.

[38]  Sencun Zhu,et al.  Towards Statistically Strong Source Anonymity for Sensor Networks , 2008, INFOCOM.

[39]  Indrajit Ray,et al.  TrustBAC: integrating trust relationships into the RBAC model for access control in open systems , 2006, SACMAT '06.

[40]  Wade Trappe,et al.  Enhancing Source-Location Privacy in Sensor Network Routing , 2005, ICDCS.

[41]  Juan Manuel González Nieto,et al.  Secure Data Aggregation in Wireless Sensor Network: a survey , 2008, AISC.

[42]  Wenyuan Xu,et al.  Temporal Privacy in Wireless Sensor Networks , 2007, 27th International Conference on Distributed Computing Systems (ICDCS '07).

[43]  Murali S. Kodialam,et al.  Detecting network intrusions via sampling: a game theoretic approach , 2003, IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428).

[44]  Feng Xia,et al.  A Fault-Tolerant Emergency-Aware Access Control Scheme for Cyber-Physical Systems , 2011, Inf. Technol. Control..

[45]  Rolf H. Weber,et al.  Internet of Things - New security and privacy challenges , 2010, Comput. Law Secur. Rev..

[46]  Wenjing Lou,et al.  FDAC: Toward Fine-Grained Distributed Data Access Control in Wireless Sensor Networks , 2009, IEEE INFOCOM 2009.

[47]  Djamel Djenouri,et al.  A survey of security issues in mobile ad hoc and sensor networks , 2005, IEEE Communications Surveys & Tutorials.

[48]  Mahdy Saedy,et al.  Ad Hoc M2M communications and security based on 4G cellular system , 2011, 2011 Wireless Telecommunications Symposium (WTS).

[49]  Sandeep K. S. Gupta,et al.  Criticality aware access control model for pervasive applications , 2006, Fourth Annual IEEE International Conference on Pervasive Computing and Communications (PERCOM'06).

[50]  Sudip Misra,et al.  Reputation-based role assignment for role-based access control in wireless sensor networks , 2011, Comput. Commun..

[51]  Donggang Liu,et al.  Location Privacy in Sensor Networks Against a Global Eavesdropper , 2007, 2007 IEEE International Conference on Network Protocols.

[52]  Lee,et al.  [IEEE 2008 11th IEEE International Symposium on Object and Component-Oriented Real-Time Distributed Computing - Orlando, FL, USA (2008.05.5-2008.05.7)] 2008 11th IEEE International Symposium on Object and Component-Oriented Real-Time Distributed Computing (ISORC) - Cyber Physical Systems: Design Cha , 2008 .

[53]  Jiannong Cao,et al.  A dynamic user authentication scheme for wireless sensor networks , 2006, IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing (SUTC'06).