EcoSec: 專為互動式無線感測網路設計的輕型安全層

簡易檢索 / 詳目顯示

回結果列表

研究生：	卓建安 CHO, CHIEN AN
論文名稱：	EcoSec: 專為互動式無線感測網路設計的輕型安全層 EcoSec: A thin security layer for interactive programming on WSN
指導教授：	周百祥 Chou, Pai H.
口試委員:	曹孝櫟 Tsao, Shiao-Li 張立平 Chang, Li-Pin
學位類別：	碩士 Master
系所名稱：	電機資訊學院 - 資訊工程學系 Computer Science
論文出版年：	2012
畢業學年度：	100
語文別：	英文
論文頁數：	33
中文關鍵詞：	安全、認證、簽名、重寫、Eco 、EcoSec
外文關鍵詞：	Security, Authentication, Signature, Rewrite, Eco, EcoSec
相關次數：	點閱：2 下載：0
分享至:	分享至facebook 分享至twitter

查詢本校圖書館目錄查詢臺灣博碩士論文知識加值系統勘誤回報

此篇論文提出 EcoSec，一專為互動式無線感測網路設計的輕型安全層。此系統提供非常輕型、資源受限的無線感測網路平台安全的程式環境。使用者可使用 URI 定義其所想要存取的資源。在存取前，使用者會先經由一可信任的認證機制確認權限，該機制將會將使用者要求（包括欲存取的資源及程式碼）加上數位簽名後傳回。閘道器收到要求後將會檢查並自動重寫
程式碼以確認存取控制要求可以實行並將修改後的程式碼送給目標節點。節點收到程式碼後先確認簽名無誤後方放行執行。這個方式輕量到足以在一部分最為資源受限的平台上（如 Eco）提供安全機制，本系統亦夠輕量足以與其他程式環境（如 EcoCast）並存。實驗結果顯示 EcoSec 及 EcoCast 一起執行的情況下，本系統只需要比原先多幾 KB 的程式碼及資料記憶體。

This thesis proposes EcoSec, a thin security layer for supporting
secure access and macroprogramming of wireless sensor networks
consisting of ultra-compact, resource-constrained nodes with a
gateway. The user names the requested resource in the WSN in the
form of a uniform resource identifier (URI). The user must be
authenticated first and access rights checked by a trusted
authentication mechanism, which sends a signed request back to the
user along with the code fragment for access. The gateway checks and
rewrites code to enforce access rights and sends the code to the
node; the node checks the code signature before execution. This
approach is lightweight enough to run on some of the most
resource-constrained wireless sensor platforms such as Eco.
Moreover, it is sufficiently lightweight that it can be easily
integrated with a lightweight macroprogramming and interactive
programming environment called EcoCast.
Experimental results show that EcoSec in conjunction with EcoCast
run with minimal overhead while taking only a few KB of code and
data memory.

 Abstract i

Contents i

Acknowledgments vi

Introduction 1
1 Motivation 1
2 Problem Statement 2
2.1 Lightweight 2
2.2 Catching Malicious Behavior without Hardware Support 2
2.3 Designating and Locating Resources 2
3 Objectives 3
3.1 Small Code Size and Low Memory Usage 3
3.2 Fine-grained Security Policies 3
3.3 Low Performance Overhead 3
4 Contributions 3

Related Work 5
1 Interactive Access 5
1.1 RPC style 5
1.2 Shell on BaseStation 6
2 Virtualized Environment 6
2.1 SenShare 6
2.2 Darjeeling 6
3 WSN Access Control 7
3.1 WirelessHART 7
3.2 SpartanRPC 7

Technical Approach 8
1 Preface 8
1.1 System Concept 8
2 System Overview 9
3 System Components 10
3.1 Cryptography Handler 10
3.2 Resource Locator 11
3.3 Policy Enforcer 11

Implementation 12
1 URI composition 12
2 Object Space 13
3 Code Analysis 15
4 EcoSec Server 16
5 EcoSec Node Runtime Environment 17
5.1 Execution Flow 18

Evaluation 21
1 Experimental Setup 21
2 Results and Analysis 22
2.1 Runtime Layers Code Size 22
2.2 Payload Overhead 22
2.3 Latency 23

Discussion 25
1 Single Byte Instruction 25
2 Common Security Attacks 25
2.1 Replay Attack 26
2.2 Payload Modification 26

Conclusion and Future Work 28
1 Conclusion 28
2 FutureWork 28
2.1 Toolchain integration 28
2.2 Security Ciphers 29
2.3 Mixed static analysis approach 29
                                

[1] BROUWERS, N., AND CORKE, P. Darjeeling, a Java compatible virtual machine for microcon- trollers. In Proceedings of the ACM/IFIP/ . . . (2008).
[2] CAO, Q., ABDELZAHER, T., STANKOVIC, J., AND HE, T. An interactive UNIX shell for low- end sensor nodes with LiteOS. In SenSys ’07: Proceedings of the 5th international conference on Embedded networked sensor systems (Nov. 2007), ACM Request Permissions.
[3] CHAPIN, P., AND SKALKA, C. SpartanRPC: Secure WSN middleware for cooperating do- mains. In Mobile Adhoc and Sensor Systems (MASS), 2010 IEEE 7th International Conference on (2010), pp. 61–70.
[4] CROCKFORD, D. The application/json media type for JavaScript Object Notation (JSON). RFC 4627, Internet Engineering Task Force, July 2006. http://www.ietf.org/rfc/rfc4627; accessed May 20, 2012.
[5] LEONTIADIS, I., EFSTRATIOU, C., AND MASCOLO, C. SenShare: Transforming Sensor Net- works into Multi-application Sensing Infrastructures. . . . Sensor Networks (2012).
[6] MIYACHI, T., NARITA, H., YAMADA, H., AND FURUTA, H. Myth and reality on control system security revealed by Stuxnet. In SICE Annual Conference (SICE), 2011 Proceedings of (2011), pp. 1537–1540.
[7] SONG, J., HAN, S., MOK, A., CHEN, D., LUCAS, M., AND NIXON, M. WirelessHART: Ap- plying Wireless Technology in Real-Time Industrial Process Control. Real-Time and Embedded Technology and Applications Symposium, 2008. RTAS ’08. IEEE (2008), 377–386.
30
[8] STMICROELECTRONICS. Stmicroelectronics unveils world’s smallest real-time clock with em- bedded crystal, saving space and optimizing battery life in portable electronics, July 2011. http://www.st.com/internet/com/press_release/p3164.jsp; accessed Jun 14, 2012.
[9] T. BERNERS-LEE, L. M., AND MCCAHILL, M. Uniform Resource Locators (URL). RFC 1738, Internet Engineering Task Force, Dec. 1994. http://www.ietf.org/rfc/rfc1738; ac- cessed May 20, 2012.
[10] T. BERNERS-LEE, R. F., AND MASINTER, L. Uniform resource identifier (uri): Generic syntax. RFC 3986, Internet Engineering Task Force, Jan. 2005. http://www.ietf.org/rfc/ rfc3986; accessed May 20, 2012.
[11] TU, Y.-H., LEE, Y.-C., TSAI, Y.-W., CHIEN, T.-C., AND CHOU, P. EcoCast: Interactive, object-oriented macroprogramming for networks of ultra-compact wireless sensor nodes. In Information Processing in Sensor Networks (IPSN), 2011 10th International Conference on (2011), pp. 113–114.
[12] WHITEHOUSE, K., TOLLE, G., TANEJA, J., SHARP, C., KIM, S., JEONG, J., HUI, J., DUTTA, P., AND CULLER, D. Marionette: using RPC for interactive development and debugging of wireless embedded networks. In Information Processing in Sensor Networks, 2006. IPSN 2006. The Fifth International Conference on (2006), pp. 416–423.

全文公開日期本全文未授權公開 (校內網路)
全文公開日期本全文未授權公開 (校外網路)

簡易檢索 / 詳目顯示

相關論文