Tesi etd-04092008-205207 |
Link copiato negli appunti
Tipo di tesi
Tesi di dottorato di ricerca
Autore
SAVINO, IDA MARIA
URN
etd-04092008-205207
Titolo
Security and Reconfigurability in Networked Embedded Systems
Settore scientifico disciplinare
ING-INF/05
Corso di studi
INGEGNERIA DELL'INFORMAZIONE
Relatori
Relatore Prof. Dini, Gianluca
Parole chiave
- Security
- rekeying
- reconfigurability
- wireless sensor networks
Data inizio appello
09/06/2008
Consultabilità
Parziale
Data di rilascio
09/06/2048
Riassunto
Nowadays, the convergence of communication, computing and control provides the ability to build large-scale, widely distributed, heterogeneous, pervasive, networked embedded systems, which not only have capabilities of sensing, but also of acting in and on the environment. Security in these systems is an open question that could prove to be a more difficult long-term problem than is today in desktop and enterprise computing. Given their interactive and pervasive nature, a security breach in embedded systems can result in severe privacy violations and physical side effects, including property damage, injury and even death.
In order to be cost-effective and operational over time, embedded systems have to adapt to changing operating conditions by dynamically downloading software. Usually, such systems use wireless communication to simplify deployment and increase reconfigurability. It follows that an adversary can easily launch security logical attacks by downloading malicious software through the wireless medium. Furthermore, cost reasons often cause embedded devices to lack adequate physical/hardware support aimed at protection and tamper-resistance. This, together with the fact that devices can be deployed over unattended areas, implies that each embedded device is exposed to the risk of being compromised. In such scenario, compromised devices have to be logically removed from the network communication. However, removing the logical presence of compromised devices could not guarantee the usefulness and effectiveness of the network. Hence, the network has to be able to autonomously reconfigure itself by replacing compromised devices with new ones to cover all the geographical areas.
With reference to such scenario, we focus on defining a security architecture for guaranteeing secure software reconfiguration and secure communication in networked embedded systems. Furthermore, we define a protocol for key distribution and revocation aimed at logically removing compromised devices from the network communication. Finally, we define a decentralized protocol to cope with the presence of compromised and damaged devices by using autonomous mobile devices. For our prototyping we consider a network composed of low-power, low-cost communication miniature computing sensors, such as Wireless Sensor Networks.
In order to be cost-effective and operational over time, embedded systems have to adapt to changing operating conditions by dynamically downloading software. Usually, such systems use wireless communication to simplify deployment and increase reconfigurability. It follows that an adversary can easily launch security logical attacks by downloading malicious software through the wireless medium. Furthermore, cost reasons often cause embedded devices to lack adequate physical/hardware support aimed at protection and tamper-resistance. This, together with the fact that devices can be deployed over unattended areas, implies that each embedded device is exposed to the risk of being compromised. In such scenario, compromised devices have to be logically removed from the network communication. However, removing the logical presence of compromised devices could not guarantee the usefulness and effectiveness of the network. Hence, the network has to be able to autonomously reconfigure itself by replacing compromised devices with new ones to cover all the geographical areas.
With reference to such scenario, we focus on defining a security architecture for guaranteeing secure software reconfiguration and secure communication in networked embedded systems. Furthermore, we define a protocol for key distribution and revocation aimed at logically removing compromised devices from the network communication. Finally, we define a decentralized protocol to cope with the presence of compromised and damaged devices by using autonomous mobile devices. For our prototyping we consider a network composed of low-power, low-cost communication miniature computing sensors, such as Wireless Sensor Networks.
File
| Nome file | Dimensione |
|---|---|
| Frontesp...rmato.pdf | 35.72 Kb |
1 file non consultabili su richiesta dell’autore. |
|