Junqi Zhang

Review: Wireless sensor network key management survey and taxonomy

Wireless sensor networks (WSN) are mobile ad hoc networks in which sensors have limited resources and communication capabilities. Secure communications in some wireless sensor networks are critical. Key management is the fundamental security mechanism in wireless sensor network. Many key management schemes have been developed in recent years. In this paper, we present wireless sensor network key management survey and taxonomy. We classify proposed wireless sensor network key management schemes into three categories based on the encryption key mechanism. We then divide each category into several subcategories based on key pre-distribution and key establishment.

m out of n Oblivious Transfer

We present three novel constructions of m out of n oblivious transfer, which demonstrate significant improvement over the existing schemes in terms of completeness, robustness and flexibility. We also show how to construct a non-interactive m out of n oblivious transfer, based on discrete logarithm. These constructions have potential applicability in electronic commerce.

Robust non-interactive oblivious transfer

We present a novel scheme of noninteractive m out of n oblivious transfer, which demonstrates significant improvement over the existing schemes in terms of completeness, robustness and flexibility. This scheme is useful for protection of user privacy in the Internet.

A Dynamic Trust Establishment and Management Framework for Wireless Sensor Networks

In this paper, we present a trust establishment and management framework for hierarchical wireless sensor networks. The wireless sensor network architecture we consider consists of a collection of sensor nodes, cluster heads and a base station arranged hierarchically. The framework encompasses schemes for establishing and managing trust between these different entities. We demonstrate that the proposed framework helps to minimize the memory, computation and communication overheads involved in trust management in wireless sensor networks. Our framework takes into account direct and indirect (group) trust in trust evaluation as well as the energy associated with sensor nodes in service selection. It also considers the dynamic aspect of trust by introducing a trust varying function which could be adjusted to give greater weight to the most recently obtained trust values in the trust calculation. The architecture also has the ability to deal with the inter-cluster movement of sensor nodes using a combination of certificate based trust and behaviour based trust.

A novel dynamic key management scheme for secure multicasting

We propose a new secure multicast scheme based on a novel hybrid key distribution scheme. This scheme meets the requirements described in the Internet Engineering Task Force (IETF) for multicast security architecture. It exhibits certain unique advantages in security services over existing schemes in the area of dynamic group key management. Our scheme allows efficient mechanisms for group members to join and leave a group frequently.

A Dynamic Authentication Scheme for Hierarchical Wireless Sensor Networks

Sensor networks offer economically viable solutions for a wide variety of monitoring applications. In surveillance of critical infrastructure such as airports by sensor networks, security becomes a major concern. To resist against malicious attacks, secure communication between severely resource-constrained sensor nodes is necessary while maintaining scalability and flexibility to topology changes. A robust security solution for such networks must facilitate authentication of sensor nodes and the establishment of secret keys among nodes In this paper, we propose a decentralized authentication and key management framework for hierarchical ad hoc sensor networks. This scheme is light weight and energy aware and reduces the communication overhead.

Mobile Agent and Web Service Integration Security Architecture

Mobile agent technology and Web service technology compensate each other and play very important roles in e-service applications. The mechanism of Web services technology naturally provides a platform for deploying mobile agent technology. Therefore, the integration of the mobile agent technology and Web Service technology has been actively investigated in recent years. On the other hand, the security issues of the integration system have not drawn much attention. In this paper, we present a new security architecture for the integration of mobile agent and the Web services technology. This architecture provides a new authentication scheme for Web service provider to verify the mobile agent owners identity by employing an identity-based signature protocol without using the username/password pair, which is infeasible for mobile agent. We also propose a new Web services and mobile agent system confidentiality protocol, which provides an alternative method to current security mechanisms without using certification authorities (CA) based public key infrastructure. With this scheme, it can simplify the key management and reduce the computation load particularly for group-oriented web services. In addition, this scheme also inherently has the non-repudiation property.

A Scalable Multi-service Group Key Management Scheme

Scalable multi-service oriented group key management addresses issues relating to situations where dynamic group users have different privileges for accessing different sets of services. In this paper, we propose a new flexible group key management scheme based on an ID-based distribution encryption algorithm. This scheme has several advantages over existing multi-service oriented schemes. We show that the proposed scheme has some unique scalability properties, less storage, less communication overhead and inherent traitor tracing and stateless properties than previously known schemes. We believe the proposed scheme can be used to provide a secure information distribution method for many multi-service group-oriented applications.

A New Security Scheme for Integration of Mobile Agents and Web Services

Web services specification provides an open standard for the distributed service oriented architecture. It is widely used in Internet and pervasive networks supporting wireless mobile devices. A mobile agent is a composition of computer software and data which is able to migrate from one host to another autonomously and continue its execution on the destination host. Mobile agent technology can reduce the bandwidth requirement and tolerate the network faults - able to operate without an active connection between clients and server. Hence, the applications of the combination of mobile agents and web service have been widely investigated in recent years. However, the security issue is still of a major concern. In this paper, we propose a novel agent-based web service security scheme. This scheme provides a new authentication protocol without using the user- name/password pair, which is infeasible for mobile agent, and gives an alternative method to current security mechanism without using Certification Authorities (CA) based public key infrastructure. With this scheme, we can simplify the key management and reduce the computation particularly for group-oriented web services.

Securing XML document sources and their distribution

XML has been becoming popular for data store, document representation and exchange over the Web. Security mechanisms for the protection of XML document sources and their distribution are essential. Author-X is a Java based system specifically conceived for the protection of XML documents. It supports a range of protection granularity levels and subject credentials, but also supports push distribution for documents broadcast. However, the proposed system has certain disadvantages in terms of both security and dynamic key management. For example, a sender has to distribute the secret keys to all correspondent users for different XML documents. Also, if one of the users leave or a credential is changed, then the sender has to re-encrypt all related documents and redistribute the secret keys to all correspondent users. In this paper, we present a scheme for securing XML documents and their distribution. Our scheme has several advantages over Author-X such as: (a) one user needs only one private key; (b) even when the user leaves or a credential is changed, all the other users will be unaffected; (c) there is no need to establish a secure channel for key distribution; and (d) there is no need for checking the XML documents for access control policies applied. These make the security model more efficient and robust as well as simplifying the programming and the generation of the encrypted document base.