Marcos A. Simplício

A survey on key management mechanisms for distributed Wireless Sensor Networks

Wireless Sensor Networks (WSNs) have a vast field of applications, including deployment in hostile environments. Thus, the adoption of security mechanisms is fundamental. However, the extremely constrained nature of sensors and the potentially dynamic behavior of WSNs hinder the use of key management mechanisms commonly applied in modern networks. For this reason, many lightweight key management solutions have been proposed to overcome these constraints. In this paper, we review the state of the art of these solutions and evaluate them based on metrics adequate for WSNs. We focus on pre-distribution schemes well-adapted for homogeneous networks (since this is a more general network organization), thus identifying generic features that can improve some of these metrics. We also discuss some challenges in the area and future research directions.

A Quantitative Analysis of Current Security Concerns and Solutions for Cloud Computing

The development of cloud computing services is speeding up the rate in which the organizations outsource their computational services or sell their idle computational resources. Even though migrating to the cloud remains a tempting trend from a financial perspective, there are several other aspects that must be taken into account by companies before they decide to do so. One of the most important aspect refers to security: while some cloud computing security issues are inherited from the solutions adopted to create such services, many new security questions that are particular to these solutions also arise, including those related to how the services are organized and which kind of service/data can be placed in the cloud. Aiming to give a better understanding of this complex scenario, in this article we identify and classify the main security concerns and solutions in cloud computing, and propose a taxonomy of security in cloud computing, giving an overview of the current status of security in this emerging technology.

Mobile health in emerging countries: A survey of research initiatives in Brazil

OBJECTIVE To conduct a comprehensive survey of mobile health (mHealth) research initiatives in Brazil, discussing current challenges, gaps, opportunities and tendencies. METHODS Systematic review of publicly available electronic documents related to mHealth, including scientific publications, technical reports and descriptions of commercial products. Specifically, 42 projects are analyzed and classified according to their goals. This analysis considers aspects such as security features provided (if any), the health condition that are focus of attention, the main providers involved in the projects development and deployment, types of devices used, target users, where the projects are tested and/or deployed, among others. RESULTS The study shows a large number (86%) of mHealth solutions focused on the following categories: health surveys, surveillance, patient records and monitoring. Meanwhile, treatment compliance, awareness raising and decision support systems are less explored. The main providers of solutions are the universities (56%) and health units (32%), with considerable cooperation between such entities. Most applications have physicians (55%) and Community Health Agents (CHAs) (33%) as targeted users, the latter being important elements in nation-wide governmental health programs. Projects focused on health managers, however, are a minority (5%). The majority of projects do not focus on specific diseases but rather general health (57%), although solutions for hearth conditions are reasonably numerous (21%). Finally, the lack of security mechanisms in the majority of the surveyed solutions (52%) may hinder their deployment in the field due to the lack of compliance with general regulations for medical data handling. CONCLUSION There are currently many mHealth initiatives in Brazil, but some areas have not been much explored, such as solutions for treatment compliance and awareness raising, as well as decision support systems. Another research trend worth exploring refers to creating interoperable security mechanisms, especially for widely explored mHealth categories such as health surveys, patient records and monitoring. Challenges for the expansion of mHealth solutions, both in number and coverage, include the further involvement of health managers in the deployment of such solutions and in coordinating efforts among health and research institutions interested in the mHealth trend, possibly exploring the widespread presence of CHAs around the country as users of such technology.

Survey and comparison of message authentication solutions on wireless sensor networks

Security is an important concern in any modern network. This also applies to Wireless Sensor Networks (WSNs), especially those used in applications that monitor sensitive information (e.g., health care applications). However, the highly constrained nature of sensors imposes a difficult challenge: their reduced availability of memory, processing power and energy hinders the deployment of many modern cryptographic algorithms considered secure. For this reason, the choice of the most memory-, processing- and energy-efficient security solutions is of vital importance in WSNs. To date, a number of extensive analyses comparing different encryption algorithms and key management schemes have been developed, while very little attention has been given to message authentication solutions. In this paper, aiming to close this gap, we identify cipher-based Message Authentication Codes (MACs) and Authenticated Encryption with Associated Data (AEAD) schemes suitable for WSNs and then evaluate their features and performance on a real platform (TelosB). As a result of this analysis, we identify the recommended choices depending on the characteristics of the target network and available hardware.

The MARVIN message authentication code and the LETTERSOUP authenticated encryption scheme

We present MARVIN, a new parallelizable message authentication code (MAC) based on the ALRED family. The new algorithm is designed with resource-constrained platforms inmind and explores the structure of an underlying block cipher toprovide security at a small cost in terms of memory needs. Also,we show how MARVIN can be used as an authentication-onlyfunction or else in an authenticated encryption with associateddata (AEAD) scheme. We define a new AEAD proposal called LETTERSOUP, which is based on the mode ofoperation. Finally, we LFSRC analyze the security and performance of theresulting schemes. Copyright

One-time signature scheme from syndrome decoding over generic error-correcting codes

Abstract: We describe a one-time signature scheme based on the hardness of the syndrome decoding problem, and prove it secure in the random oracle model. Our proposal can be instantiated on general linear error correcting codes, rather than restricted families like alternant codes for which a decoding trapdoor is known to exist.

Comparison of Authenticated-Encryption schemes in Wireless Sensor Networks

Security is an important concern in any modern network. This also applies to Wireless Sensor Networks (WSNs), especially those used in applications that monitor sensitive information (e.g., health care applications). However, the highly constrained nature of sensors impose a difficult challenge: their reduced availability of memory, processing power and energy hinders the deployment of many modern cryptographic algorithms considered secure. For this reason, the choice of the most memory-, processing- and energy-efficient security solutions is of vital importance in WSNs. To date, several authors have developed extensive analyses comparing different encryption algorithms and key management schemes, while very little attention has been given to message authentication mechanisms. In this paper, we address this issues by identifying Authenticated Encryption with Associated Data (AEAD) schemes suitable for WSNs and by evaluating their features and performance on TelosB sensor nodes. As a result of this analysis, we identify the recommended choices depending on the characteristics of the target network.

SMSCrypto: A lightweight cryptographic framework for secure SMS transmission

Despite the continuous growth in the number of smartphones around the globe, Short Message Service (SMS) still remains as one of the most popular, cheap and accessible ways of exchanging text messages using mobile phones. Nevertheless, the lack of security in SMS prevents its wide usage in sensitive contexts such as banking and health-related applications. Aiming to tackle this issue, this paper presents SMSCrypto, a framework for securing SMS-based communications in mobile phones. SMSCrypto encloses a tailored selection of lightweight cryptographic algorithms and protocols, providing encryption, authentication and signature services. The proposed framework is implemented both in Java (target at JVM-enabled platforms) and in C (for constrained SIM Card processors) languages, thus being suitable for a wide range of scenarios. In addition, the signature model adopted does not require an on-line infrastructure and the inherent overhead found in the Public Key Infrastructure (PKI) model, facilitating the development of secure SMS-based applications. We evaluate the proposed framework on a real phone and on SIM Card-comparable microcontroller.

Lightweight and escrow-less authenticated key agreement for the internet of things

Abstract Security is essential for wide wireless sensor network (WSN) deployments, such as the Internet of Things (IoT). However, the resource-constrained nature of sensors severely restricts the cryptographic algorithms and protocols that can be used in such platforms. Such restrictions apply especially to authenticated key agreement (AKA) protocols for bootstrapping keys between authorized nodes: in traditional networks, such schemes involve the transmission of quite large certificates and the execution of memory- and processing-intensive cryptographic algorithms, which are not suitable for WSNs. Whereas lightweight WSN-oriented schemes also exist, most of them focus on small deployments where key-escrow is possible (i.e., a fully trusted authority knows the private keys of all nodes). Aiming to identify AKA solutions suitable for the IoT scenario, in this article we assess lightweight and escrow-free schemes, evaluating their security and performance in terms of processing time and energy consumption in the TelosB platform. Besides proving that some very efficient schemes are actually flawed, we show that the combination of SMQV (strengthened-Menezes-Qu-Vanstone) with implicit certificates leads to a secure and lightweight AKA scheme.

Georeferenced and secure mobile health system for large scale data collection in primary care

INTRODUCTION Mobile health consists in applying mobile devices and communication capabilities for expanding the coverage and improving the effectiveness of health care programs. The technology is particularly promising for developing countries, in which health authorities can take advantage of the flourishing mobile market to provide adequate health care to underprivileged communities, especially primary care. In Brazil, the Primary Care Information System (SIAB) receives primary health care data from all regions of the country, creating a rich database for health-related action planning. Family Health Teams (FHTs) collect this data in periodic visits to families enrolled in governmental programs, following an acquisition procedure that involves filling in paper forms. This procedure compromises the quality of the data provided to health care authorities and slows down the decision-making process. OBJECTIVES To develop a mobile system (GeoHealth) that should address and overcome the aforementioned problems and deploy the proposed solution in a wide underprivileged metropolitan area of a major city in Brazil. METHODS The proposed solution comprises three main components: (a) an Application Server, with a database containing family health conditions; and two clients, (b) a Web Browser running visualization tools for management tasks, and (c) a data-gathering device (smartphone) to register and to georeference the family health data. A data security framework was designed to ensure the security of data, which was stored locally and transmitted over public networks. RESULTS The system was successfully deployed at six primary care units in the city of Sao Paulo, where a total of 28,324 families/96,061 inhabitants are regularly followed up by government health policies. The health conditions observed from the population covered were: diabetes in 3.40%, hypertension (age >40) in 23.87% and tuberculosis in 0.06%. This estimated prevalence has enabled FHTs to set clinical appointments proactively, with the aim of confirming or detecting cases of non-communicable diseases more efficiently, based on real-time information. CONCLUSION The proposed system has the potential to improve the efficiency of primary care data collection and analysis. In terms of direct costs, it can be considered a low-cost solution, with an estimated additional monthly cost of U