Skip to main content

Advertisement

SpringerLink
Log in

Enabling end-to-end secure communication between wireless sensor networks and the Internet

  • Published:
World Wide Web Aims and scope Submit manuscript

Abstract

In the paradigms of the Internet of Things (IoT) as well as the evolving Web of Things (WoT) and the emerging Wisdom Web of Things (W2T), not only can the data collected by the sensor nodes (i.e., the things) in the wireless sensor networks (WSNs) be transmitted to and processed at Internet nodes and subsequently transformed into information, knowledge, wisdom and eventually into services to serve humans, but human users can also access, control and manage the sensor nodes in the WSNs through nodes in the Internet. Since data are the basis for enabling applications and services in W2T, it becomes imperative that enabling technologies for end-to-end security be developed to secure data communication between Internet user nodes and sensor server nodes to protect the exchange of data. However, traditional security protocols developed for the Internet rely mostly on symmetric authentication and key management based on public key algorithms, thus are deemed to be unsuitable for WSNs due to resource constraints in the sensor nodes. Specifically, acting as the server nodes in this scenario, sensor nodes cannot take on the heavy duty like regular servers in the Internet. Meanwhile, current security mechanisms developed for WSNs have mainly focused on the establishment of keys between neighboring nodes at the link layer and thus are not considered to be effective for end-to-end security in the W2T scenario. In this paper, we propose an end-to-end secure communication scheme for W2T in WSNs in which we follow an asymmetric approach for authentication and key management using signcryption and symmetric key encryption. In our proposed scheme, a great part of the work for authentication and access control is shifted to a gateway between a WSN and the Internet to reduce the burden and energy consumption in the sensor nodes. In addition, our scheme can ensure the privacy of user identities and key negotiation materials, and denial of service (DoS) attacks targeted at the sensor nodes can be effectively blocked at the gateway. We will also conduct quantitative analysis and an experiment to show that our proposed scheme can enhance the effectiveness of end-to-end security while reducing the cost of sensor nodes in terms of computation, communication and storage overhead as well as the latency of handshaking compared to similar schemes that are based on Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Atzori, L., Iera, A., Morabito, G.: The internet of things: a survey. Comput. Netw. 54(15), 2787–2805 (2010)

    Article  MATH  Google Scholar 

  2. Cao, X., Kou, W., Zeng, X., Dang, L.: Identity-based anonymous remote authentication for value-added services in mobile networks. IEEE Trans. Veh. Technol. 58(7), 3508–3517 (2009)

    Article  Google Scholar 

  3. Cao, X., et al.: IMBAS: identity-based multi-user broadcast authentication in wireless sensor networks. Comput. Commun. 31(4), 659–667 (2008)

    Article  Google Scholar 

  4. Christophe, B., et al.: The web of things vision: things as a service and interaction patterns. Bell Labs. Tech. J. 16(1), 55–62 (2011)

    Article  MathSciNet  Google Scholar 

  5. CoRE (Constrained RESTful Environments) Working Group, IETF draft. Available at: http://datatracker.ietf.org/wg/core/ (2011)

  6. Crossbow, “MICA2”. Available at: http://www.xbow.com/Products/Product_pdf_files/Wireless_pdf/MICA2_Datasheet.pdf

  7. Crossbow, “MICAz”. Available at: http://www.xbow.com/Products/Product_pdf_files/Wireless_pdf/MICAz_Datasheet.pdf

  8. Dierks, T., Rescorla, E.: The Transport Layer Security (TLS) protocol version 1.2. IETF RFC 5246, (2008)

  9. Du, W., et al.: A pairwise key predistribution scheme for wireless sensor networks. ACM Trans. Inf. Syst. Secur. 8(2), 228–258 (2005)

    Article  Google Scholar 

  10. Ericsson, M.: The effects of XML compression on SOAP performance. World Wide Web 10(3), 279–307 (2007)

    Article  MathSciNet  Google Scholar 

  11. Eronen, P., Tschofenig, H.: Pre-shared Key Ciphersuites for Transport Layer Security (TLS). IETF RFC 4279, (2005)

  12. Freier, A., Karlton, P., Kocher, P.: The Secure Sockets Layer (SSL) protocol version 3.0. IETF RFC 5246, (2011)

  13. Gopinath, R.S., Khan, I., Suryady, Z.: Optimized web service architecture for 6LoWPAN. In: Proceeding of the International Conference on Information Networking, Chiang Mai, Thailand, pp. 1–3 (2009)

  14. Granjal, J., Monteiro, E., Silva, J.S.: A Secure interconnection model for IPv6 enabled wireless sensor networks. In: Proceeding of the 2010 IFIP Wireless Days, Venice, Italy, pp. 1–6 (2010)

  15. Granjal, J., Monteiro, E., Silva, J.S.: Enabling network-layer security on IPv6 wireless sensor networks. In: Proceeding of the 2010 IEEE Global Telecommunications Conference, Miami, Florida, pp. 1–6 (2010)

  16. Granjal, J., et al.: Why is IPSec a viable option for wireless sensor networks. In: Proceeding of the 5th IEEE International Conference on Mobile Ad Hoc and Sensor Systems, Atlanta, Georgia, pp. 802–807 (2008)

  17. Gupta, V., Poursohi, A., Udupi, P.: Sensor network: an open data exchange for the web of things. In: Proceeding of the 8th IEEE International Conference on Pervasive Computing and Communications Workshops, Menlo Park, California, pp. 753–755 (2010)

  18. Gupta, V., et al.: Sizzle: a standards-based end-to-end security architecture for the embedded internet. In: Proceedings of the 3rd IEEE International Conference on Pervasive Computing and Communications, Kauai, Hawaii, pp. 425–445 (2005)

  19. Gura, N., et al.: Comparing elliptic curve cryptography and RSA on 8-Bit CPUs. In: Proceedings of the 6th International Workshop on Cryptographic Hardware and Embedded Systems, Cambridge, Massachusetts, Lecture Notes in Computer Science, Vol. 3156, pp. 119–132 (2004)

  20. Hoa, N.T., Naoe, K., Takefuji, Y.: Micro secure socket layer for micro server. In: Proceeding of the 2nd International Conference on Future Networks, Sanya, China, pp. 286–289 (2010)

  21. Hui, J., Thubert, P.: Compression format for IPv6 datagrams over IEEE 802.15.4-Based Networks. IETF RFC 6282 (2011)

  22. Jung, W., et al.: SSL-based lightweight security of IP-based wireless sensor networks. In: Proceeding of the International Conference on Advanced Information Networking and Applications Workshops, Bradford, UK, pp. 1112–1117 (2009)

  23. Kamilaris, A., Trifa, V., Pitsillides, A.: HomeWeb: An application framework for web-based smart homes. In: Proceeding of the 2011 18th International Conference on Telecommunications, Ayia Napa, Cyprus, pp. 134–139 (2011)

  24. Kushalnagar, N., Montenegro, G., Schumacher, C.: IPv6 over Low-Power Wireless Personal Area Networks (6LoWPANs): Overview, assumptions, problem statement, and goals. IETF RFC 4919 (2007)

  25. Lerche, C., et al.: Implementing Powerful web services for highly resource-constrained devices. In: Proceeding of the IEEE International Conference on Pervasive Computing and Communications Workshops, Seattle, Washington, pp.332–335 (2011)

  26. Liu, D., Ning, P., Li, R.: Establishing pairwise keys in distributed sensor networks. ACM Trans. Inf. Syst. Secur. 8(1), 41–77 (2005)

    Article  Google Scholar 

  27. Montenegro, G., Kushalnagar, N., Hui, J.: Transmission of IPv6 packets over IEEE 802.15.4 Networks. IETF RFC 4944 (2007)

  28. Mzid, R., Boujelben, M., Youssef, H., Abid, M.: Adapting TLS handshake protocol for heterogeneous IP-based WSN using identity based cryptography. In: Proceeding of the International Conference on Wireless and Ubiquitous Systems, Sousse, Tunisia, pp. 1–8 (2010)

  29. OASIS Web Services Security TC. Available at: http://www.oasis-open.org/committees/wss/

  30. Park, S., et al.: IPv6 over low power WPAN security analysis. IETF Internet Draft draft-6lowpan-security-analysis-05, (2011)

  31. Raza, S., et al.: Securing communication in 6LoWPAN with compressed IPsec. In: Proceeding of the 2011 International Conference on Distributed Computing in Sensor Systems and Workshops, Barcelona, Spain, pp. 1–8 (2011)

  32. Revision, A.: Stargate NetBridge gateway user’s manual. (2007)

  33. Riaz, R., Hyung, K.K., Ahmed, H.F.: Security analysis survey and framework design for IP Connected 6LoWPANs. In: Proceeding of the International Symposium on Autonomous Decentralized Systems, Athens, Greece, pp.1–6 (2009)

  34. Riaz, R., et al.: A unified security framework with three key management schemes for wireless sensor networks. Comput. Commun. 31(18), 4269–4280 (2008)

    Article  Google Scholar 

  35. RoLL (Routing over Low power and Lossy networks) Working Group, IETF RFC 5548, 5673, 5826, 5867. Available at: http://datatracker.ietf.org/wg/roll/ (2009)

  36. Roman, R., et al.: Key management systems for sensor networks in the context of the internet of things. Comput. Electr. Eng. 37(2), 147–159 (2011)

    Article  Google Scholar 

  37. Yu, H., He, J.: Trust-based mutual authentication for bootstrapping in 6LoWPAN. J. Commun. Technol. 7(8), 634–642 (2012)

    MathSciNet  Google Scholar 

  38. Zheng, Y., Imai, H.: How to construct efficient signcryption schemes on elliptic curves. Inf. Process. Lett. 68(1998), 227–233 (1998)

    Article  MathSciNet  Google Scholar 

  39. Zheng, Y.: Signcryption and its applications in efficient public key solutions. In: Proceedings of the 1st International Workshop on Information Security, Tatsunokuchi, Japan, Lecture Notes in Computer Science, vol. 1396, pp. 291–312 (1998)

  40. Zhong, N., et al.: Research challenges and perspectives on wisdom web of things (W2T). Journal of Supercomputing, Springer, (2010)

  41. Zhu, S., Setia, S., Jajodia, S.: LEAP+: efficient security mechanisms for large-scale distributed sensor networks. ACM Trans. Sens. Netw. 2(4), 500–528 (2006)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. College of Computer Science and Technology, Beijing University of Technology, Beijing, 100124, China

    Hong Yu, Ting Zhang, Peng Xiao & Yuqiang Zhang

  2. School of Software Engineering, Beijing University of Technology, Beijing, 100124, China

    Jingsha He

Authors
  1. Hong Yu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jingsha He
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ting Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Peng Xiao
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Yuqiang Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jingsha He.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Yu, H., He, J., Zhang, T. et al. Enabling end-to-end secure communication between wireless sensor networks and the Internet. World Wide Web 16, 515–540 (2013). https://doi.org/10.1007/s11280-012-0194-0

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11280-012-0194-0

Keywords

Search

Navigation