skip to main content
research-article

A Lightweight and Secure Data Collection Serverless Protocol Demonstrated in an Active RFIDs Scenario

Published: 02 April 2019 Publication History

Abstract

In the growing Internet of Things context, thousands of computing devices with various functionalities are producing data (from environmental sensors or other sources). However, they are also collecting, storing, processing and transmitting data to eventually communicate them securely to third parties (e.g., owners of devices or cloud data storage). The deployed devices are often battery-powered mobile or static nodes equipped with sensors and/or actuators, and they communicate using wireless technologies. Examples include unmanned aerial vehicles, wireless sensor nodes, smart beacons, and wearable health objects. Such resource-constrained devices include Active Radio Frequency IDentification (RFID) nodes, and these are used to illustrate our proposal. In most scenarios, these nodes are unattended in an adverse environment, so data confidentiality must be ensured from the sensing phase through to delivery to authorized entities: in other words, data must be securely stored and transmitted to prevent attack by active adversaries even if the nodes are captured. However, due to the scarce resources available to nodes in terms of energy, storage, and/or computation, the proposed security solution has to be lightweight. In this article, we propose a serverless protocol to enable Mobile Data Collectors (MDCs), such as drones, to securely collect data from mobile and static Active RFID nodes and then deliver them later to an authorized third party. The whole solution ensures data confidentiality at each step (from the sensing phase, before data collection by the MDC, once data have been collected by MDC, and during final delivery), while fulfilling the lightweight requirements for the resource-limited entities involved. To assess the suitability of the protocol against the performance requirements, it was implemented on the most resource-constrained devices to get the worst possible results. In addition, to prove the protocol fulfills the security requirements, it was analyzed using security games and also formally verified using the AVISPA and ProVerif tools.

References

[1]
Sheikh Iqbal Ahamed, Farzana Rahman, and Endadul Hoque. 2008. ERAP: ECC-based RFID authentication protocol. In Proceedings of the 12th IEEE International Workshop on Future Trends of Distributed Computing Systems (FTDCS’08). IEEE, 219--225.
[2]
Raja Naeem Akram, Konstantinos Markantonakis, Keith Mayes, Pierre-François Bonnefoi, Damien Sauveron, and Serge Chaumette. 2017. A secure and trusted protocol for enhancing safety of on-ground airplanes using UAVs. In Proceedings of the Integrated Communications, Navigation and Surveillance Conference (ICNS’17). IEEE, 1--17.
[3]
Riham Altawy and Amr M. Youssef. 2016. Security, privacy, and safety aspects of civilian drones: A survey. ACM Trans. Cyber-Phys. Syst. 1, 2 (2016), 7.
[4]
Bruno Blanchet. 2014. Automatic Verification of Security Protocols in the Symbolic Model: The Verifier ProVerif. Springer International Publishing, Cham, 54--87.
[5]
Olivier Blazy, Pierre-François Bonnefoi, Emmanuel Conchon, Damien Sauveron, Raja Naeem Akram, Konstantinos Markantonakis, Keith Mayes, and Serge Chaumette. 2017. An efficient protocol for UAS security. In Proceedings of the Integrated Communications, Navigation and Surveillance Conference (ICNS’17). IEEE, 1--21.
[6]
Hui-Ru Cao, Zhi Yang, and Ye-Qian Li. 2016. A mobile WSN sink node using unmanned aerial vehicles: Design and experiment. Int. J. Netw. Mobile Technol. 10, 3 (2016).
[7]
CNAM-CEDRIC. 2006. The MESURE project. Retrieved from http://http://mesure.gforge.inria.fr.
[8]
Fausto G. Costa, Jó Ueyama, Torsten Braun, Gustavo Pessin, Fernando S. Osório, and Patrícia A. Vargas. 2012. The use of unmanned aerial vehicles and wireless sensor network in agricultural applications. In Proceedings of the IEEE International Geoscience and Remote Sensing Symposium (IGARSS’12). IEEE, 5045--5048.
[9]
Miaolei Deng, Weidong Yang, and Weijun Zhu. 2014. Weakness in a serverless authentication protocol for radio frequency identification. In Mechatronics and Automatic Control Systems. Springer, 1055--1061.
[10]
Danny Dolev and Andrew Yao. 1983. On the security of public key protocols. IEEE Trans. Info. Theory 29, 2 (1983), 198--208.
[11]
Milan Erdelj, Michał Król, and Enrico Natalizio. 2017. Wireless sensor networks and multi-UAV systems for natural disaster management. Comput. Netw. 124 (2017).
[12]
Bruno S. Faiçal, Fausto G. Costa, Gustavo Pessin, Jó Ueyama, Heitor Freitas, Alexandre Colombo, Pedro H. Fini, Leandro Villas, Fernando S. Osório, Patrícia A. Vargas, et al. 2014. The use of unmanned aerial vehicles and wireless sensor networks for spraying pesticides. J. Syst. Architect. 60, 4 (2014), 393--404.
[13]
Md Endadul Hoque, Farzana Rahman, Sheikh I. Ahamed, and Jong Hyuk Park. 2010. Enhancing privacy and security of RFID system with serverless authentication and search protocols in pervasive environments. Wireless Personal Commun. 55, 1 (2010), 65--79.
[14]
Imad Jawhar, Nader Mohamed, Jameela Al-Jaroodi, and Sheng Zhang. 2014. A framework for using unmanned aerial vehicles for data collection in linear wireless sensor networks. J. Intell. Robot. Syst. 74, 1–2 (2014), 437.
[15]
Heiner Katelyn. 2015. The Future of UAVs (Drones) in Data Collection. Retrieved from http://blog.junipersys.com/future-of-uavs-drones-in-data-collection/.
[16]
Chin-Feng Lee, Hung-Yu Chien, and Chi-Sung Laih. 2012. Server-less RFID authentication and searching protocol with enhanced security. Int. J. Commun. Syst. 25, 3 (2012), 376--385.
[17]
Luon-Chang Lin, Shih-Chang Tsaur, and Kai-Ping Chang. 2009. Lightweight and serverless RFID authentication and search protocol. In Proceedings of the 2nd International Conference on Computer and Electrical Engineering (ICCEE’09), Vol. 2. IEEE, 95--99.
[18]
Parikshit N. Mahalle, Bayu Anggorojati, Neeli Rashmi Prasad, and Ramjee Prasad. 2012. Identity establishment and capability-based access control (IECAC) scheme for internet of things. In Proceedings of the 15th International Symposium on Wireless Personal Multimedia Communications (WPMC’12). IEEE, 187--191.
[19]
Collins Mtita. 2016. Lightweight Serverless Protocols for the Internet of Things. Theses. Institut National des Télécommunications. Retrieved from https://tel.archives-ouvertes.fr/tel-01355221.
[20]
Collins Mtita, Maryline Laurent, and Jacques Delort. 2016. Efficient serverless radio-frequency identification mutual authentication and secure tag search protocols with untrusted readers. IET Info. Secur. 10, 5 (2016), 262--271.
[21]
Collins Mtita, Maryline Laurent, Damien Sauveron, Raja Naeem Akram, Konstantinos Markantonakis, and Serge Chaumette. 2017. Serverless protocols for inventory and tracking with a UAV. CoRR abs/1708.05417 (2017). Retrieevd from http://arxiv.org/abs/1708.05417.
[22]
Le Trung Nguyen. 2015. A new approach for collecting data in wireless sensor network. https://dspace.cc.tut.fi/dpub/handle/123456789/23073.
[23]
Pierre Paradinas, Julien Cordry, and Samia Bouzefrane. 2007. Performance evaluation of Java card bytecodes. In Information Security Theory and Practices. Smart Cards, Mobile and Ubiquitous Computing Systems, Damien Sauveron, Konstantinos Markantonakis, Angelos Bilas, and Jean-Jacques Quisquater (Eds.). Springer, Berlin, 127--137.
[24]
A. S. Poornima and B. B. Amberker. 2011. Secure data collection using mobile data collector in clustered wireless sensor networks. IET Wireless Sensor Syst. 1, 2 (2011), 85--95.
[25]
Mohsen Pourpouneh, Rasoul Ramezanian, and Fatemeh Salahi. 2014. An improvement over a server-less rfid authentication protocol. Int. J. Comput. Netw. Info. Secur. 7, 1 (2014), 31.
[26]
Masoumeh Safkhani, Pedro Peris-Lopez, Nasour Bagheri, Majid Naderi, and Julio César Hernández Castro. 2012. On the security of Tan et al. serverless RFID authentication and search protocols. RFIDSec 7739 (2012), 1--19.
[27]
Ozgur Koray Sahingoz. 2013. Mobile networking with UAVs: Opportunities and challenges. In Proceedings of the International Conference on Unmanned Aircraft Systems (ICUAS’13). IEEE, 933--941.
[28]
Vishal Sharma, Ilsun You, and Rajesh Kumar. 2016. Energy efficient data dissemination in multi-UAV coordinated wireless sensor networks. Mobile Info. Syst. 2016 (2016).
[29]
Chiu C. Tan, Bo Sheng, and Qun Li. 2007. Severless search and authentication protocols for RFID. In Proceedings of the 5th Annual IEEE International Conference on Pervasive Computing and Communications (PerCom’07). IEEE, 3--12.
[30]
Caimu Tang and Dapeng Oliver Wu. 2008. An efficient mobile authentication scheme for wireless networks. IEEE Trans. Wireless Commun. 7, 4 (2008), 1408--1416.
[31]
Gene Tsudik. 2006. YA-TRAP: Yet another trivial RFID authentication protocol. In Proceedings of the 4th Annual IEEE International Conference on Pervasive Computing and Communications Workshops (PerCom Workshops’06). IEEE, 4--pp.
[32]
Luca Viganò. 2006. Automated security protocol analysis with the AVISPA tool. Electron. Notes Theoret. Comput. Sci. 155 (2006), 61--86.
[33]
Jongho Won, Seung-Hyun Seo, and Elisa Bertino. 2015. A secure communication protocol for drones and smart objects. In Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security. ACM, 249--260.
[34]
Tao Wu, Panlong Yang, Yubo Yan, Xunpeng Rao, Ping Li, and Wanru Xu. 2017. ORSCA: Optimal route selection and communication association for drones in WSNs. In Proceedings of the 5th International Conference on Advanced Cloud and Big Data (CBD’17). IEEE, 420--424.
[35]
Li Zhou, Jinfeng Ni, and Chinya V. Ravishankar. 2006. Supporting secure communication and data collection in mobile sensor networks. In Proceedings of the 25th IEEE International Conference on Computer Communications (INFOCOM’06). IEEE, 1--12.
[36]
Petr Švenda. 2018. The JCAlgTest project. Retrieved from http://http://mesure.gforge.inria.fr.

Cited By

View all
  • (2024)BASUV: A Blockchain-Enabled UAV Authentication Scheme for Internet of VehiclesIEEE Transactions on Information Forensics and Security10.1109/TIFS.2024.346584719(9055-9069)Online publication date: 2024
  • (2023)An Enhanced Lightweight Security Gateway Protocol for the Edge LayerTechnologies10.3390/technologies1105014011:5(140)Online publication date: 12-Oct-2023
  • (2023)Double Polling-Based Tag Information Collection for Sensor-Augmented RFID SystemsIEEE Transactions on Mobile Computing10.1109/TMC.2023.327792523:5(3496-3509)Online publication date: 19-May-2023
  • Show More Cited By

Index Terms

  1. A Lightweight and Secure Data Collection Serverless Protocol Demonstrated in an Active RFIDs Scenario

        Recommendations

        Comments

        Information & Contributors

        Information

        Published In

        cover image ACM Transactions on Embedded Computing Systems
        ACM Transactions on Embedded Computing Systems  Volume 18, Issue 3
        Special Issue on Cryptographic Engineering for IoT: Security Foundations, Lightweight Solutions, and Attacks and Regular Papers
        May 2019
        214 pages
        ISSN:1539-9087
        EISSN:1558-3465
        DOI:10.1145/3323876
        Issue’s Table of Contents
        Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

        Publisher

        Association for Computing Machinery

        New York, NY, United States

        Journal Family

        Publication History

        Published: 02 April 2019
        Accepted: 01 August 2018
        Revised: 01 June 2018
        Received: 01 April 2018
        Published in TECS Volume 18, Issue 3

        Permissions

        Request permissions for this article.

        Check for updates

        Author Tags

        1. Data collection protocol
        2. active RFID nodes
        3. data confidentiality
        4. lightweight cryptography
        5. serverless protocol

        Qualifiers

        • Research-article
        • Research
        • Refereed

        Funding Sources

        • ex-Région Limousin
        • PROFAS B+ program between Algeria and France
        • MIRES research federation
        • Région Nouvelle-Aquitaine

        Contributors

        Other Metrics

        Bibliometrics & Citations

        Bibliometrics

        Article Metrics

        • Downloads (Last 12 months)10
        • Downloads (Last 6 weeks)0
        Reflects downloads up to 08 Feb 2025

        Other Metrics

        Citations

        Cited By

        View all
        • (2024)BASUV: A Blockchain-Enabled UAV Authentication Scheme for Internet of VehiclesIEEE Transactions on Information Forensics and Security10.1109/TIFS.2024.346584719(9055-9069)Online publication date: 2024
        • (2023)An Enhanced Lightweight Security Gateway Protocol for the Edge LayerTechnologies10.3390/technologies1105014011:5(140)Online publication date: 12-Oct-2023
        • (2023)Double Polling-Based Tag Information Collection for Sensor-Augmented RFID SystemsIEEE Transactions on Mobile Computing10.1109/TMC.2023.327792523:5(3496-3509)Online publication date: 19-May-2023
        • (2022)A Brief Overview on Security Challenges and Protocols in Internet of Things Application2022 IEEE International IOT, Electronics and Mechatronics Conference (IEMTRONICS)10.1109/IEMTRONICS55184.2022.9795794(1-7)Online publication date: 1-Jun-2022
        • (2022)Security in Internet of Drones: A Comprehensive ReviewCogent Engineering10.1080/23311916.2022.20290809:1Online publication date: 16-Mar-2022

        View Options

        Login options

        Full Access

        View options

        PDF

        View or Download as a PDF file.

        PDF

        eReader

        View online with eReader.

        eReader

        HTML Format

        View this article in HTML Format.

        HTML Format

        Figures

        Tables

        Media

        Share

        Share

        Share this Publication link

        Share on social media