|
Intrusion Tolerance for NEST
This project investigates an intrusion tolerance approach for securing networks
of resource-constrained devices. These devices have limited computational
power, memory, communication bandwidth, and---most important of all---energy
reserve. Existing security mechanisms used to protect general computer
and network systems are too resource-intensive to be applicable. In this
project, we focus on developing two enabling technologies for securing
networks of resource-constrained devices: key management and intrusion
detection.
We are developing low-cost key exchange and authentication protocols that
rely exclusively on symmetric key cryptography. This includes "bootstrapping
protocols" that enable devices to establish secure local links with their
neighbors, in a short time period after the network is deployed. These will be
complemented by authentication and key-exchange protocols for distant nodes,
which will be based on secret sharing and communication via disjoint chains of
intermediaries. A goal of this work is to provide a tunable degree of intrusion
tolerance, with security guarantees even if some network nodes are compromised.
As for intrusion detection, we are researching low-overhead monitoring
techniques for nodes to detect external attacks against themselves (for
example, denial-of-service attacks) as well as for mutual monitoring among
neighbor nodes. Some of these attacks cannot be prevented by using
cryptographic solutions alone. These monitoring mechanisms could be used by
various middleware services including routing and the SRI key exchange
protocols described above to avoid non-trustworthy nodes. Possible responses
to attacks against an individual node may include hibernation or other attempts
to conserve resources, and the generation of alerts for other nodes or a base
station.
Recent Presentations
Funding Agency
Related Sites
Principal Investigator:
Staff Members:
Papers:
|
|