Securing new objects on the Internet landscape

By now, we are all used to hearing that the advent of mobile devices represents a network security nightmare, but they are hardly the only ones we need to worry about.

Sensor systems, vehicles, home electronic appliances – these are all things for which we will have to find a secure way to use the various communication protocols on which the Internet is based, says João Barros, an Associate Professor with the University of Porto who presented today at the Network and Information Security Summer School organized by ENISA in Greece.

It may look a bit like science fiction, but he claims that communicating vehicles will be a normal thing by 2014. Sensor systems that induce environmentally friendly behavior? Smart buildings that warn you about a fire, where is it, and how to exit safely – not to mention to tell the firefighters what the situation is? All poised to become reality pretty soon.

But how to secure these new “species”? To secure the old ones (PCs, laptops, etc.), we used hashing, symmetric encryption, public key cryptography or access control policies. But these new “species” present new security challenges: low computational power, battery constraints, location-based protocols, and application-specific design.

And it’s because of these challenges that Barros points out that these security solutions should be lightweight, the protocols power-efficient and location-based and the security application-specific.

When it comes to sensor systems, a number of possible solutions have been proposed: trusted-server schemes (but there’s the issue of reliance on a central base station which presents the obvious single point of attack), public-key schemes (but they are too expensive for sensors) and, finally, key pre-distribution schemes that would involve sensor nodes having some 200 keys out of, let’s say, a thousand, and would allow neighboring nodes to have (statistically) at least one key in common, and the revocation of compromised keys without breaking communication.

When it comes to vehicular networks, the professor shared information on some rather interesting testing going on in the city of Porto in Portugal. A prototype network has been set up to include 465 taxis, and by using geo-optimized VANET protocols capable of capturing and disseminating vital information regarding road use, to coordinate an optimum activity.

The cars are connected to the central and between each other. The plan is – with time – to manage the sharing of traffic information and, possibly, even making traffic lights obsolete by following the position and speed of all the cars, and using algorithms to power internal car displays which would tell the driver when to stop and when to proceed freely.

But if we expect our present communications to be secure and accurate, the need for security will be even greater when it comes to relying on these vehicles and sensors. For this to be accomplished, a number of ideas and technologies are currently being explored by Barros and his team – distributed sensing, network coding and physical-layer security.

Just imagine that the information provided by your vehicle or by sensors in the house or a power plant is false – it’s an undeniable recipe for disaster. You could be driving on when you should be stopping, or running towards fire instead of from it. We have to be able to trust these safety messages completely, so the authentication schemes will have to be practically flawless and tamper-proof.