[attachment=12004]
INTRODUCTION
Sensor networks are applied to various fields ranging from special application fields such as wild environment monitoring, industrial machine measurement and military purpose measurement to daily application fields such as fire monitoring and pollution monitoring. A wireless sensor network is a wire and wireless network, which consists of several sensor nodes deployed in a certain field.
A sensor node should have computation, sensing and wireless communication functions. A wireless sensor network limits the radio frequency channel, due to, that is to say, unstable links, limit of physical protection of each sensor node, actual of each nodes connection, variation topology in addition dangerousness about routing security is high by activity spite nodes. In addition, restrictions of the hardware of the sensor node itself makes it difficult guarantee the maintenance of security because of vulnerability [1], [2].
A sensor network has limited computing and communication resources. To overcome this barrier, collaboration with surrounding nodes is required. In other words, information sharing between hierarchies is required rather than a hierarchical approach. A sensor network generally consists of a large number of sensor nodes for exact sensing and extendibility of sensing areas.
Therefore, attackers can easily capture sensor nodes. And the attacker is able to attack the sensor node itself and the sensor network through a modified attack on the sensor node. Therefore, the security of a sensor network is important. The attestation for sensor nodes suggested by this paper consists of 2 steps.
STEP 1. Inter-connective attestation between surrounding sensor nodes.
STEP 2. If this is any abnormality, the node notifies the BS (Base Station) and requests attestation as to whether there is a damaged node or not. Initial sensor node attestation is carried out by inter-connective sensor nodes, not by the BS. If there is any abnormality, the node notifies the BS. And the BS carries out attestation for the node showing abnormality. Attestation for
the BS and the sensor node uses the authentication protocol method for preventing nodes from being captured.
Total working of wireless sensor networking is based on its construction. Sensor network initially consists of small or large nodes called as sensor nodes. These nodes are varying in size and totally depend on the size because different sizes of sensor nodes work efficiently in different fields. Wireless sensor networking have such sensor nodes which are specially designed in such a typical way that they have a microcontroller which controls the monitoring, a radio transceiver for generating radio waves, different type of wireless communicating devices and also equipped with an energy source such as battery. The entire network worked simultaneously by using different dimensions of sensors and worked on the phenomenon of multi routing algorithm which is also termed as wireless ad hoc networking.
The study of wireless sensor networks is challenging in that it requires an enormous breadth of knowledge from an enormous variety of disciplines. In this chapter we outline communication networks, wireless sensor networks and smart sensors, physical transduction principles, commercially available wireless sensor systems, self-organization, signal processing and decision-making, and finally some concepts for home automation.
Sensor networks are the key to gathering the information needed by smart environments, whether in buildings, utilities, industrial, home, shipboard, transportation systems automation, or elsewhere. Recent terrorist and guerilla warfare countermeasures require distributed networks of sensors that can be deployed using, e.g. aircraft, and have self-organizing capabilities. In such applications, running wires or cabling is usually impractical. A sensor network is required that is fast and easy to install and maintain.
CHAPTER 2:
ATTESTATION TECHNOLOGY
Verification technology for attesting that codes running in each sensor node are not changed is generally used to solve program modification in sensor nodes. Programs by vicious attacks and unexpected error can be detected. By attesting program memory in the memory node of the sensor node under which a modified program for vicious attacks is running, it is possible to detect the sensor node in which programs for vicious attacks and unexpected errors are running [3], [4].
1) Attestation is carried out with software and hardware methods.
2) Hardware attestation is carried out through equipment equipped with hardware developed by TCG (Trusted Computing Group), NGS (Nest-Generation Secure Computing Base), and software attestation is carried out by attesting memory area of sensor node through communication between the sensor nodes of the attester.
3) The SWATT (SoftWare-based ATTestation) method attests for targeted equipment and devices the challenge response protocol.
Hardware-based attestation technology
TPM (Trusted Platform Module) is the hardware-based attestation specified by TCG (Trusted Computing Group),and uses smart cards as reliability devices to achieve Reliability . TPM provides a protected storage area for an advanced hardware engine and an encryption key for creating an arbitrary number, key calculation and hash calculation. TPM is capable of creating and storing symmetric and asymmetric keys, and of executing asymmetrical encryption calculations .
In addition, TPM provides PCRs (Platform Configuration Registers), which are used for storing platform-dependant set values. PCRs are initialized when power is given to them, and the software components (BIOS, boot loader, as, applications) are evaluated as TPM before they are executed; the calculated hash value is stored in a specific PCR [4].
CRTM (Core Root of Trust Measurement) residing in the BIOS, which is first executed when power is given to it, evaluates itself and the BIOS and transfers control to the next software component. All the evaluated components create an SML (Stored Measurement Log) and record the results. The PCR value can be used with SML together for remote equipment to attest the targeted equipment's status, and uses authorization through an AIK (Attestation Identity Key) that is impossible move in order to guarantee the exactness of the PCR value.
Remote equipment is able to prove the integrity of the targeted equipment through verification of authorization, and is able to compare the PCR value. TPM provides a sealing function by which a data block can be connected to a set value for a specific platform. A sealed message consists of range value for the platform-set registry, an unmovable key value, and a sealed data block. If the sealed platform set value is equal to those in the current platform, then TPM performs decryption for the sealed message and transfers it. But the method using the TPM chip is not suitable for a sensor network that has low cost for each sensor node.