Sensor Network Security - Networked Embedded Systems - page 231

Image Processing Reference

In-Depth Information

FIGURE .

Aggregating data in a sensor network.

10.6 Secure Data Aggregation

As already mentioned in the introduction, data from different sensors is supposed to be aggre-

gated on its way toward the base station (see also Figure .). This raises the two questions, how

to ensure authenticity and integrity of aggregated data, and how to ensure confidentiality of data to

be aggregated? Concerning authentication and integrity of data reported toward the base station,

if every sensor would add an MAC to its answer to ensure data origin authentication, all (answer,

MAC)-tuples would have to be sent to the base station to enable checking of the authenticity. This

shows that individual MACs are not suitable for data aggregation. However, if only the aggregating

node added one MAC, a subverted node could send arbitrary data regardless of the data sent by

sensors.

At GlobeCom', Du et al. proposed a scheme [DDHVb] that allows a base station to “check

the integrity” of an aggregated value based on endorsements provided by so-called witness nodes.

The basic idea of this scheme is that multiple nodes perform data aggregation and compute an MAC

over their result. his requires individual keys between each node and the base station. To allow for

aggregated sending of data, some nodes act as so-called data fusion nodes, aggregating sensor data

and sending it toward the base station. As a data fusion node could be a subverted or malicious node,

its result needs to be endorsed by witness nodes. For this, neighboring nodes receiving the same

sensorreadingscomputetheirownaggregatedresult,computeanMACoverthisresultandsendit

to the data fusion node. The data fusion node computes an MAC over its own result and sends it

together with all received MACs to the base station. Figure . illustrates this approach.

In more detail, the scheme is described in Ref. [DDHVb] as follows:

• Sensor nodes S  , S  , ..., S n collect data from their environment and make binary decisions

b  , b  , ..., b n (e.g., fire detected) based on some detection rules.

• Every sensor node sends its decision to the data fusion node F ,whichcomputesan

aggregated decision SF .

• Neighboring witness nodes w  , w  , ..., w m also receive the sensor readings and compute

their own fusion results s  , s  , ..., s m .Every w i computes a message authentication code

MAC i with key k i it shares with the base station, MAC i

∶=

h

(

s i , w i , k i

)

, and sends it to

thebasestation.

Next Page

Networked Embedded Systems

Search WWH ::

Custom Search

Home