Security Issues in Monitoring Medical Disease Through Vehicular Ad hoc Network - Proceedings of All India Seminar on Biomedical Engineering 2012 (AISOBE-2012)

Biomedical Engineering Reference

In-Depth Information

Fig. 1 Vehicles collect data

from patients and transfer

them to their final destination

Security Goals

To secure an ad hoc network, we consider the following attributes: availability,

confidentiality, integrity, authentication, and nonrepudiation. Availability ensures

the survivability of network services despite denial of service attacks. A denial of

service attack could be launched at any layer of an ad hoc network. On the physical

and media access control layers, an adversary could employ jamming to interfere

with communication on physical channels. On the network layer, an adversary could

disrupt the routing protocol and disconnect the network. On the higher layers, an

adversary could bring down high-level services. One such target is the key man-

agement service, an essential service for any security framework. Confidentiality

ensures that certain information is never disclosed to unauthorized entities. Network

transmission of sensitive information, such as strategic or tactical, medical, military

information, requires confidentiality. Leakage of such information to enemies could

have devastating consequences. Routing information must also remain confidential

in certain cases, because the information might be valuable for enemies to identify

and to locate their targets in a battlefield. Integrity guarantees that a message being

transferred is never corrupted. A message could be corrupted because of benign

failures, such as radio propagation impairment, or because of malicious attacks on

the network. Authentication enables a node to ensure the identity of the peer node it

is communicating with. Without authentication, an adversary could masquerade a

node, thus gaining unauthorized access to resource and sensitive information and

interfering with the operation of other nodes. Finally, nonrepudiation ensures that

the origin of a message cannot deny having sent the message. No repudiation is

useful for detection and isolation of compromised nodes. When a node A receives an

erroneous message from a node B, nonrepudiation allows A to accuse B using this

message and to convince other nodes that B is compromised. There are other security

goals (e.g., authorization) that are of concern to certain applications, but we will not

pursue these issues in this chapter.

Search WWH ::

Custom Search

Home