| Summary: | 博士 === 國立臺灣大學 === 電機工程學研究所 === 103 === Ensuring the security of communication and access control in Wireless Sensor Networks (WSNs) is of paramount importance due to the resource-restricted sensor nodes and due to nodes ubiquitous and pervasive deployment with varying attributes and degrees of security required. In this thesis, our goal will be to develop a “Secure, Privacy-Preserving, and Efficient Wireless Sensor Networks System” by addressing some problems not well solved in the literature.
We first propose a secure mechanism, called MoteSec-Aware, to address the security issues of secure network protocol and data access control. MoteSec-Aware aims to detect replay and jamming attacks by using a virtual counter manager with a synchronized incremental counter. It also provides an efficient solution by using Key-Lock Matching method to authenticate various rights for a user who wants to access the data stored in storage nodes’ memories. In the sequence, with the consideration of the data being stored in terms of the ciphertext format in storage nodes’ memories for preserving data privacy, we develop a query model, called PCTopk, for functional top-k query with a combination of multiple conditions/dimensions in two-tiered sensor networks to simultaneously preserve data privacy and correctness (i.e., authenticity and integrity). PCTopk constructs a layered authentication tree, cooperated with an order-preserving symmetric encryption technique, for only permitting storage nodes to systematically process inquired data over encryption domain and enabling querists to efficiently verify the authentic and complete query results. To enrich the utilization of our system, we also provide an efficient and secure mechanism, called SER, for anonymous range query in two-tiered sensor networks with the functionality of resisting several known attacks while still providing required operations directly operates on encrypted data for requested queries. SER mainly prevents adversaries from gaining the information processed by or stored in storage nodes’ memories, detects the compromised storage nodes when they misbehave, and verifies the querists’ privileges without knowing their identities when they query a storage node. In addition, we modified Constrained Function-based Authentication (CFA) and incorporated it in the TinyECC-based ring signature, named RFV, to enable querists to hide their identities and enable storage nodes to resist DoS attacks.
|
|---|
