Catálogo de publicaciones - libros

A wireless LAN service integration architecture based on current wireless LAN hotspots is proposed to make migrating to new service cost effective. The AAA (Authentication, Authorization and Accounting) based mobile terminal registration signaling process is discussed. An application layer end-to-end authentication and key negotiation protocol is proposed to overcome the open air connection problem existing in wireless LAN deployment. The protocol provides a general solution for Internet applications running on a mobile station under various authentication scenarios and keeps the communications private to other wireless LAN users and foreign networks. A functional demonstration of the protocol is also given. The research results should contribute to rapid deployment of wireless LANs hotspot service.

Wireless Local Area Networks (WLANs) are vulnerable to malicious attacks due to their open shared medium. Consequently, provisioning enhanced security with strong cryptographic features and low performance overhead becomes exceedingly necessary to actualize real-time services in WLANs. In order to exploit full advantage of existing security protocols at various layers, we study the cross-layer interactions of security protocols in WLANs under different network scenarios. In particular, we present a detailed experimental study on the integration of commonly used security protocols such as WEP, 802. lx and EAP, IPsec and RADIUS. First, we classify individual and hybrid policies, and then, define and cost functions to analyze security strength and overhead, quantitatively, of each policy. By setting-up an experimental testbed, we measure performance cost of various policies in terms of authentication time, cryptographic cost and throughput using TCP/UDP traffic streams. Our results demonstrate that in general, the stronger the security, the more signaling and delay overhead, whereas, the overhead does not necessarily increase monotonically with the security strength. Therefore, it is suggested to provide substantial security at a reasonable cost of overhead with respect to mobile scenarios and traffic streams. Also, we notice that authentication time will be a more significant factor contributing towards QoS degradation than cryptographic cost, which is critical to real-time service in wireless networks.

High quality healthcare is an important aspect of the modern society. In this chapter we address the security and networking architecture of a healthcare information system comprised of patients ’ personal sensor networks, department/room networks, hospital network, and medical databases. Areas such as diagnosis, surgery, intensive care and treatment, and patient monitoring would greatly benefit from light untethered devices which can be unobtrusively mounted on patient ’s body in order to monitor and report health-relevant variables to the interconnection device mounted on the patient ’s bed. Interconnection device should also have larger range wireless interface which should communicate to the access point in the patient ’s room, operation room or to the access points within the healthcare institution. The results of measurements will then be stored in central medical database with appropriate provisions for protecting the patient privacy as well as the integrity of personal health records. We review confidentiality and integrity polices for clinical information systems and discuss the feasible enforcement mechanisms over the wireless hop. We also compare candidate technologies IEEE 802.15.1 and IEEE 802.15.4 from the aspect of resilience of MAC and PHY layers to jamming and denial-of-service attacks.

In the near future, sensor networks are going to be a part of everyday life. Traffic monitoring, military tracking, building safety, pollution monitoring, wildlife monitoring, patient security are some of the applications in sensor networks. Sensor networks vary in size and can consist of 10 to 1,000,000 sensor nodes. They can be deployed in a wide variety of areas, including hostile environments, demanding secure measures for data transfer. Sensor nodes used to form these networks are resource-constrained, which makes these types of security applications a challenging problem. A basic technique to protect data is encryption; but, due to resource constraints, achieving necessary key agreement for encryption is not easy. Many key establishment techniques have been designed to address this challenge, but which scheme is the most effective is still debatable. Our work aimed to generate a brief knowledge about different key management schemes and their effectiveness. We noticed that no key distribution technique is ideal to all the scenarios where sensor networks are used; therefore the techniques employed must depend upon the requirements and resources of each individual sensor network.

Both mobile ad hoc networks and wireless sensor networks are gaining popularity due to the fact that they promise viable solutions to a variety of applications. A Mobile Ad hoc NET-work (MANET) consists of a collection of wireless hosts that are capable of communicating with each other without use of a network infrastructure or any centralized administration. A wireless sensor network (WSN) consists of tiny senor nodes with sensing, computation, and wireless communication capabilities. In sensor networks, hundreds or thousands of nodes with low-power, low-cost, and possibly mobile but more likely at fixed locations, collectively monitor an area. However, both MANETs and WSNs are vulnerable to different attacks due to their fundamental characteristics such as open medium, dynamic topology, absence of central administration, distributed cooperation, and constrained capability. Before mobile ad hoc and sensor networks can be successfully deployed, security issues must be addressed. In this chapter we introduce security attacks on MANETs and WSNs and review the recent approaches of secure network routing protocols in both mobile ad hoc and sensor networks.