The proliferation of personal mobile computing devices such as laptops and mo- bile phones, as well as wearable computing devices such as belt computers, digital bracelets and bio-medical sensors has created an opportunity to create a wireless network to share information and resources amongst personal devices. One such paradigm which utilizes pervasive and ubiquitous computing to create a network of personal devices, both in the local vicinity and those at remote locations, is called a Personal Network (PN). The aim of a Personal Network is to provide its users with new and improved services. As Personal Networks edge closer to reality, security becomes an important con- cern since any vulnerability in the system will limit its practical use. However the mobile and constrained nature of its constituting devices places unique requirements on the design of Personal Networks, such as the need for low power consumption and the ability to self organize in the face of intermittent connectivity. One of our conclusions in this regard was that the new characteristics and possibilities offered by Personal Networks mean that old solutions are often not suitable in their current form. Therefore in this thesis we introduce a novel security architecture especially designed for Personal Networks. As people with a network background, our aim was not to develop new PN specific cryptographic protocols, but to develop a model for secure network archi- tecture. In this regard our focus is more on defining mechanisms for access control, rather than the security properties of specific protocols. For instance, we propose mechanisms for device personalization, key management, resource discovery, authen- tication and secure network formation/communication. Our proposals are then ana- lyzed analytically based on the main drivers for our design choices, with some parts evaluated using the Ns-2 network simulator. Where possible we have attempted to reuse existing and well established security protocols, knowing that proposing a novel protocol specific to PNs only introduces the possibility of security flaws common to new protocols. Given the infancy of the PN concept, our first contribution is in promoting the development of this concept as related to security. In this regard we have identified the different architectural components which play a part in enabling security and specified their functional roles. This required an understanding of typical user behavior as well as development of scenarios which highlight the challenges and requirements in connecting heterogeneous personal devices in a self organizing manner. The second main contribution is in designing a secure architecture around these entities which meets the rather unique requirements identified earlier. In this regard we have specified mechanisms for the secure formation and communication in Personal Networks as well as communication between different Personal Networks.
|Qualification||Doctor of Philosophy|
|Award date||9 Apr 2009|
|Place of Publication||Enschede|
|Publication status||Published - 9 Apr 2009|