skip to main content
research-article

A Lightweight and Secure Data Collection Serverless Protocol Demonstrated in an Active RFIDs Scenario

Authors Info & Claims
Published:02 April 2019Publication History
Skip Abstract Section

Abstract

In the growing Internet of Things context, thousands of computing devices with various functionalities are producing data (from environmental sensors or other sources). However, they are also collecting, storing, processing and transmitting data to eventually communicate them securely to third parties (e.g., owners of devices or cloud data storage). The deployed devices are often battery-powered mobile or static nodes equipped with sensors and/or actuators, and they communicate using wireless technologies. Examples include unmanned aerial vehicles, wireless sensor nodes, smart beacons, and wearable health objects. Such resource-constrained devices include Active Radio Frequency IDentification (RFID) nodes, and these are used to illustrate our proposal. In most scenarios, these nodes are unattended in an adverse environment, so data confidentiality must be ensured from the sensing phase through to delivery to authorized entities: in other words, data must be securely stored and transmitted to prevent attack by active adversaries even if the nodes are captured. However, due to the scarce resources available to nodes in terms of energy, storage, and/or computation, the proposed security solution has to be lightweight. In this article, we propose a serverless protocol to enable Mobile Data Collectors (MDCs), such as drones, to securely collect data from mobile and static Active RFID nodes and then deliver them later to an authorized third party. The whole solution ensures data confidentiality at each step (from the sensing phase, before data collection by the MDC, once data have been collected by MDC, and during final delivery), while fulfilling the lightweight requirements for the resource-limited entities involved. To assess the suitability of the protocol against the performance requirements, it was implemented on the most resource-constrained devices to get the worst possible results. In addition, to prove the protocol fulfills the security requirements, it was analyzed using security games and also formally verified using the AVISPA and ProVerif tools.

References

  1. Sheikh Iqbal Ahamed, Farzana Rahman, and Endadul Hoque. 2008. ERAP: ECC-based RFID authentication protocol. In Proceedings of the 12th IEEE International Workshop on Future Trends of Distributed Computing Systems (FTDCS’08). IEEE, 219--225. Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. Raja Naeem Akram, Konstantinos Markantonakis, Keith Mayes, Pierre-François Bonnefoi, Damien Sauveron, and Serge Chaumette. 2017. A secure and trusted protocol for enhancing safety of on-ground airplanes using UAVs. In Proceedings of the Integrated Communications, Navigation and Surveillance Conference (ICNS’17). IEEE, 1--17.Google ScholarGoogle ScholarCross RefCross Ref
  3. Riham Altawy and Amr M. Youssef. 2016. Security, privacy, and safety aspects of civilian drones: A survey. ACM Trans. Cyber-Phys. Syst. 1, 2 (2016), 7. Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. Bruno Blanchet. 2014. Automatic Verification of Security Protocols in the Symbolic Model: The Verifier ProVerif. Springer International Publishing, Cham, 54--87.Google ScholarGoogle Scholar
  5. Olivier Blazy, Pierre-François Bonnefoi, Emmanuel Conchon, Damien Sauveron, Raja Naeem Akram, Konstantinos Markantonakis, Keith Mayes, and Serge Chaumette. 2017. An efficient protocol for UAS security. In Proceedings of the Integrated Communications, Navigation and Surveillance Conference (ICNS’17). IEEE, 1--21.Google ScholarGoogle ScholarCross RefCross Ref
  6. Hui-Ru Cao, Zhi Yang, and Ye-Qian Li. 2016. A mobile WSN sink node using unmanned aerial vehicles: Design and experiment. Int. J. Netw. Mobile Technol. 10, 3 (2016).Google ScholarGoogle Scholar
  7. CNAM-CEDRIC. 2006. The MESURE project. Retrieved from http://http://mesure.gforge.inria.fr.Google ScholarGoogle Scholar
  8. Fausto G. Costa, Jó Ueyama, Torsten Braun, Gustavo Pessin, Fernando S. Osório, and Patrícia A. Vargas. 2012. The use of unmanned aerial vehicles and wireless sensor network in agricultural applications. In Proceedings of the IEEE International Geoscience and Remote Sensing Symposium (IGARSS’12). IEEE, 5045--5048.Google ScholarGoogle Scholar
  9. Miaolei Deng, Weidong Yang, and Weijun Zhu. 2014. Weakness in a serverless authentication protocol for radio frequency identification. In Mechatronics and Automatic Control Systems. Springer, 1055--1061.Google ScholarGoogle Scholar
  10. Danny Dolev and Andrew Yao. 1983. On the security of public key protocols. IEEE Trans. Info. Theory 29, 2 (1983), 198--208. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. Milan Erdelj, Michał Król, and Enrico Natalizio. 2017. Wireless sensor networks and multi-UAV systems for natural disaster management. Comput. Netw. 124 (2017). Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. Bruno S. Faiçal, Fausto G. Costa, Gustavo Pessin, Jó Ueyama, Heitor Freitas, Alexandre Colombo, Pedro H. Fini, Leandro Villas, Fernando S. Osório, Patrícia A. Vargas, et al. 2014. The use of unmanned aerial vehicles and wireless sensor networks for spraying pesticides. J. Syst. Architect. 60, 4 (2014), 393--404.Google ScholarGoogle ScholarCross RefCross Ref
  13. Md Endadul Hoque, Farzana Rahman, Sheikh I. Ahamed, and Jong Hyuk Park. 2010. Enhancing privacy and security of RFID system with serverless authentication and search protocols in pervasive environments. Wireless Personal Commun. 55, 1 (2010), 65--79. Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. Imad Jawhar, Nader Mohamed, Jameela Al-Jaroodi, and Sheng Zhang. 2014. A framework for using unmanned aerial vehicles for data collection in linear wireless sensor networks. J. Intell. Robot. Syst. 74, 1–2 (2014), 437. Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. Heiner Katelyn. 2015. The Future of UAVs (Drones) in Data Collection. Retrieved from http://blog.junipersys.com/future-of-uavs-drones-in-data-collection/.Google ScholarGoogle Scholar
  16. Chin-Feng Lee, Hung-Yu Chien, and Chi-Sung Laih. 2012. Server-less RFID authentication and searching protocol with enhanced security. Int. J. Commun. Syst. 25, 3 (2012), 376--385. Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. Luon-Chang Lin, Shih-Chang Tsaur, and Kai-Ping Chang. 2009. Lightweight and serverless RFID authentication and search protocol. In Proceedings of the 2nd International Conference on Computer and Electrical Engineering (ICCEE’09), Vol. 2. IEEE, 95--99. Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. Parikshit N. Mahalle, Bayu Anggorojati, Neeli Rashmi Prasad, and Ramjee Prasad. 2012. Identity establishment and capability-based access control (IECAC) scheme for internet of things. In Proceedings of the 15th International Symposium on Wireless Personal Multimedia Communications (WPMC’12). IEEE, 187--191.Google ScholarGoogle Scholar
  19. Collins Mtita. 2016. Lightweight Serverless Protocols for the Internet of Things. Theses. Institut National des Télécommunications. Retrieved from https://tel.archives-ouvertes.fr/tel-01355221.Google ScholarGoogle Scholar
  20. Collins Mtita, Maryline Laurent, and Jacques Delort. 2016. Efficient serverless radio-frequency identification mutual authentication and secure tag search protocols with untrusted readers. IET Info. Secur. 10, 5 (2016), 262--271.Google ScholarGoogle Scholar
  21. Collins Mtita, Maryline Laurent, Damien Sauveron, Raja Naeem Akram, Konstantinos Markantonakis, and Serge Chaumette. 2017. Serverless protocols for inventory and tracking with a UAV. CoRR abs/1708.05417 (2017). Retrieevd from http://arxiv.org/abs/1708.05417.Google ScholarGoogle Scholar
  22. Le Trung Nguyen. 2015. A new approach for collecting data in wireless sensor network. https://dspace.cc.tut.fi/dpub/handle/123456789/23073.Google ScholarGoogle Scholar
  23. Pierre Paradinas, Julien Cordry, and Samia Bouzefrane. 2007. Performance evaluation of Java card bytecodes. In Information Security Theory and Practices. Smart Cards, Mobile and Ubiquitous Computing Systems, Damien Sauveron, Konstantinos Markantonakis, Angelos Bilas, and Jean-Jacques Quisquater (Eds.). Springer, Berlin, 127--137. Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. A. S. Poornima and B. B. Amberker. 2011. Secure data collection using mobile data collector in clustered wireless sensor networks. IET Wireless Sensor Syst. 1, 2 (2011), 85--95.Google ScholarGoogle ScholarCross RefCross Ref
  25. Mohsen Pourpouneh, Rasoul Ramezanian, and Fatemeh Salahi. 2014. An improvement over a server-less rfid authentication protocol. Int. J. Comput. Netw. Info. Secur. 7, 1 (2014), 31.Google ScholarGoogle Scholar
  26. Masoumeh Safkhani, Pedro Peris-Lopez, Nasour Bagheri, Majid Naderi, and Julio César Hernández Castro. 2012. On the security of Tan et al. serverless RFID authentication and search protocols. RFIDSec 7739 (2012), 1--19. Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. Ozgur Koray Sahingoz. 2013. Mobile networking with UAVs: Opportunities and challenges. In Proceedings of the International Conference on Unmanned Aircraft Systems (ICUAS’13). IEEE, 933--941.Google ScholarGoogle ScholarCross RefCross Ref
  28. Vishal Sharma, Ilsun You, and Rajesh Kumar. 2016. Energy efficient data dissemination in multi-UAV coordinated wireless sensor networks. Mobile Info. Syst. 2016 (2016).Google ScholarGoogle Scholar
  29. Chiu C. Tan, Bo Sheng, and Qun Li. 2007. Severless search and authentication protocols for RFID. In Proceedings of the 5th Annual IEEE International Conference on Pervasive Computing and Communications (PerCom’07). IEEE, 3--12. Google ScholarGoogle ScholarDigital LibraryDigital Library
  30. Caimu Tang and Dapeng Oliver Wu. 2008. An efficient mobile authentication scheme for wireless networks. IEEE Trans. Wireless Commun. 7, 4 (2008), 1408--1416. Google ScholarGoogle ScholarDigital LibraryDigital Library
  31. Gene Tsudik. 2006. YA-TRAP: Yet another trivial RFID authentication protocol. In Proceedings of the 4th Annual IEEE International Conference on Pervasive Computing and Communications Workshops (PerCom Workshops’06). IEEE, 4--pp. Google ScholarGoogle ScholarDigital LibraryDigital Library
  32. Luca Viganò. 2006. Automated security protocol analysis with the AVISPA tool. Electron. Notes Theoret. Comput. Sci. 155 (2006), 61--86. Google ScholarGoogle ScholarDigital LibraryDigital Library
  33. Jongho Won, Seung-Hyun Seo, and Elisa Bertino. 2015. A secure communication protocol for drones and smart objects. In Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security. ACM, 249--260. Google ScholarGoogle ScholarDigital LibraryDigital Library
  34. Tao Wu, Panlong Yang, Yubo Yan, Xunpeng Rao, Ping Li, and Wanru Xu. 2017. ORSCA: Optimal route selection and communication association for drones in WSNs. In Proceedings of the 5th International Conference on Advanced Cloud and Big Data (CBD’17). IEEE, 420--424.Google ScholarGoogle ScholarCross RefCross Ref
  35. Li Zhou, Jinfeng Ni, and Chinya V. Ravishankar. 2006. Supporting secure communication and data collection in mobile sensor networks. In Proceedings of the 25th IEEE International Conference on Computer Communications (INFOCOM’06). IEEE, 1--12.Google ScholarGoogle Scholar
  36. Petr Švenda. 2018. The JCAlgTest project. Retrieved from http://http://mesure.gforge.inria.fr.Google ScholarGoogle Scholar

Index Terms

  1. A Lightweight and Secure Data Collection Serverless Protocol Demonstrated in an Active RFIDs Scenario

        Recommendations

        Comments

        Login options

        Check if you have access through your login credentials or your institution to get full access on this article.

        Sign in

        Full Access

        PDF Format

        View or Download as a PDF file.

        PDF

        eReader

        View online with eReader.

        eReader

        HTML Format

        View this article in HTML Format .

        View HTML Format
        About Cookies On This Site

        We use cookies to ensure that we give you the best experience on our website.

        Learn more

        Got it!