ITU-T X 1313-2012 Security requirements for wireless sensor network routing (Study Group 17)《泛在传感器网络路由的安全要求 17号研究组》.pdf

1、 International Telecommunication Union ITU-T X.1313TELECOMMUNICATION STANDARDIZATION SECTOR OF ITU (10/2012) SERIES X: DATA NETWORKS, OPEN SYSTEM COMMUNICATIONS AND SECURITY Secure applications and services Ubiquitous sensor network security Security requirements for wireless sensor network routing

2、Recommendation ITU-T X.1313 ITU-T X-SERIES RECOMMENDATIONS DATA NETWORKS, OPEN SYSTEM COMMUNICATIONS AND SECURITY PUBLIC DATA NETWORKS X.1X.199 OPEN SYSTEMS INTERCONNECTION X.200X.299 INTERWORKING BETWEEN NETWORKS X.300X.399 MESSAGE HANDLING SYSTEMS X.400X.499 DIRECTORY X.500X.599 OSI NETWORKING AND

3、 SYSTEM ASPECTS X.600X.699 OSI MANAGEMENT X.700X.799 SECURITY X.800X.849 OSI APPLICATIONS X.850X.899 OPEN DISTRIBUTED PROCESSING X.900X.999 INFORMATION AND NETWORK SECURITY General security aspects X.1000X.1029 Network security X.1030X.1049 Security management X.1050X.1069 Telebiometrics X.1080X.109

4、9 SECURE APPLICATIONS AND SERVICES Multicast security X.1100X.1109 Home network security X.1110X.1119 Mobile security X.1120X.1139 Web security X.1140X.1149 Security protocols X.1150X.1159 Peer-to-peer security X.1160X.1169 Networked ID security X.1170X.1179 IPTV security X.1180X.1199 CYBERSPACE SEC

5、URITY Cybersecurity X.1200X.1229 Countering spam X.1230X.1249 Identity management X.1250X.1279 SECURE APPLICATIONS AND SERVICES Emergency communications X.1300X.1309 Ubiquitous sensor network security X.1310X.1339CYBERSECURITY INFORMATION EXCHANGE Overview of cybersecurity X.1500X.1519 Vulnerability

6、/state exchange X.1520X.1539 Event/incident/heuristics exchange X.1540X.1549 Exchange of policies X.1550X.1559 Heuristics and information request X.1560X.1569 Identification and discovery X.1570X.1579 Assured exchange X.1580X.1589 For further details, please refer to the list of ITU-T Recommendation

7、s. Rec. ITU-T X.1313 (10/2012) i Recommendation ITU-T X.1313 Security requirements for wireless sensor network routing Summary Recommendation ITU-T X.1313 provides the security requirements for wireless sensor network routing. It explains the general network topologies and routing protocols in ubiqu

8、itous sensor networks. In addition, this Recommendation analyses the security threats facing wireless sensor networks. History Edition Recommendation Approval Study Group 1.0 ITU-T X.1313 2012-10-14 17 Keywords Routing, security, USN, WSN. ii Rec. ITU-T X.1313 (10/2012) FOREWORD The International Te

9、lecommunication Union (ITU) is the United Nations specialized agency in the field of telecommunications, information and communication technologies (ICTs). The ITU Telecommunication Standardization Sector (ITU-T) is a permanent organ of ITU. ITU-T is responsible for studying technical, operating and

10、 tariff questions and issuing Recommendations on them with a view to standardizing telecommunications on a worldwide basis. The World Telecommunication Standardization Assembly (WTSA), which meets every four years, establishes the topics for study by the ITU-T study groups which, in turn, produce Re

11、commendations on these topics. The approval of ITU-T Recommendations is covered by the procedure laid down in WTSA Resolution 1. In some areas of information technology which fall within ITU-Ts purview, the necessary standards are prepared on a collaborative basis with ISO and IEC. NOTE In this Reco

12、mmendation, the expression “Administration“ is used for conciseness to indicate both a telecommunication administration and a recognized operating agency. Compliance with this Recommendation is voluntary. However, the Recommendation may contain certain mandatory provisions (to ensure, e.g., interope

13、rability or applicability) and compliance with the Recommendation is achieved when all of these mandatory provisions are met. The words “shall“ or some other obligatory language such as “must“ and the negative equivalents are used to express requirements. The use of such words does not suggest that

14、compliance with the Recommendation is required of any party. INTELLECTUAL PROPERTY RIGHTS ITU draws attention to the possibility that the practice or implementation of this Recommendation may involve the use of a claimed Intellectual Property Right. ITU takes no position concerning the evidence, val

15、idity or applicability of claimed Intellectual Property Rights, whether asserted by ITU members or others outside of the Recommendation development process. As of the date of approval of this Recommendation, ITU had not received notice of intellectual property, protected by patents, which may be req

16、uired to implement this Recommendation. However, implementers are cautioned that this may not represent the latest information and are therefore strongly urged to consult the TSB patent database at http:/www.itu.int/ITU-T/ipr/. ITU 2013 All rights reserved. No part of this publication may be reprodu

17、ced, by any means whatsoever, without the prior written permission of ITU. Rec. ITU-T X.1313 (10/2012) iii Table of Contents Page 1 Scope 1 2 References. 1 3 Definitions 1 3.1 Terms defined elsewhere 1 3.2 Terms defined in this Recommendation . 2 4 Abbreviations and acronyms 2 5 Conventions 3 6 Char

18、acteristics of general network topologies and routing protocols on security considerations for wireless sensor networks (WSN) 4 6.1 General features of routing in the configuration of network topology . 4 6.2 General network topologies in the WSN 4 6.3 Characteristics of routing protocols in WSN 5 7

19、 Requirements for secure routing . 7 7.1 Requirements for sensor and base station 7 7.2 Security requirements for the neighbour discovery procedure . 7 7.3 Security requirements for routing set-up and packet delivery 8 7.4 Security dimensions and requirements for secure routing . 8 Appendix I Overvi

20、ew of wireless sensor routing protocols 11 I.1 Examples of existing routing protocols 11 Bibliography. 16 Rec. ITU-T X.1313 (10/2012) 1 Recommendation ITU-T X.1313 Security requirements for wireless sensor network routing 1 Scope Recommendation ITU-T X.1313 describes the security requirements for wi

21、reless sensor network routing and also covers the following: general network topologies and routing protocols for wireless sensor networks (WSN) security threats faced by WSN routing security requirements for WSN routing. 2 References The following ITU-T Recommendations and other references contain

22、provisions which, through reference in this text, constitute provisions of this Recommendation. At the time of publication, the editions indicated were valid. All Recommendations and other references are subject to revision; users of this Recommendation are therefore encouraged to investigate the po

23、ssibility of applying the most recent edition of the Recommendations and other references listed below. A list of the currently valid ITU-T Recommendations is regularly published. The reference to a document within this Recommendation does not give it, as a stand-alone document, the status of a Reco

24、mmendation. ITU-T X.800 Recommendation ITU-T X.800 (1991), Security architecture for Open Systems Interconnection for CCITT applications. ITU-T X.805 Recommendation ITU-T X.805 (2003), Security architecture for systems providing end-to-end communications. ITU-T X.1311 Recommendation ITU-T X.1311| IS

25、O/IEC 29180:2011, Information Technology Security framework for ubiquitous sensor networks. 3 Definitions 3.1 Terms defined elsewhere This Recommendation uses the following terms defined elsewhere: 3.1.1 authentication ITU-T X.800: See data origin authentication and peer-entity authentication in ITU

26、-T X.800. 3.1.2 confidentiality ITU-T X.800: The property that information is not made available or disclosed to unauthorized individuals, entities or processes. 3.1.3 data integrity ITU-T X.800: The property that data has not been altered or destroyed in an unauthorized manner. 3.1.4 key ITU-T X.80

27、0: A sequence of symbols that controls the operation of encipherment and decipherment. 3.1.5 sensor b-ITU-T Y.2221: An electronic device that senses a physical condition or chemical compound and delivers an electronic signal proportional to the observed characteristic. 3.1.6 sensor network b-ITU-T Y

28、.2221: A network comprised of interconnected sensor nodes exchanging sensed data by wired or wireless communication. 3.1.7 threat ITU-T X.800: A potential violation of security. 2 Rec. ITU-T X.1313 (10/2012) 3.1.8 ubiquitous sensor network (USN) b-ITU-T Y.2221: A conceptual network built over existi

29、ng physical networks which makes use of sensed data and provides knowledge services to anyone, anywhere and at any time, and where information is generated by using context awareness. 3.2 Terms defined in this Recommendation This Recommendation defines the following terms: 3.2.1 actuator: A receivin

30、g and transmitting for sensed data. 3.2.2 ad hoc on-demand distance vector (AODV): An on-demand routing protocol that discovers routes on an “as-needed“ basis for wireless ad hoc networks and wireless sensor networks. AODV builds routes using a route request (RREQ) and a route reply (RREP) query cyc

31、le. When a source node desires a route to a destination for which it does not already have a route, it broadcasts a route request (RREQ) packet across the network. Nodes receiving this packet update their information for the source node and set up backward pointers to the source node in the route ta

32、bles. 3.2.3 node integrity: The property wherein the node has not been altered or destroyed in an unauthorized manner. 3.2.4 routing: The process for establishing a communication association between the sensor nodes. Routing involves determining the path, and transporting information through the net

33、work. 3.2.5 sensor network node: A device that contains at least one sensor and zero or more actuators, with the capability of 1) using internal sensor data to control any actuators present, or 2) sending sensor data and receiving actuator commands over the network. 3.2.6 topology: The physical and

34、logical arrangement of the elements of a sensor network. In a WSN, it is represented as a collection of sensor nodes and gateways, some of which are connected by wireless links. 3.2.7 wireless sensor network (WSN): A network that consists of a base station and a large number of sensor nodes with wir

35、eless transmission capability in the sensor networking domain of the USN. 4 Abbreviations and acronyms This Recommendation uses the following abbreviations: ACQUIRE Active query forwarding In sensor networks AES Advanced Encryption Standard AODV Ad hoc On-demand Distance Vector APTEEN Adaptive Perio

36、dic Threshold-sensitive Energy-Efficient sensor Network protocol BS Base Station CADR Constrained Anisotropic Diffusion Routing CDMA Code Division Multiple Access CH Cluster Head DAG Directed Acyclic Graph DAM Distributed Aggregate Management DC Data-Centric DODAG Destination Oriented DAG DoS Denial

37、 of Service Rec. ITU-T X.1313 (10/2012) 3 EBAM Energy-Based Activity Monitoring EMLAM Expectation-Maximization Like Activity Monitoring GBR Gradient-Based Routing GPS Global Positioning System ID Identity IDS Intrusion Detection System IDSQ Information-Driven Sensor Querying IPS Intrusion Prevention

38、 System LEACH Low Energy Adaptive Clustering Hierarchy LML Local Markov Loops MAC Medium Access Control MAC Message Authentication Code MCFA Minimum Cost Forwarding Algorithm MECN small Minimum Energy Communication Network OS Operating System PEGASIS Power-Efficient Gathering in Sensor Information S

39、ystems PHY Physical RPL IPv6 Routing Protocol for Low-power and Lossy networks RREP Route Reply RREQ Route Request RTLS Real-Time Locating Systems SN Sensor Network SOP Self-Organizing Protocol SPIN Sensor Protocols for Information via Negotiation TDMA Time Division Multiple Access TEEN Threshold-se

40、nsitive Energy-Efficient sensor Network protocols TPM Trusted Platform Module USN Ubiquitous Sensor Network WPAN Wireless Personal Area Network WSN Wireless Sensor Network 5 Conventions In this Recommendation: The keywords “is required to“ indicate a requirement which must be strictly followed and f

41、rom which no deviation is permitted, if conformance to this Recommendation | International Standard is to be claimed. The keywords “is recommended“ indicate a requirement which is recommended but which is not absolutely required. Thus, this requirement need not be present to claim conformance. 4 Rec

42、. ITU-T X.1313 (10/2012) The keywords “is prohibited from“ indicate a requirement which must be strictly followed and from which no deviation is permitted, if conformance to this Recommendation | International Standard is to be claimed. The keywords “can optionally“ indicate an optional requirement

43、which is permissible, without implying any sense of being recommended. This term is not intended to imply that the vendors implementation must provide the option and the feature can be optionally enabled by the network operator/service provider. Rather, it means that the vendor may optionally provid

44、e the feature and still claim conformance with this Recommendation. 6 Characteristics of general network topologies and routing protocols on security considerations for wireless sensor networks (WSN) A WSN can be composed of more than one base station and several sensors. The base station can be a w

45、ired node with many resources, or it can have mobility with less computing resources and batteries. The sensors can be dust types for only sensing data, or they can store or route sensed information, for example, a clustering head or parent node which has more computing resources to enable the acqui

46、sition of sensed information from its child sensors, and to enable routing on the configured network topologies. 6.1 General features of routing in the configuration of network topology Routing is initialised as a neighbour discovery procedure. In WSNs, a base station(s) and many sensors are neighbo

47、urs. The discovery procedure differs as determined by the relationship with each composed node on configuring the network topology. Also, redundancy and mobility of the base station should be considered. 6.2 General network topologies in the WSN The WSN nodes are typically organized into one of thre

48、e types of network topology: the star, tree or mesh topology. Figure 1 shows the three basic types of network topology. In a star topology, each node is directly connected to a central node called the base station. In star networking, all sensors communicate with their base station. Neighbour discov

49、ery is thus performed between the base station and the sensors. The base station advertises its existence with its ID and location information periodically, and the sensors send their response register to the base station with their IDs. To maintain the network status actively, the current state would be exchanged between the base station and the sensor. If the base station or any sensor has failed, shut down or moved, the neighbour discovery would be started. As a result