1、 Reference number ISO/IEC 29180:2012(E) ISO/IEC 2012INTERNATIONAL STANDARD ISO/IEC 29180 First edition 2012-12-01 Information technology Telecommunications and information exchange between systems Security framework for ubiquitous sensor networks Technologies de linformation Tlcommunications et chan
2、ge dinformations entre systmes Cadre de scurit pour rseaux de capteurs ubiquitaires ISO/IEC 29180:2012(E) COPYRIGHT PROTECTED DOCUMENT ISO/IEC 2012 All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means, electronic or me
3、chanical, including photocopying and microfilm, without permission in writing from either ISO at the address below or ISOs member body in the country of the requester. ISO copyright office Case postale 56 CH-1211 Geneva 20 Tel. + 41 22 749 01 11 Fax + 41 22 749 09 47 E-mail copyrightiso.org Web www.
4、iso.org Published in Switzerland ii ISO/IEC 2012 All rights reservedISO/IEC 29180:2012(E) ISO/IEC 2012 All rights reserved iiiCONTENTS Page 1 Scope 1 2 Normative references 1 2.1 Identical Recommendations | International Standards 1 2.2 Paired Recommendations | International Standards equivalent in
5、technical content . 1 2.3 Additional references 1 3 Definitions 2 3.1 Terms defined elsewhere . 2 3.2 Terms defined in this Recommendation | International Standard 2 4 Abbreviations . 3 5 Conventions 4 6 Overview 4 7 Threats and security models for ubiquitous sensor networks . 7 7.1 Threat models in
6、 sensor networks . 7 7.2 Threat models in IP networks 10 7.3 Security model for USNs 10 8 General security dimensions for USN 10 9 Security dimensions and threats in ubiquitous sensor networks . 11 9.1 Security dimensions and threats for the message exchange in sensor networks . 11 9.2 Security dime
7、nsion and threats for the message exchange in the IP network . 14 10 Security techniques for ubiquitous sensor networks . 14 10.1 Key management . 14 10.2 Authenticated broadcast 15 10.3 Secure data aggregation 16 10.4 Data freshness . 17 10.5 Tamper-resistant module . 17 10.6 USN middleware securit
8、y . 17 10.7 IP network security . 17 10.8 Sensor node authentication 18 10.9 Privacy protection in sensor networks . 18 11 Specific security functional requirements for USN 18 11.1 Mandatory functional requirement 18 11.2 Recommended functional specifications . 18 11.3 Optional functional specificat
9、ions . 18 Annex A Key management in sensor networks 20 A.1 Threat time 20 A.2 Key management classes . 20 A.3 Key schemes 21 Annex B Authenticated broadcast in sensor networks: TPC 23 B.1 Construction of TPC . 23 B.2 Construction of TPCT . 24 B.3 Authenticated broadcast 25 Annex C Authentication mec
10、hanisms in sensor networks 26 C.1 XOR-based mechanism . 26 C.2 Hash-based mechanism . 27 C.3 Public key-based authentication 29 Annex D Secure data aggregation in sensor networks 32 D.1 Elect aggregation node and supervisor 32 D.2 Implementation of supervisor functions 33 D.3 Upload supervising mess
11、age . 33 D.4 Determine the trust of aggregation nodes 33 ISO/IEC 29180:2012(E) iv ISO/IEC 2012 All rights reservedPage D.5 Send revocation message 33 Bibliography 34 ISO/IEC 29180:2012(E) ISO/IEC 2012 All rights reserved vForeword ISO (the International Organization for Standardization) and IEC (the
12、 International Electrotechnical Commission) form the specialized system for worldwide standardization. National bodies that are members of ISO or IEC participate in the development of International Standards through technical committees established by the respective organization to deal with particu
13、lar fields of technical activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the work. In the field of information technology, ISO and IEC have establi
14、shed a joint technical committee, ISO/IEC JTC 1. International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2. The main task of the joint technical committee is to prepare International Standards. Draft International Standards adopted by the joint technica
15、l committee are circulated to national bodies for voting. Publication as an International Standard requires approval by at least 75 % of the national bodies casting a vote. Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. ISO and I
16、EC shall not be held responsible for identifying any or all such patent rights. ISO/IEC 29180 was prepared by Joint Technical Committee ISO/IEC JTC 1, Information technology, Subcommittee SC 6, Telecommunications and information exchange between systems, in collaboration with ITU-T. The identical te
17、xt is published as Rec. ITU-T X.1311 (02/2011). Introduction This Recommendation | International Standard describes the security threats to and security requirements of the ubiquitous sensor network. In addition, this Recommendation | International Standard categorizes the security technologies acco
18、rding to the security functions that satisfy the said security requirements and where the security technologies are applied in the security model of ubiquitous sensor networks. Finally, the security functional requirements and security technologies for the ubiquitous sensor networks are presented. I
19、SO/IEC 29180:2012(E) vi ISO/IEC 2012 All rights reservedISO/IEC 29180:2012 (E) Rec. ITU-T X.1311 (02/2011) 1 INTERNATIONAL STANDARD RECOMMENDATION ITU-T Information technology Security framework for ubiquitous sensor networks 1 Scope The recent advancement of wireless-based communication technology
20、and electronics has facilitated the implementation of a low-cost, low-power sensor network. Basically, a ubiquitous sensor network (USN) consists of three parts: a sensor network consisting of a large number of sensor nodes, a base station (also known as a gateway) interfacing between the sensor net
21、works and an application server, and the application server controlling the sensor node in the sensor network or collecting the sensed information from the sensor nodes in the sensor network. USN can be an intelligent information infrastructure of advanced e-Life society, which delivers user-oriente
22、d information and provides knowledge services to anyone anytime, anywhere and wherein information and knowledge are developed using context awareness by detecting, storing, processing, and integrating the situational and environmental information gathered from sensor tags and/or sensor nodes affixed
23、 to anything. Since there are many security and privacy threats in transferring and storing information in the USN, appropriate security mechanisms may be needed to protect against those threats in the USN. This Recommendation | International Standard describes the security threats to and security r
24、equirements of the ubiquitous sensor network. In addition, this Recommendation | International Standard categorizes the security technologies according to the security functions that satisfy the said security requirements and where the security technologies are applied in the security model of the U
25、SN. Finally, the security requirements and security technologies for the USN are presented. 2 Normative references The following Recommendations and International Standards contain provisions which, through reference in this text, constitute provisions of this Recommendation | International Standard
26、. At the time of publication, the editions indicated were valid. All Recommendations and Standards are subject to revision, and parties to agreements based on this Recommendation | International Standard are encouraged to investigate the possibility of applying the most recent edition of the Recomme
27、ndations and Standards listed below. Members of IEC and ISO maintain registers of currently valid International Standards. The Telecommunication Standardization Bureau of the ITU maintains a list of currently valid ITU-T Recommendations. 2.1 Identical Recommendations | International Standards None.
28、2.2 Paired Recommendations | International Standards equivalent in technical content Recommendation ITU-T X.800 (1991), Security architecture for Open Systems Interconnection for CCITT applications. ISO/IEC 7498-2:1989, Information processing systems Open Systems Interconnection Basic Reference Mode
29、l Part 2: Security Architecture. Recommendation ITU-T X.805 (2003), Security architecture for systems providing end-to-end communications. ISO/IEC 18028-2:2006, Information technology Security techniques IT network security Part 2: Network security architecture. 2.3 Additional references Recommendat
30、ion ITU-T H.235.0 (2005), H.323 security: Framework for security in H-series (H.323 and other H.245-based) multimedia systems. Recommendation ITU-T X.1111 (2007), Framework of security technologies for home network. Recommendation ITU-T X.1191 (2009), Functional requirements and architecture for IPT
31、V security aspects. ISO/IEC 29180:2012 (E) 2 Rec. ITU-T X.1311 (02/2011) Recommendation ITU-T Y.2221 (2010), Requirements for support of ubiquitous sensor network (USN) applications and services in the NGN environment. Recommendation ITU-T Y.2701 (2007), Security requirements for NGN release 1. FIPS
32、 PUB 140-2 (2001), Security Requirements for Cryptographic Modules. 3 Definitions 3.1 Terms defined elsewhere This Recommendation | International Standard uses the following terms defined elsewhere: 3.1.1 Terms from FIPS PUB 140-2 a) key transport b) tamper detection c) tamper evidence d) tamper res
33、ponse. 3.1.2 Terms from Rec. ITU-T Y.2221 a) sensor b) sensor network c) USN middleware d) ubiquitous sensor network (USN). 3.1.3 Terms from Rec. ITU-T H.235.0 a) attack. 3.1.4 Terms from Rec. ITU-T X.1191 a) tamper-resistant. 3.1.5 Terms from Rec. ITU-T X.800 | ISO/IEC 7498-2 This Recommendation |
34、International Standard uses the following terms, which are defined elsewhere: a) access control b) authentication c) authorization d) confidentiality e) data origin authentication f) denial of service g) digital signature h) integrity i) key j) key management k) peer-entity authentication l) privacy
35、 m) repudiation n) security policy o) threat. 3.2 Terms defined in this Recommendation | International Standard For the purposes of this Recommendation | International Standard, the following definitions apply: 3.2.1 aggregator node: Sensor node that performs the data aggregation function in a senso
36、r network. ISO/IEC 29180:2012 (E) Rec. ITU-T X.1311 (02/2011) 3 3.2.2 bootstrapping: Refers to a process performed in a secure context prior to the deployment of the sensor node to establish a security association between the sensor nodes that may have been initialized with credentials, enabling a s
37、ensor node to communicate securely with other sensor nodes after their deployment. 3.2.3 credentials: Set of security-related information consisting of keys, keying materials, and cryptographic algorithm-related parameters permitting a successful interaction with a security system. 3.2.4 data aggreg
38、ation: In-network process that transfers the aggregation value to the sink node by combining the sensed values sent by a number of sensor nodes into concise digest. 3.2.5 group-wise key: Refers to a key that is used to protect multicast communications among a set of sensor nodes over a shared wirele
39、ss link. 3.2.6 intrusion detection: Process of monitoring the events occurring in a computer system or a network and analysing them for intrusions. 3.2.7 key agreement: A key establishment procedure (either manual or electronic) where the resultant key is a function of information by two or more par
40、ticipants, so that no party can predetermine the value of the key independently of the other partys contribution. 3.2.8 key establishment: Process by which cryptographic keys are securely established among sensor nodes using key transport and/or key agreement procedures. 3.2.9 pair-wise key: It refe
41、rs to a key that is used to protect unicast communication between a pair of sensor nodes over a single wireless link. 3.2.10 resilience: Ability to recover from security compromises or attacks. 3.2.11 secure data aggregation: Data aggregation that ensures the integrity of the results in the presence
42、 of a small number of malicious aggregation nodes that may be attempting to influence the result. 3.2.12 tamper-resistant module: A device designed to make it difficult for attackers to gain access to sensitive information contained in the module. 4 Abbreviations For the purposes of this Recommendat
43、ion | International Standard, the following abbreviations apply: BNode Broadcast Node BS Base Station CDMA Code Division Multiple Access DDoS Distributed Denial of Service DoS Denial of Service ECDH Elliptic Curve Diffie-Hellman FP Feature Parameters GSM Global System for Mobile Communications HSDPA
44、 High Speed Downlink Packet Access ID Identity MAC Medium Access Control; Message Authentication Code NGN Next-Generation Network PHY physical layer RFID Radio-Frequency IDentification SN Sensor Network TPM Trusted Platform Module USN Ubiquitous Sensor Network WCDMA Wideband CDMA WiMAX Worldwide Int
45、eroperability for Microwave Access WLAN Wireless Local Area Network WSN Wireless Sensor Network ISO/IEC 29180:2012 (E) 4 Rec. ITU-T X.1311 (02/2011) 5 Conventions In this Recommendation | International Standard: The keywords “is required to“ indicate a requirement which must be strictly followed and
46、 from which no deviation is permitted, if conformance to this Recommendation | International Standard is to be claimed. The keywords “is recommended“ indicate a requirement which is recommended but which is not absolutely required. Thus this requirement need not be present to claim conformance. The
47、keywords “is prohibited from“ indicate a requirement which must be strictly followed and from which no deviation is permitted, if conformance to this Recommendation | International Standard is to be claimed. The keywords “can optionally“ indicate an optional requirement which is permissible, without
48、 implying any sense of being recommended. This term is not intended to imply that the vendors implementation must provide the option and the feature can be optionally enabled by the network operator/service provider. Rather, it means the vendor may optionally provide the feature and still claim conf
49、ormance with this Recommendation | International Standard. 6 Overview Figure 1 shows the major application areas for USN including home network application, pollution monitoring, fire monitoring, telemetry applications for utility companies (electricity, gas, water, etc.), urban resource monitoring/management applications (e.g., smart city infrastructure), and flood monitoring. Home network Disaster/crisis management Structural health monitoring Home utility control Pollution monitoring Fire monitoring Flood
