We do not discuss these particular
assumptions in this chapter.
3.2 Security Objectives
The ultimate security objective is to provide confidentiality, integrity, authenticity,
and availability of all messages in the presence of resourceful adversaries.
Every eligible receiver should receive all messages intended for it and be able
to verify the integrity of every message as well as the identity of the sender.
Adversaries should not be able to infer the contents of any message. In conventional
computer networks, the primary security goal is reliable delivery of
messages, i.e., protection against denial of service attack. Message authenticity,
integrity, and confidentiality are usually achieved by an end-to-end security
mechanism such as SSH or SSL. The reason is because the dominating
tra?±c pattern is end-to-end communication, where it is neither necessary nor
desirable for the contents of the message (beyond the necessary headers) to
be available to the intermediate routers.
However, the dominant tra?±c pattern in sensor networks is many-to-one,
with many sensor nodes sending data to a base station. In-network processing
such as data aggregation, duplicate elimination, or data compression is very
important for sensor networks to run in an energy-e?±cient manner. Since innetwork
processing requires intermediate nodes to access, modify, and possibly
suppress the contents of messages, it is highly unlikely that end-to-end security
mechanisms between a sensor node and a base station can be used to guarantee
integrity, authenticity, and confidentiality of such messages.
Pages:
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647