a) Perceptual Layer: Usually perceptual nodes are short
of computer power and storage capacity because they are simple and with less
power. Therefore, it is unable to apply frequency hopping communication and
public key encryption algorithm to security protection. And it is very
difficult to set up security protection system. Meanwhile attacks from the
external network such as deny of service also bring new security problems. In
the other hand sensor data still need the protection for integrity,
authenticity and confidentiality.
Although the core network has relatively complete safety protection ability,
but Man-in-the Middle Attack and counterfeit attack still exist, meanwhile junk
mail and computer virus cannot be ignored, a large number of data sending cause
congestion. Therefore, security mechanism in this level is very important to
the mass data processing and intelligent decision of network behaviour in this
layer, intelligent processing is limited for malicious information, so it is a
challenge to improve the ability to recognize the malicious information.
Application Layer: In this level security needs for different application
environment are different, and data sharing is that one of the characteristics
of application layer, which creating problems of data privacy, access control
and disclosure of information.
to the above analysis, we can summarize the security requirements for each
level in the following, as shown in Fig. 2.
Perceptual Layer: At first node authentication is necessary to prevent
illegal node access; secondly to protect the confidentiality of information
transmission between the nodes, data encryption is absolute necessity; and
before the data encryption key agreement is an important process in advance;
the stronger are the safety measures,
the more is consumption of resources, to solve this problem, lightweight
encryption technology becomes important, which includes Lightweight cryptographic
algorithm and lightweight cryptographic protocol. At the same time the
integrity and authenticity of sensor data is becoming research focus, we will
discuss this question more in-depth in the next section.
b) Network Layer: In this layer
existing communication security mechanisms are difficult to be applied.
Identity authentication is a kind of mechanism to prevent the illegal nodes,
and it is the premise of the security mechanism, confidentiality and
internality are of equal importance, thus we also need to establish data
confidentiality and internality mechanism. Besides distributed denial of
service attack (DDoS) is a common attack method in the network and is
particularly severe in the internet of thing, so to prevent the DDOS attack for
the vulnerable node is another problem to be solved in this layer.
Support layer needs a lot of the application security architecture such as
cloud computing and secure multiparty computation, almost all of the strong
encryption algorithm and encryption protocol, stronger system security
technology and anti-virus.
d) Application Layer: To solve the
security problem of application layer, we need two aspects. One is the
authentication and key agreement across the heterogeneous network, the other is
user’s privacy protection. In addition, education and management are very important
to information security, especially password management.