ABSTRACT
WSN security is an evolving and challenging field, as they introduce severe resource restraints due to the lack of data storage and power. These restraints are crucial, as they imply major obstacles to the implementation of traditional security techniques. Along to these underlying restraints, unattended operation and unreliable communication channels make the implementation of traditional security countermeasures even harder. In traditional security policy implementations, the basic tradeoff that guides decision making is cost against higher levels of security. The key concepts of decision support are to achieve a known and measurable level of Confidentiality, Integrity and Availability for every information resource, by spending a given amount of assets that are justified by the value of the information resource that is under examination. This approach leads to a formal procedure that aims to evaluate information resources and to aid decisions regarding the selection of countermeasures. Typically, such a procedure for information systems in general involves a set of predefined steps. Following is a short description of these steps, along with an effort to particularize each step to WSN installations:
Creation of an information asset record, along with the level of access for each information asset and an estimation of the resource's value based on predefined criteria. For each asset, a different value exists for the evaluation of confidentiality, integrity and availability so that these parameters can be evaluated independently. This is important, as different countermeasures are needed in order to protect confidentiality, integrity or availability for each different kind of information asset. This step could be utilized in WSN security designing, in the manner of evaluating the various mote groups that make up a typical WSN. By evaluating each mote group based on predefined criteria regarding confidentiality, integrity and availability, it will be possible to select different countermeasures based on knowledge regarding mote and data value on one hand, and, on the other, power insufficiency for each different mote group.
