Security management should have been a part of network management, but due to the various security vulnerabilities and threats in the public information network used in daily life, security management has always been one of the most difficult and weakest aspects of network management.

As the importance of networks increases, users' demands for network security are also increasing, resulting in the current situation: network management systems mainly deal with fault management, performance management, and configuration management, while security management software is usually developed independently. The wireless module will also encounter the following security issues during the network formation process.

The wireless module shares the same starting point of security as general network security, both of which has to solve the following problems:

Confidentiality issues of the wireless module

All sensitive data must ensure its confidentiality during storage and transmission, so that no one can directly obtain the message content when intercepting physical communication signals.

Message authentication issues of point-to-point the wireless module

When a network node receives a message sent by another node, it can confirm that this packet is indeed sent by the node and not impersonated by others.

Integrity verification issues of the wireless module

When a network node receives a packet, it can confirm that this packet is exactly the same as when it was sent, without being tampered with by intermediate nodes or experiencing communication errors during transmission.

Freshness issues of the wireless module

Data itself has a time limit, and network nodes can determine that the most recently received packet is the latest packet produced by the sender. The freshness problem is generally caused by two reasons: one is caused by the non-deterministic delay of network multipath, which leads to the receiving of packets in the wrong order; the other is caused by the replay attack of malicious nodes.

Authentication multicast/broadcast issues of the wireless module

The certification of multicast/broadcast solves the authentication security issues of a single node sending a unified notice to a group of nodes/all nodes. The sender of the certification broadcast is one, while the receiver is many, so the authentication method is completely different from the point-to-point communication authentication method.

Security management issues of the wireless module

Security management includes two parts: security boot and security maintenance. Security boot refers to the process by which a network system gradually forms a unified and secure network with a predetermined protocol mechanism and secure communication channel protection from a collection of scattered, independent individuals without secure channels protection. 

The security boot process in the Internet includes identity authentication of both communicating parties, negotiation of secure communication encryption/decryption keys/authentication keys, etc. The security boot process is the most important, complex, and challenging content for sensor networks, because various methods for solving security boot problems are not available due to their computational complexity in sensor networks.

Security maintenance mainly studies the key update in communication and the security changes caused by network changes, which is often an extension of the security boot process. Technology of the wireless module is not limited to management and design, these security issues should be fully considered at various levels of network protocols, and the research focus is different.

The physical layer mainly focuses on security coding in considering confidentiality; the confidentiality of the link layer and network layer considers the encryption and decryption technology of data frames and routing information. The research on confidentiality at the application layer is in the process of managing and exchanging keys, providing security support for encryption and decryption technology of lower layers.

Neoway is an advanced technology company that specializes in delivering communication solutions and associated services for the Industrial Internet of Things (IIoT). Our range of products includes neoway N58/N720/G7A/N715/N511/Neo N21/Neo N11/T box automotive. Contact us for more information.