A Cloud Security Framework for a Data Centric WSN Application

Download PDF
29 downloads 193314 Views 624KB Size Report
Comment
Cloud Computing; Sensor network; security model; Data ... resource management, data management, security issues etc. that ..... Addressing cloud computing.
A Cloud Security Framework for a Data Centric WSN Application Sayantani Saha School of Mobile Computing and Communication Jadavpur University Kolkata, India

[email protected]

Rounak Das, Suman Datta Sarmistha Neogy Department of Computer Science and Engineering Jadavpur University Kolkata, India

[email protected] ABSTRACT Data centric applications like remote healthcare application designed on a WSN-Cloud computing integrated architecture requires attention to its secure data management mechanism. A huge amount of data is generated in a health care application, which needs to be managed efficiently so that fast and reliable data communication and access can take place among the end users. In this research work we have proposed a flexible security model especially for data centric applications in cloud computing based scenario. This security model ensures data confidentiality, data integrity and fine grained access control to the application data. The objective of this work is to propose a secure framework to assist users at remote locations by considering the interoperability among different security solutions.

CCS Concepts Security and privacy~Privacy-preserving protocols

Keywords Cloud Computing; Sensor network; security model; Data confidentiality; data integrity; access control; Symmetric Encryption; ECDH. .

1. INTRODUCTION Cloud computing [1] is emerging as the most powerful platform for IT based applications. Attractive features like Infrastructure as a service (IAAS), software as a service (SAAS), platform as a service (PAAS) are the main reasons for overwhelming adaptation of this technology. These features make the platform more robust, dynamic, and scalable. Resource restricted applications are well suited for this platform where storage, computing are offered on demand. Inherently wireless sensor network (WSN) is resource constrained in terms of memory, energy, computation and storage. Moreover, the sensors have to perform various functionalities, like data sensing, data acquisition, data processing, data transmission. data security maintenance, to seamlessly maintain the flow in the network. The multitasking features with restricted resources invite Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. ComNetIoT 2016, January 04, 2016, Singapore ยฉ 2016 ACM. ISBN 978-1-4503-4032-8/16/01โ€ฆ$15.00

DOI: http://dx.doi.org/10.1145/2833312.2849559

cloud computing platform to harbour support for more resources, better computation and better execution of the application. Cloud computing technology can be developed to work as a strong backbone [2] for WSN based applications. Cloud storage may be used to store huge volume of data generated in WSNs and cloud computation facilities may be used to compute, analyze and mine such data. However researchers are faced with challenges like resource management, data management, security issues etc. that develop due to these adaptations. In this paper, our focus is mainly on data security in sensor-cloud based application. In the context of reliable and efficient data transmission, any wireless application is subject to various security threats. It is relatively easy for an intruder to perceive the network traffic and cause security hazards. Hence communication need to be secure during the process of transmitting data from WSN to cloud storage. It is also very important to preserve privacy during data share methodology of sensitive data. Another big issue in the cloud environment is the fear of losing control over data from the users perspective. Therefore, the adopting organizations try to impose their own security policy to control the access strategy to their data. The cloud must be flexible enough to adopt this security policy to restrict data access. Therefore, any cloud based application should be designed in such a way that basic security requirements are met. The basic security aspects comprise authentication and authorization, integrity as well as confidentiality. The present work considers health care application for patients in remote villages, specifically in India. In this remote health care application, patient health data is collected at remote locations using either body area network [3] (BAN) or using health kit [4] by healthcare personnel. This patient health record along with other basic information are uploaded to cloud storage in a timely manner, so that these information are available to the doctor or other appropriate users as and when necessary. These health records also contain sensitive data in terms of social, ethical, and legal aspects of medical science. The privacy of the patient data must be maintained during data transmission, data storage and data access. Data access must be designed in such a manner that only the authorized personnel could access the data. The doctor or the health care personnel should access the patient data stored in the cloud storage and generate the medical health reports, advices, accordingly. Based on this analysis the treatment is carried on. The challenge is to maintain all security factors [5] in place and control the overhead while providing fast and on time access. The present work describes a framework for data confidentiality and fine grained access methodology for a cloud based remote health care application. There are reported

works that proposed frameworks for such scenario. The research work in [6] provides a fusion platform for data management in healthcare application. However, the authors designed the application based on patient centric health data management system. Recent works emerged with new encryption techniques like Role Based Access Control (RBAC), Homomorphic Encryption [7,10] techniques, Attribute based encryptions (ABE) [8], Private Information Retrieval Technique (PIR) [9] etc. The researchers in [9] used full homomorphic encryption technology for data confidentiality and ease of access in cloud storage. Homomorphic encryption technique allows direct query on encrypted data. However, this has processing overhead. It is also very slow in terms of data processing. Researchers have used attribute based encryption for better access control mechanism. ABE mechanism also suffers from slow computation issues, therefore symmetric key encryption using ABE is proposed in [11] to minimize data decryption time. Some researchers [12] also used data anonymizer techniques to tackle the privacy issue in sensor cloud architecture. This work addresses key management issues. The next section describes the objective behind the research work and section III describes the proposed methodology. Section IV details out the implementation mechanisms. Section V analyzes the security and performance of the implementation. The paper is concluded in section VI.

2. MOTIVATION Security is a vital issue in data centric applications where data has to be transmitted through heterogeneous medium. Cloud computing technology offers scalable, on demand data storage services along with easy sharing of data anywhere. These features demand strong and flexible security mechanism to manage application generated data. The main objective of our work is to provide strong privacy protection mechanism of sensitive information against unauthorized access. The other objective is to establish secure channel for data communication that could tackle attacks like MITM, DoS [18,19]. In our framework the data contributor has the provision to customize the control on data and its security perspective. Basically a user specific security requirement and possible solution is emphasized in this work. Storing sensitive health data over untrusted storage of cloud environment requires a robust cryptographic technique to maintain the data confidentiality and preserve the necessary

3. PROPOSED METHODOLOGY Cloud computing technology allows storing huge amount of data. The concept is that of having an infinite data storage. However, this feature must be coupled with a minute data management scheme to handle the data itself. In our previous work [14] we have described a data flow model that involves smart and intelligent data processing methods including cooperative computing within the sensor networks and filtering and compression of data at gateway. In this paper we concentrate on the data format and the security techniques for a fast, secure and efficient processing and access of the data. As already stated, we consider remote health care application. Patient health records consist of personal information, any history information regarding health particulars or related information (optional), symptoms reported by the patient, medical test reports (optional) and the advice by doctors.

3.1 Data Format For the ease of web based data communication and common standard, we have chosen XML based data format. XML [13] format is not only well suited for data exchange but is also better as a logical data model. XML provides an attribute based semi structured data model. However, going into the details of XML based data model is out of the scope of this paper. There are many specific standards for addressing the patient health records like EHR (Electronic Health Records) [15], HL7 format etc. Revealing entire information to user may put the patient and other stakeholders at risk. The information may contain some sensitive data which must be prevented from accessing by a particular set of users. Therefore, there should be some restriction policy to handle the data access permission. We have proposed one methodology to handle the issue. We first separate the data parts based on the sensitivity of the information. Each data segment contains some specific information about the patient health data. Now, whenever a user requests for the patient health information, the entire health data could not be accessed by him/her. S/he gets access to that part/s of the data for which s/he has permission. Permission is given based on the user role, data sensitivity and data access policy. Thus restricted access to data is achieved. We assume here patient data to be segmented into two parts. One part will contain the header information. Another part will contain the detailed description about the patient and his/her health related information. The second part is again partitioned into a few segments for better access management strategy. The segmented patient data would further be encrypted using different cryptographic techniques. The user having access to specific segment data, will be provided with the key for that particular segment. Therefore, role-based access right could be maintained. Figure 1 shows the data layout used in this scenario.

privacy.

Therefore, the data model could be represented as: Figure 1. Data Format.

The cryptographic solution should be such that it allows data access through different insecure interfaces. It should also provide scalability and fine grain access control. However, any cryptographic technique comes with the inherent issue of key management. Our research motivation comes from the requirement of considering all these issues together to design a security model for the remote health care application in WSNcloud environment.

๐’

๐‘ท๐’‚๐’•๐’Š๐’†๐’๐’• ๐‘ซ๐’‚๐’•๐’‚ ๐‘ท๐‘ซ = ๐‡๐ž๐š๐๐ž๐ซ +

[ ๐‘บ๐’†๐’ˆ๐ข ]] ๐ฐ๐ก๐ž๐ซ๐ž ๐ง > 0. ๐’Š!๐ŸŽ

3.2 The Security Model Figure 2 depicts the security model of the application based on WSN โ€“ cloud integration architecture. This security model is based on providing data security as well as system security. This model shows the diversity of demands for data security at different levels of data flow in the system. Initially, integrity of the sensed data along with secure communication of the data to the sensor gateway

need to be maintained while collecting the sensor data. The data storage migration (from local to cloud) should also adopt security mechanism for secure transmission. Security issues related to storage generally comes in cloud environment with the virtual storage space. Each cloud provider follows its inbuilt security mechanism to solve its issue. Finally retrieval of data from cloud storage also demands secure access mechanism. Therefore, the following fundamental aspects need to be ensured while providing information and system security solution to this model. Confidentiality and Access Control: Various encryption techniques are available to protect data from an intruder. We have described the details of the encryption techniques adopted to meet data confidentiality property. Integrity: Unauthorized tampering of data while in transmission, could affect the consistency and accuracy of information. In remote health care application, data may get altered, overlapped, or deleted during migration from local storage to cloud storage, thereby causing information loss. The variants of Secure Hash Algorithm like SHA- 224, SHA-256, SHA-384, and SHA-512 can serve the purpose here. However, SHA โ€“ 1 [20] is used here. Availability: Availability of information refers to ensuring that authorized parties are able to access information whenever needed. Cloud Computing services support data back up and redundancy by keeping multiple copies of data so that single point of failure could be avoided and data is always available [21] [22]. Network Security: In cloud computing platform where heterogeneous networks collaborate to execute any application, network security becomes indispensible. Large network with multiple platforms employ several modes of interconnection which gives rise to various security holes. To safe guard the underlying network from the security threats, local network vulnerabilities and global security threats must be taken into account for proper evaluation. An attack graph method is best suited in this scenario. Various readily available scanning tools could be used to determine vulnerability at each host. Thus a global scenario can be used to design attack graph using a threat model. Risk analysis may be done on that. This attack graph can be applied to enforce security and defend against various known set of attacks. OpenVAS [16] is a free network security scanner available in linux platform, and can be used here to serve the purpose.

4. ACHIVEING SECURITY 4.1 Data Confidentiality

The main objective of any cryptosystem is to encrypt the information in such a way that only the intended user can decrypt it. A double layer encryption technique is used here to protect data from unauthorized access. Normally an encryption technique refers to either symmetric encryption technique or asymmetric encryption technique. In symmetric encryption technique same.key is used for encryption and decryption. This encryption process is fast. However, the key distribution needs potentially secured handshaking between two parties. Whereas, a key pair (Private โ€“ Public key) is used for encryption/decryption process and the key distribution is quite easy in asymmetric encryption technique, but the encryption process is slower. Keeping in mind both the advantages and disadvantages, a double layered hybrid technique is proposed here for data confidentiality. Firstly data is encrypted using AES [17] symmetric key (128 bit). Different segments of the patient data are encrypted using different symmetric keys, KSEG1, KSEG2 , KSEG3. These keys are distributed on demand basis to authorized users only. Another layer of symmetric encryption technique AES is also applied to the data before transmission. The key is derived at both ends during run time. Basically, an asymmetric technique is adopted in this stage to generate a new symmetric key. This method incorporates the advantages of both the symmetric and asymmetric techniques. The key distribution is done in asymmetric fashion which helps in signing the data whereas the encryption process with symmetric key works faster. Each time, before transmission, one public and one private key pair is generated. Using these values, at each end, one ephemeral shared secret is generated, which is used to derive the symmetric key. This key is further used to encrypt the patient record. This asymmetric key generation technique also helps in signing the data using the generated private part. This is done through ECDH [23] asymmetric key algorithm. Therefore, advantages of the asymmetric techniques are also achieved. After it is received at receiver side, decryption process is applied to the encrypted patient record. In the proposed system, a key set of three static symmetric keys is provided to the kiosk (basically the health care personnel user that uploads patient data in cloud) to encrypt the patient data. And each storage is provided with one static symmetric key (e.g KCSP). The kiosk or the user generates one run time symmetric key (e.g., KKIOSK or KDOC ) before transmitting at the start of a session. In figure 3, the first layer of encryption is done using the symmetric key set KSEG1, KSEG2 , KSEG3.And the second layer of encryption is done using the doctorโ€™s or kioskโ€™s symmetric key KDOC, KKIOSK. Even also when data is stored at cloud storage, it is encrypted using the storage symmetric key, KST.

4.1.1 Key Generation Phase Round 1: This algorithm generates the 128 bit long AES symmetric keyset ๐พ!"!" , ๐‘– > 0, at the key server. On request, the keyset is transmitted to the user based on their access provision. Round 2:This algorithm takes the public key of the other end (Pk), the generates ephemeral random number (RSEC) and the other attribute (S) as input and generates the userโ€™s secret key KUSER

Figure 2. Security demands at different layers of the application

Figure 3: Secure Data Flow at different State of art

4.1.2 Encryption This algorithm takes the patient data (PD), the static segment keys KSEG, and the generated secret key KUSER as input. This process first encrypts PD with the segment keys in round 1 and finally applies the generated secret key to produce the final cipher text [PD] in the next round. ๐’

๐‘ญ(๐‘ญ(๐๐ƒ,

๐‘ฒ๐‘บ๐‘ฌ๐‘ฎ๐’Š )), ๐‘ฒ๐‘ผ๐‘บ๐‘ฌ๐‘น = [๐๐ƒ] ๐’Š!๐ŸŽ

4.1.3 Decryption This algorithm takes the final cipher text [PD], the particular static segment key KSEG specified for the role of the authenticated user, the generated secret key KUSER as input and decrypts the data as intended for the user. !๐Ÿ

!๐Ÿ

strong security channel over the untrusted environment of cloud. Moreover, the stored patient data might get disclosed by the cloud owner. Some malicious user may get access to the data, which is not at all desirable with respect to the legal aspect of patient privacy. The user should be allowed to access the data to which they are privileged to access. A properly authenticated user can only acquire the data on the basis of the userโ€™s role. So, the authentication process not only includes the credential checking but also includes determination of the userโ€™s proper role. In this work, we have concentrated more on the user data confidentiality, key sharing and user data access management.

4.2.1 User registration phase A new user wanting to access the cloud based application

!

๐‘ญ ( ๐‘ท๐‘ซ , ๐‘ฒ๐‘ผ๐‘บ๐‘ฌ๐‘น , (๐‘ฒ๐‘บ๐‘ฌ๐‘ฎ ะ„ ๐‘ผ ๐‘ฟ ๐‘น)) = ๐‘ท๐‘ซ ะ„ ๐‘ท๐‘ซ, Where U ๐… X R defines the key specified for each user corresponding to its role. While exchanging the shared secret, a Message Authentication Code (MAC) of the computed key is also communicated to the other end. After receiving the shared secret, the receiving end derives the secret key and computes the MAC value of the key. If the shared secret is obtained from a authenticated user, the MAC value will match. Thus, ECDH method also ensures user authentication with the help of implicit data signature validation. Therefore, a double layered encrypted data is always maintained at data storage and during data transmission. This method thus adds an extra layer of data confidentiality.

4.2 Security Modules Patient data generated at remote site acts as resource for users who want to retrieve the information. In a health care application, a doctor or a nurse or a pathologist will try to view the data, append some advice, update pathology test report, create a prescription etc. As already stated, the remote health care application consists of a kiosk where the health personnel assists the patient. The patient details are collected at a particular kiosk and then these are sent to a doctor. Most of the time the health personnel (assumed here to be an trusted entity) take the decision to assign a particular doctor to a patient from the list of available doctors. We assume here, the communication channel between the kiosk and the doctor is already secured by fundamental security protocol like SSL. However, a user centric security protection will further provide a

Figure 4: User Registration Phase (healthcare application here) has to first register with the system. This registration process stores user information (UINF) including the credentials at trusted server storage. For secure communication, the user information UINF along with the hash value of the information will be transmitted from user end. Obviously, the transmitted data will be encrypted using a derived temporary key KTEMP for secure communication. Upon receiving, the hash value is compared with the received user information. The information is further processed if the hash value matches. Finally UINF is stored in the server after encrypting it using storage symmetric key, KST as shown in figure 4.

4.2.2 Secure Channel Setup For any sort of data transmission between two entities, a secure channel has to be set up first. Whenever data needs to be exchanged, one symmetric key is generated at both end. For data transmission between two entities (e.g., between kiosk and cloud storage provider) encrypted data exchange is very important in the cloud environment. However, this wireless medium is also vulnerable to various attacks like MITM, DoS etc . Therefore, a hash value of the information can also be included with each data transmission. At the receiver end, if the hash value does not match with the transmitted data, then the key is supposed be compromised, hence new key generation request is raised.

Figure 5: Message interactions for the framework based on health care application

4.2.3 Secure Channel Setup User login and authentication information [ID, H(password)] are validated before giving the user access to any resource. This process has a number of functionalities like identity checking, role checking, role โ€“ key share. The identity provider will validate the user credential. On success, the corresponding user is provided with the proper access key, so that the user could retrieve the data he or she is intended for.

4.2.4 Data Store Phase The primary patient data is segmented into multiple parts. Each part is encrypted using different symmetric keys. Further, when the data [Header + Seg1 + Seg2 + Seg3] is transmitted to the cloud storage, a run time symmetric key is generated to encrypt the data and hence generate a secure channel. The run time key is derived at both ends. Therefore the cloud storage provider could easily decrypt the data. The decrypted data now, contains segmented encrypted data and one header. The cloud storage provider (CSP) then, creates one metadata information using the header information transmitted with the data packet. Then again, it encrypts the data with its symmetric storage key and store the data as shown in figure 5.

4.2.5 Data Retrieval and Access Phase User sends encrypted query about the patient data to the cloud storage provider (CSP) using its symmetric key. At the server side, the CSP decrypts the query and searches the metadata information. Upon retrieval of the requested patientโ€™s data, the decrypted data (decryption using storage key) is further encrypted using the userโ€™s symmetric key. The users are provided with the access keys depending on their role, on demand. Therefore, the intended data could only be visible at the userโ€™s end. This module is also provisioned for data to be only read only or not. This restriction is controlled from the interface level.

5. SECURITY AND PERFORMANCE ANALYSIS Our solution is capable of providing the basic security properties of confidentiality, access control and integrity. Data is first segmented and each segment is encrypted using a static symmetric key sets, and then by a dynamic symmetric key at the time of data transmission. The static key is generated using AES technique. The next symmetric key is designed using ECDH technique. This process dynamically generates the key, so there is no need to store the key. Each time this key is derived at both communicating ends. Here we have used this asymmetric technique of key share algorithm to generate a symmetric key using one key derivation function (KDF). This process ultimately provides a flavor of asymmetric encryption in terms of symmetric key cryptography. It also helps in signing the data. Only the static key set (three keys) are needed to be stored and accessed by different users based on their specified roles. So this design provides a scalable infrastructure. By distributing static symmetric keys only to the legitimate user on demand basis in a highly secure way of facilitating the architecture with fine grained access control mechanism. As a particular symmetric key is necessary to access the corresponding segment data, access to sensitive data is thus controlled here. Data integrity is achieved using SHA-1 technique. Whenever any data or key is exchanged between two parties the corresponding hash value is also exchanged to validate the integrity of the data. We present a fundamental performance evaluation of our proposed method. We have implemented the double layered encryption technique for the patient details and generated the run time keys for the secure data transmission using java. Table 1 shows the time required with our proposed technique to encrypt and decrypt a file with variable file size and key size.

Table 1: Encryption and Decryption time of various files File Type

File Size

Encryption Time (ms)

Decryption Time (ms)

Key File

168 bytes

88

105

Data File

750 Kb

344

405

Data File

1.5 MB

421

468

6. CONCLUSION In this paper we have proposed security framework for WSNcloud based applications. In our paper we have taken healthcare application as a case study to show the performance analysis of the proposed security method. In cloud environment the control of the data is given to some third party. This separation of the cloud data user and information makes room for the intruder. In the proposed security scheme we have tried to eliminate the potential security threats and guarantee fast and flexible security solutions to the fundamental security requirements. ACKNOWLEDGMENTS This work is supported by Information Technology Research Academy (ITRA), Government of India under, ITRA-Mobile grant ITRA/15(59)/Mobile/RemoteHealth/01.

7. REFERENCES [1] Zissis, D., Lekkas ,D. 2011.Addressing cloud computing security issues. Future Generation Computer Systems,Volume 28, Issue 3, March 2012, Pages 583โ€“59. [2] Liu, R. and Wassell, I.2011. Opportunities and challenges of wireless sensor networks using cloud services. ACM Workshop on Internet of Things and Service Platforms (IoTSP โ€™11), December 2011. [3] Fortino, G., Pathan, M., & Di Fatta, G. 2012. BodyCloud: Integration of Cloud Computing and body sensor networks. In Cloud Computing Technology and Science (CloudCom), 2012 IEEE 4th International Conference on (pp. 851-856). IEEE. [4] Andruino Health kit: https://www.cookinghacks.com/ehealth-sensors-complete-kit-biometric-medicalarduino-raspberry-pi. [5] Biswas, S., Nag, T., & Neogy, S. 2014. Trust based energy efficient detection and avoidance of black hole attack to ensure secure routing in MANET. In Applications and Innovations in Mobile Computing (AIMoC), 2014(pp. 157164). IEEE. [6] Basu, S., Karp, A. H., Li, J., Pruyne, J., Rolia, J., Singhal, S., & Swaminathan, R. 2012. Fusion: managing healthcare records at cloud scale.Computer, (11), 42-49.. [7] Gentry, C. 2009. A fully homomorphic encryption scheme (Doctoral dissertation, Stanford University). [8] Goyal, V., Pandey, O., Sahai, A., & Waters, B. 2006. Attribute-based encryption for fine-grained access control of encrypted data. InProceedings of the 13th ACM conference

on Computer and communications security (pp. 89-98). Acm.. [9] Gasarch, W. (2004). A survey on private information retrieval. In Bulletin of the EATCS. [10] Page, A., Kocabas, O., Ames, S., Venkitasubramaniam, M., & Soyata, T. 2014. Cloud-based secure health monitoring: Optimizing fully-homomorphic encryption for streaming algorithms. In Globecom Workshops (GC Wkshps), 2014 (pp. 48-52). IEEE. [11] Lounis, A., Hadjidj, A., Bouabdallah, A., & Challal, Y. 2012. Secure and scalable cloud-based architecture for e-health wireless sensor networks. InComputer communications and networks (ICCCN), 2012 21st international conference on (pp. 1-7). IEEE. [12] Sweeney, L. 2002. Achieving k-anonymity privacy protection using generalization and suppression. International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems, 10(05), 571-588. [13] Seligman, L., & Roenthal, A. 2001. XML's impact an databases and data sharing. Computer, 34(6), 59-67 [14] Saha, S. 2015. Secure sensor data management model in a sensor-cloud integration environment. In Applications and Innovations in Mobile Computing (AIMoC), 2015 (pp. 158163). IEEE. [15] Electronic health records, National Institute of Health: http://www.nlm.nih.gov/medlineplus/magazine/issues/summ er09/articles/summer09pg17.html [16] OPENVAS : sectools.org/tool/openvas/ [17] Housley, R. 2002. Advanced Encryption Standard (AES) Key Wrap Algorithm(No. RFC 3394). [18] Aiello, W., Bellovin, S. M., Blaze, M., Ioannidis, J., Reingold, O., Canetti, R., & Keromytis, A. D. 2002. Efficient, DoS-resistant, secure key exchange for internet protocols. In Proceedings of the 9th ACM conference on Computer and communications security (pp. 48-58). ACM [19] Katz, J. 2002. Efficient Cryptographic Protocols Preventing โ€œMan-in-the-Middleโ€ Attacks (Doctoral dissertation, COLUMBIA UNIVERSITY). [20] Stevens, M. 2013. New collision attacks on SHA-1 based on optimal joint local-collision analysis. In Advances in Cryptologyโ€“EUROCRYPT 2013 (pp. 245-261). Springer Berlin Heidelberg.. [21] Chowdhury, C., & Neogy, S. 2009. Checkpointing using mobile agents for mobile computing system. the International Journal of Recent Trends in Engineering, (1), 26-29. [22] Chowdhury, C., & Neogy, S. 2007. A consistent checkpointing-recovery protocol for minimal number of nodes in mobile computing system. In High Performance Computingโ€“HiPC 2007 (pp. 599-611). Springer Berlin Heidelberg. [23] McGrew, D. A. 2011. Fundamental Elliptic Curve Cryptography Algorithms.