Securing Cognitive Radios with a Policy Enforcer and Secure Inter-component Transport Mechanisms
MetadataShow full item record
Current wireless communications are confronted with two significant problems with regard to spectrum use --- spectrum scarcity and deployment difficulties. It is widely believed that Software Defined Radios (SDRs) and Cognitive Radios (CRs) are the key enabling technologies to address these problems. The reconfigurability of SDRs combined with the decoupling of policies and the platform in policy-based radios poses a new technical problem --- viz, enforcing policy conformance. Each DARPA XG radio is equipped with a set of policy conformance components (PCCs) which are responsible for ensuring that the radio is policy-conformant and does not cause harmful interference. The Policy Reasoner (PR) is the inference component of the PCCs whereas the Policy Enforcer (PE) performs enforcement. DARPAâ s XG program prescribes the Software Communications Architecture (SCA) as the model for SDR/CR architectures. Distributed processing is a fundamental aspect of the SCA, and it uses the Common Object Resource Broker Architecture (CORBA). It is reasonable to assume that some of the SDRs will be implemented as distributed systems, irrelevant of whether they are SCA compliant devices. It is thus obvious that middleware has to be secured for complete security. This thesis enumerates the requirements of an â idealâ PE. We have described the design and implementation of two possible implementations, which can fulfill some of these requirements. The PE can function similar to a firewall, and be at the very boundary of software and hardware components. The PE can also be implemented as a â man-in-the-middleâ between the System Strategy Reasoner and the transmission hardware. We further describe a novel method of providing cache coherency for a cache-based PE. We also perform an in-depth analysis of the security requirements in a distributed implementation of a policy-based radio. To this end, we describe the design and implementation of such a system using CORBA middleware. We identify potential vulnerabilities due to the use of CORBA, and describe countermeasures for them. We compare the performance of transport and security mechanisms of two commercial, off-the-shelf (COTS) Object Request Brokers. We show that the magnitude of performance degradation can be reduced by the use of a cleverly selected combination of transport and security mechanisms.
- Masters Theses