Achieving Distributed User Access Control in Sensor Networks

User access control in sensor networks defines a process of granting user an access right to the stored information. It is essential for future real sensor network deployment in which sensors may provide users with different services in terms of data and resource accesses. A centralized access control mechanism requires the base station to be involved whenever a user requests to get authenticated and access the information stored in the sensor node, which is inefficient, not scalable, and is exposed to many potential attacks along long communication paths. In this paper, we propose a distributed user access control under a realistic adversary model in which sensors can be compromised and user may collude. We split the access control into local authentication conducted by a group of sensors physically close to a user, and a light remote authentication based on the endorsement of the local sensors. We implement the access control protocols on a testbed of TelosB motes. Our analysis and experimental results show that our schemes are feasible for real access control requirements.

[1]  Thomas F. La Porta,et al.  Establishing Pair-Wise Keys in Heterogeneous Sensor Networks , 2006, Proceedings IEEE INFOCOM 2006. 25TH IEEE International Conference on Computer Communications.

[2]  Deborah Estrin,et al.  Data-Centric Storage in Sensornets with GHT, a Geographic Hash Table , 2003, Mob. Networks Appl..

[3]  Yunghsiang Sam Han,et al.  A pairwise key pre-distribution scheme for wireless sensor networks , 2003, CCS '03.

[4]  Wenjing Lou,et al.  Privacy enhanced access control in pervasive computing environments , 2005, 2nd International Conference on Broadband Networks, 2005..

[5]  Virgil D. Gligor,et al.  A key-management scheme for distributed sensor networks , 2002, CCS '02.

[6]  Yong Guan,et al.  A key pre-distribution scheme using deployment knowledge for wireless sensor networks , 2005, IPSN 2005. Fourth International Symposium on Information Processing in Sensor Networks, 2005..

[7]  Dawn Xiaodong Song,et al.  Random key predistribution schemes for sensor networks , 2003, 2003 Symposium on Security and Privacy, 2003..

[8]  Burton H. Bloom,et al.  Space/time trade-offs in hash coding with allowable errors , 1970, CACM.

[9]  H BloomBurton Space/time trade-offs in hash coding with allowable errors , 1970 .

[10]  Sasikanth Avancha,et al.  Security for Sensor Networks , 2004 .

[11]  Hans Eberle,et al.  Comparing Elliptic Curve Cryptography and RSA on 8-bit CPUs , 2004, CHES.

[12]  Mukesh Singhal,et al.  Security in wireless sensor networks , 2008, Wirel. Commun. Mob. Comput..

[13]  Bo Sheng,et al.  WM-ECC: an Elliptic Curve Cryptography Suite on Sensor Motes , 2007 .

[14]  Donggang Liu,et al.  Establishing pairwise keys in distributed sensor networks , 2005, TSEC.

[15]  Qun Li,et al.  Achieving robust message authentication in sensor networks: a public-key based approach , 2010, Wirel. Networks.

[16]  Sushil Jajodia,et al.  An interleaved hop-by-hop authentication scheme for filtering of injected false data in sensor networks , 2004, IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004.

[17]  Sencun Zhu,et al.  Least privilege and privilege deprivation: towards tolerating mobile sink compromises in wireless sensor networks , 2005, MobiHoc '05.

[18]  Haiyun Luo,et al.  Statistical en-route filtering of injected false data in sensor networks , 2004, IEEE INFOCOM 2004.

[19]  Alfred Menezes,et al.  Guide to Elliptic Curve Cryptography , 2004, Springer Professional Computing.

[20]  Ronald L. Rivest,et al.  The RC5 Encryption Algorithm , 1994, FSE.

[21]  Donggang Liu Efficient and distributed access control for sensor networks , 2010, Wirel. Networks.

[22]  Yuguang Fang,et al.  Location-based compromise-tolerant security mechanisms for wireless sensor networks , 2006, IEEE Journal on Selected Areas in Communications.