Efficient fine-grained data access control in wireless sensor networks

Recent advances in distributed in-network data storage and access control have led to active research in efficient and robust data management in wireless sensor networks (WSNs). Although numerous schemes have been proposed this far, most of them do not provide enough attention towards exploiting user hierarchy and sensor heterogeneity, which is quite a practical issue especially when deploying WSNs in mission-critical application scenarios. In this paper, we propose an efficient secret-key cryptography-based (SKC) fine-grained data access control scheme for securing both distributed data storage and retrieval. In our design, secret keying information for data encryption and decryption are constructed based on the scheme of Blundo et al. [1] with information-theoretic security. To further enhance the security strength, we then propose an efficient user revocation scheme based on the idea of blinded Merkle hash tree construction. Extensive performance analysis shows that the proposed schemes are very efficient and practical for WSNs.

[1]  Dirk Westhoff,et al.  Tinypeds: Tiny Persistent Encrypted Data Storage 3 in Asynchronous Wireless Sensor Networks 4 , 2006 .

[2]  Mahalingam Ramkumar,et al.  An efficient key predistribution scheme for ad hoc network security , 2005, IEEE Journal on Selected Areas in Communications.

[3]  Sencun Zhu,et al.  A random perturbation-based scheme for pairwise key establishment in sensor networks , 2007, MobiHoc '07.

[4]  GovindanRamesh,et al.  Data-centric storage in sensornets with GHT, a geographic hash table , 2003 .

[5]  Moti Yung,et al.  Perfectly Secure Key Distribution for Dynamic Conferences , 1992, Inf. Comput..

[6]  Jonathan Katz,et al.  Attacking cryptographic schemes based on "perturbation polynomials" , 2009, CCS.

[7]  Prashant J. Shenoy,et al.  Rethinking Data Management for Storage-centric Sensor Networks , 2007, CIDR.

[8]  Shouhuai Xu,et al.  LHAP: a lightweight hop-by-hop authentication protocol for ad-hoc networks , 2003, 23rd International Conference on Distributed Computing Systems Workshops, 2003. Proceedings..

[9]  Ralph C. Merkle,et al.  Protocols for Public Key Cryptosystems , 1980, 1980 IEEE Symposium on Security and Privacy.

[10]  Haiyun Luo,et al.  Statistical en-route filtering of injected false data in sensor networks , 2005, IEEE J. Sel. Areas Commun..

[11]  Donggang Liu,et al.  Location-based pairwise key establishments for static sensor networks , 2003, SASN '03.

[12]  Claudio Soriente,et al.  Catch Me (If You Can): Data Survival in Unattended Sensor Networks , 2008, 2008 Sixth Annual IEEE International Conference on Pervasive Computing and Communications (PerCom).

[13]  Wensheng Zhang,et al.  Securing Distributed Data Storage and Retrieval in Sensor Networks , 2007, Fifth Annual IEEE International Conference on Pervasive Computing and Communications (PerCom'07).

[14]  Sencun Zhu,et al.  Least privilege and privilege deprivation: towards tolerating mobile sink compromises in wireless sensor networks , 2005, MobiHoc '05.

[15]  Deborah Estrin,et al.  Data-Centric Storage in Sensornets with GHT, a Geographic Hash Table , 2003, Mob. Networks Appl..

[16]  Elisa Bertino,et al.  A Practical and Flexible Key Management Mechanism For Trusted Collaborative Computing , 2008, IEEE INFOCOM 2008 - The 27th Conference on Computer Communications.

[17]  Dimitrios Gunopulos,et al.  Towards In-Situ Data Storage in Sensor Databases , 2005, Panhellenic Conference on Informatics.

[18]  Marina Blanton,et al.  Dynamic and Efficient Key Management for Access Hierarchies , 2009, TSEC.

[19]  Gene Tsudik,et al.  Extended Abstract: Forward-Secure Sequential Aggregate Authentication , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[20]  Haiyun Luo,et al.  Statistical en-route filtering of injected false data in sensor networks , 2004, IEEE INFOCOM 2004.

[21]  Gene Tsudik,et al.  Forward-Secure Sequential Aggregate Authentication , 2007, IACR Cryptol. ePrint Arch..

[22]  Sasikanth Avancha,et al.  Security for Sensor Networks , 2004 .