Efficient Access Control for Wireless Sensor Data

  • Alessandro SorniottiEmail author
  • Refik Molva
  • Laurent Gomez
  • Christophe Trefois
  • Annett Laube
  • Piervito Scaglioso


Although very developed in many sectors (databases, filesystems), access control schemes are still somewhat elusive when it comes to wireless sensor networks. However, it is clear that many WSN systems—such as healthcare and automotive ones—need a controlled access to data that sensor nodes produce, given its high sensitivity. Enforcing access control in wireless sensor networks is a particularly difficult task due to the limited computational capacity of wireless sensor nodes. In this paper we present a full-fledged access control scheme for wireless sensor data. We enforce access control through data encryption, thus embedding access control in sensor data units. We also propose a lightweight key generation mechanism, based on cryptographic hash functions, that allows for hierarchical key derivation. The suggested protocol only relies on simple operations, does not require interactions between nodes and data consumers and has minimal storage requirements.


 Hierarchical access control Cryptography 


  1. 1.
    Wasp Consortium. D6.2-II Elderly Care Application: In-depth Scenarios and Use Cases,, 2007.
  2. 2.
    W. Tolone, G.-J. Ahn, T. Pai, and S.-P. Hong, Access control in collaborative systems, ACM Computing Surveys, Vol. 37, No. 1, pp. 29–41, 2005.CrossRefGoogle Scholar
  3. 3.
    S. G. Akl and P. D. Taylor, Cryptographic solution to a problem of access control in a hierarchy, ACM Transactions on Computer Systems, Vol. 1, No. 3, pp. 239–248, 1983.CrossRefGoogle Scholar
  4. 4.
    M.-H.-Y. Chien, Efficient time-bound hierarchical key assignment scheme, IEEE Transactions on Knowledge and Data Engineering, Vol. 16, No. 10, pp. 1301–1304, 2004.CrossRefMathSciNetGoogle Scholar
  5. 5.
    X. Yi, Security of chien’s efficient time-bound hierarchical key assignment scheme, IEEE Transactions on Knowledge and Data Engineering, Vol. 17, No. 9, pp. 1298–1299, 2005.CrossRefGoogle Scholar
  6. 6.
    W. G. Tzeng, A time-bound cryptographic key assignment scheme for access control in a hierarchy, IEEE Transactions on Knowledge and Data Engineering, Vol. 14, No. 1, pp. 182–188, 2002.CrossRefMathSciNetGoogle Scholar
  7. 7.
    M. Shehab, E. Bertino, and A. Ghafoor, Efficient hierarchical key generation and key diffusion for sensor networks. In Second Annual IEEE Communications Society Conference on Sensor and AdHoc Communications and Networks, 2005.Google Scholar
  8. 8.
    M. J. Atallah, M. Blanton, and K. B. Frikken, Incorporating temporal capabilities in existing key management schemes. In ESORICS, pp. 515–530, 2007.Google Scholar
  9. 9.
    M. J. Atallah, M. Blanton, and K. B. Frikken, Incorporating temporal capabilities in existing key management schemes. Cryptology ePrint Archive, Report 2007/245, 2007.Google Scholar
  10. 10.
    M. Bellare, R. Canetti, and H. Krawczyk, Keying hash functions for message authentication. In CRYPTO, pp. 1–15, 1996.Google Scholar
  11. 11.
    J.-O. Mauborgne and G. Vernam, One Time Pad Scheme. pad.
  12. 12.
    A. Fiat and M. Naor, Broadcast encryption. In CRYPTO, pp. 480–491, 1993.Google Scholar
  13. 13.
    S.-M. Chang, S. Shieh, W. W. Lin, and C.-M. Hsieh, An efficient broadcast authentication scheme in wireless sensor networks. In ASIACCS ’06: Proceedings of the 2006 ACM Symposium on Information, Computer and Communications Security, pp. 311–320, New York, NY, USA, 2006. ACM.Google Scholar
  14. 14.
    M. Mathews, M. Song, S. Shetty, and R. McKenzie, Detecting compromised nodes in wireless sensor networks. In SNPD ’07: Proceedings of the Eighth ACIS International Conference on Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computing (SNPD 2007), pp. 273–278, Washington, DC, USA, 2007. IEEE Computer Society.Google Scholar
  15. 15.
    T. Li, M. Song, and M. Alam, Compromised sensor nodes detection: a quantitative approach. In ICDCSW, pp. 352–357, 2008.Google Scholar
  16. 16.
    A. Perrig and J. D. Tygar, Secure Broadcast Communication in Wired and Wireless Networks. Kluwer Academic Publishers, Norwell, MA, USA, 2002.Google Scholar
  17. 17.
    M. Bellare and P. Rogaway, Random oracles are practical: a paradigm for designing efficient protocols. In ACM Conference on Computer and Communications Security, pp. 62–73, 1993.Google Scholar
  18. 18.
    M. Bellare, A. Desai, E. Jokipii, and P. Rogaway. A concrete security treatment of symmetric encryption. In FOCS ’97: Proceedings of the 38th Annual Symposium on Foundations of Computer Science (FOCS ’97), Washington, DC, USA, p. 394, 1997. IEEE Computer Society.Google Scholar
  19. 19.
    H. Dobbertin, A. Bosselaers, and B. Preneel, RIPEMD-160: a strengthened version of RIPEMD. In Fast Software Encryption, pp. 71–82, 1996.Google Scholar
  20. 20.
    A. Rukhin, J. Soto, J. Nechvatal, M. Smid, E. Barker, S. Leigh, M. Levenson, M. Vangel, D. Banks, A. Heckert, J. Dray, and S. Vo, A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications. NIST special publication 800-22, National Institute of Standards and Technology (NIST), Gaithersburg, MD, USA, 2001.Google Scholar
  21. 21.
    NIST 800-22b, Download Documentation and Software for the Nist 800-22b, special publication.Google Scholar
  22. 22.
    G. Masaglia, The Marsaglia Random Number Cdrom Including the Diehard Battery of Tests of Randomness, 1995.Google Scholar
  23. 23.
    S. Kim, K. Umeno, and A. Hasegawa, Corrections of the NIST Statistical Test Suite for Randomness, 2004.Google Scholar
  24. 24.
    A. J. Menezes, S. A. Vanstone, and P. C. Van Oorschot, Handbook of Applied Cryptography. CRC Press, Inc., Boca Raton, FL, USA, 1996.Google Scholar
  25. 25.
    L. Blum, M. Blum, and M. Shub, A simple unpredictable pseudo-random number generator, SIAM Journal on Computing, Vol. 15, No. 2, pp. 364–383, 1986.zbMATHCrossRefMathSciNetGoogle Scholar
  26. 26.
    N. Ferguson and B. Schneier, Practical Cryptography, Wiley, New York, NY, USA, 2003.Google Scholar

Copyright information

© Springer Science+Business Media, LLC 2009

Authors and Affiliations

  • Alessandro Sorniotti
    • 1
    • 2
    Email author
  • Refik Molva
    • 2
  • Laurent Gomez
    • 1
  • Christophe Trefois
    • 3
  • Annett Laube
    • 1
  • Piervito Scaglioso
    • 4
  1. 1.SAP ResearchMouginsFrance
  2. 2.Institut EurécomValbonneFrance
  3. 3.EPFLLausanneSwitzerland
  4. 4.Politecnico di TorinoTorinoItaly

Personalised recommendations