Abstract
Although very developed in many sectors (databases, filesystems), access control schemes are still somewhat elusive when it comes to wireless sensor networks. However, it is clear that many WSN systems—such as healthcare and automotive ones—need a controlled access to data that sensor nodes produce, given its high sensitivity. Enforcing access control in wireless sensor networks is a particularly difficult task due to the limited computational capacity of wireless sensor nodes. In this paper we present a full-fledged access control scheme for wireless sensor data. We enforce access control through data encryption, thus embedding access control in sensor data units. We also propose a lightweight key generation mechanism, based on cryptographic hash functions, that allows for hierarchical key derivation. The suggested protocol only relies on simple operations, does not require interactions between nodes and data consumers and has minimal storage requirements.
Keywords
Hierarchical access control CryptographyReferences
- 1.Wasp Consortium. D6.2-II Elderly Care Application: In-depth Scenarios and Use Cases, http://www.wasp-project.org/, 2007.
- 2.W. Tolone, G.-J. Ahn, T. Pai, and S.-P. Hong, Access control in collaborative systems, ACM Computing Surveys, Vol. 37, No. 1, pp. 29–41, 2005.CrossRefGoogle Scholar
- 3.S. G. Akl and P. D. Taylor, Cryptographic solution to a problem of access control in a hierarchy, ACM Transactions on Computer Systems, Vol. 1, No. 3, pp. 239–248, 1983.CrossRefGoogle Scholar
- 4.M.-H.-Y. Chien, Efficient time-bound hierarchical key assignment scheme, IEEE Transactions on Knowledge and Data Engineering, Vol. 16, No. 10, pp. 1301–1304, 2004.CrossRefMathSciNetGoogle Scholar
- 5.X. Yi, Security of chien’s efficient time-bound hierarchical key assignment scheme, IEEE Transactions on Knowledge and Data Engineering, Vol. 17, No. 9, pp. 1298–1299, 2005.CrossRefGoogle Scholar
- 6.W. G. Tzeng, A time-bound cryptographic key assignment scheme for access control in a hierarchy, IEEE Transactions on Knowledge and Data Engineering, Vol. 14, No. 1, pp. 182–188, 2002.CrossRefMathSciNetGoogle Scholar
- 7.M. Shehab, E. Bertino, and A. Ghafoor, Efficient hierarchical key generation and key diffusion for sensor networks. In Second Annual IEEE Communications Society Conference on Sensor and AdHoc Communications and Networks, 2005.Google Scholar
- 8.M. J. Atallah, M. Blanton, and K. B. Frikken, Incorporating temporal capabilities in existing key management schemes. In ESORICS, pp. 515–530, 2007.Google Scholar
- 9.M. J. Atallah, M. Blanton, and K. B. Frikken, Incorporating temporal capabilities in existing key management schemes. Cryptology ePrint Archive, Report 2007/245, 2007.Google Scholar
- 10.M. Bellare, R. Canetti, and H. Krawczyk, Keying hash functions for message authentication. In CRYPTO, pp. 1–15, 1996.Google Scholar
- 11.J.-O. Mauborgne and G. Vernam, One Time Pad Scheme. http://en.wikipedia.org/wiki/One-time pad.
- 12.A. Fiat and M. Naor, Broadcast encryption. In CRYPTO, pp. 480–491, 1993.Google Scholar
- 13.S.-M. Chang, S. Shieh, W. W. Lin, and C.-M. Hsieh, An efficient broadcast authentication scheme in wireless sensor networks. In ASIACCS ’06: Proceedings of the 2006 ACM Symposium on Information, Computer and Communications Security, pp. 311–320, New York, NY, USA, 2006. ACM.Google Scholar
- 14.M. Mathews, M. Song, S. Shetty, and R. McKenzie, Detecting compromised nodes in wireless sensor networks. In SNPD ’07: Proceedings of the Eighth ACIS International Conference on Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computing (SNPD 2007), pp. 273–278, Washington, DC, USA, 2007. IEEE Computer Society.Google Scholar
- 15.T. Li, M. Song, and M. Alam, Compromised sensor nodes detection: a quantitative approach. In ICDCSW, pp. 352–357, 2008.Google Scholar
- 16.A. Perrig and J. D. Tygar, Secure Broadcast Communication in Wired and Wireless Networks. Kluwer Academic Publishers, Norwell, MA, USA, 2002.Google Scholar
- 17.M. Bellare and P. Rogaway, Random oracles are practical: a paradigm for designing efficient protocols. In ACM Conference on Computer and Communications Security, pp. 62–73, 1993.Google Scholar
- 18.M. Bellare, A. Desai, E. Jokipii, and P. Rogaway. A concrete security treatment of symmetric encryption. In FOCS ’97: Proceedings of the 38th Annual Symposium on Foundations of Computer Science (FOCS ’97), Washington, DC, USA, p. 394, 1997. IEEE Computer Society.Google Scholar
- 19.H. Dobbertin, A. Bosselaers, and B. Preneel, RIPEMD-160: a strengthened version of RIPEMD. In Fast Software Encryption, pp. 71–82, 1996.Google Scholar
- 20.A. Rukhin, J. Soto, J. Nechvatal, M. Smid, E. Barker, S. Leigh, M. Levenson, M. Vangel, D. Banks, A. Heckert, J. Dray, and S. Vo, A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications. NIST special publication 800-22, National Institute of Standards and Technology (NIST), Gaithersburg, MD, USA, 2001.Google Scholar
- 21.NIST 800-22b, Download Documentation and Software for the Nist 800-22b, special publication.Google Scholar
- 22.G. Masaglia, The Marsaglia Random Number Cdrom Including the Diehard Battery of Tests of Randomness, 1995.Google Scholar
- 23.S. Kim, K. Umeno, and A. Hasegawa, Corrections of the NIST Statistical Test Suite for Randomness, 2004.Google Scholar
- 24.A. J. Menezes, S. A. Vanstone, and P. C. Van Oorschot, Handbook of Applied Cryptography. CRC Press, Inc., Boca Raton, FL, USA, 1996.Google Scholar
- 25.L. Blum, M. Blum, and M. Shub, A simple unpredictable pseudo-random number generator, SIAM Journal on Computing, Vol. 15, No. 2, pp. 364–383, 1986.zbMATHCrossRefMathSciNetGoogle Scholar
- 26.N. Ferguson and B. Schneier, Practical Cryptography, Wiley, New York, NY, USA, 2003.Google Scholar
Copyright information
© Springer Science+Business Media, LLC 2009