Sensor networks are a promising computing paradigm for monitoring the physical environment and providing observations for various uses. In hostile situations, it is critical to enforce network access control to ensure the integrity, availability, and at times confidentiality of the sensor data. A natural idea is to adopt a centralized design where every access request from users goes through a trusted base station. However, this idea is not practical due to the cost and efficiency issues. This paper proposes two efficient and distributed access control methods, uni-access query and multi-access query. The uni-access query uses only symmetric cryptographic operations; it allows (1) a user to directly access the data on any sensor node in the network without going through the base station and (2) a sensor to protect its data so that only authorized users can access. Compared to existing solutions, this scheme is much more flexible and efficient. In addition, this scheme can also support privilege delegation, which allows a user to delegate all or part of its privilege to others without using the base station. The multi-access query applies public key cryptography to provide an additional feature, which allows a user to access the data on many sensor nodes via a single query. Compared to existing solutions that require a user to send at least one request for every sensor node to be queried, the multi-access query reduces the communication overhead significantly. The theoretical analysis and simulation evaluation show that the proposed schemes are practical for access control in sensor networks.
This is a preview of subscription content, log in to check access.
Buy single article
Instant access to the full article PDF.
Price includes VAT for USA
Subscribe to journal
Immediate online access to all issues from 2019. Subscription will auto renew annually.
This is the net price. Taxes to be calculated in checkout.
Akyildiz I. F., Su W., Sankarasubramaniam Y., & Cayirci, E. (2002). Wireless sensor networks: A survey. Computer Networks, 38(4), 393–422.
Bloom, B. H. (1970). Space/time trade-offs in hash coding with allowable errors. In Communications of ACM.
Chan, H., Perrig, A., & Song, D. (2003). Random key predistribution schemes for sensor networks. In IEEE Symposium on Security and Privacy (S&P), pp. 197–213, May 2003.
Crossbow Technology Inc. (2009). Wireless sensor networks. http://www.xbow.com/Home/HomePage.aspx. Accessed in July 2009.
Dong, Q., & Liu, D. (2007). Using auxiliary sensors for pairwise key establishment in wsn. In Proceedings of 2007 IFIP International Conferences on Networking (Networking), May 2007.
Dong, Q., Liu, D., & Ning, P. (2008). Pre-authentication filters: Providing dos resistance for signature-based broadcast authentication in wireless sensor networks. In Proceedings of ACM Conference on Wireless Network Security (WiSec).
Eschenauer, L., & Gligor, V. D. (2002). A key-management scheme for distributed sensor networks. In Proceedings of the 9th ACM Conference on Computer and Communications Security (CCS), pp. 41–47, November 2002.
Gura, N., Patel, A., & Wander, A. (2004). Comparing elliptic curve cryptography and RSA on 8-bit CPUs. In Proceedings of the Workshop on Cryptographic Hardware and Embedded Systems (CHES), August 2004.
Haas, Z., Halpern, J., & Li, L. (2002). Gossip based ad hoc routing. In Proceedings of INFOCOM.
Hartung, C., Balasalle, J., & Han, R. (2005). Node compromise in sensor networks: The need for secure systems. Technical Report CU-CS-990-05, U. Colorado at Boulder, Jan. 2005.
Kulik, J., Heinzelman, W. R., & Balakrishnan, H. (2000). Negotiation-based protocols for disseminating information in wireless sensor networks. Wireless Networks, 8, 169–185.
Lim, H., & Kim, C. (2000). Multicast tree construction and flooding in wireless ad hoc networks. In Proceedings of ACM Modeling, Analysis, and Simulation of Wireless and Mobile Systems.
Liu, A., & Ning, P. (2008). TinyECC: A configurable library for elliptic curve cryptography in wireless sensor networks. In Proceedings of the International Conference on Information Processing in Sensor Networks (IPSN), April 2008.
Liu, D., & Ning, P. (2003). Establishing pairwise keys in distributed sensor networks. In Proceedings of 10th ACM Conference on Computer and Communications Security (CCS), pp. 52–61, October 2003.
Madden, S. Franklin, M. J., Hellerstein, J. M., & Hong, W. (2002). TAG: a tiny aggregation service for ad-hoc sensor networks. In Proceedings of the 5th Annual Symposium on Operating Systems Design and Implementation (OSDI), December 2002.
Madden, S., Franklin, M. J., Hellerstein, J. M., & Hong, W. (2003). The design of an acquisitional query processor for sensor networks. In Proceedings of SIGMOD 2003, pp. 491–502, June 2003.
NIST. (1998). Skipjack and KEA algorithm specifications. http://www.csrc.nist.gov/encryption/skipjack/skipjack.pdf, May 1998.
Peng, W., & Lu, X. (2000). On the reduction of broadcast redundancy in mobile ad hoc networks. In Proceedings of ACM International Symposium on Mobile and Ad Hoc Networking and Computing.
Perrig, A., Szewczyk, R., Wen, V., Culler, D., & Tygar, D. (2001). SPINS: Security protocols for sensor networks. In Proceedings of Seventh Annual International Conference on Mobile Computing and Networks (MobiCom), July 2001.
Rivest, R. (1994). The RC5 encryption algorithm. In Proceedings of the 1st International Workshop on Fast Software Encryption, 809, pp. 86–96.
Sabbineni, H., & Chakrabarty, K. (2005). Location-aided flooding: An energy-efficient data dissemination protocol for wireless sensor networks. IEEE Transactions on Computers, 54(1), 36–46.
Sohrabi, K., & Pottie, G. J. (1999). Performance of a novel self organization protocol for wireless ad hoc sensor networks. In Proceedings of IEEE Vehicular Technology Conference.
Song, H., Zhu, S., Zhang, W., & Cao, G. (2008). Least privilege and privilege deprivation: Towards tolerating mobile sink compromises in wireless sensor networks. ACM Transaction on Sensor Networks (TOSN), November 2008.
Wang, H., & Li, Q. (2006). Distributed user access control in sensor networks. In The International Conference on Distributed Computing in Sensor Systems (DCOSS).
Wang, H., Sheng, B., Tan, C. C., & Li, Q. (2008). Comparing symmetric-key and public-key based securit schemes in sensor networks: A case study of user access control. In Proceedings of IEEE International Conference on Distributed Computing Systems (ICDCS), June 2008.
Wu, J., & Dai, F. (2003). Broadcasting in ad hoc networks based on self-pruning. In Proceedings of INFOCOM.
Zhang, W., Song, H., Zhu, S., & Cao, G. (2005). Least privilege and privilege deprivation: Towards tolerating mobile sink compromises in wireless sensor networks. In Proceedings of ACM Mobihoc.
A preliminary version of this paper appeared in the Proceedings of the International Conference on Distributed Computing in Sensor Systems (DCOSS), 2007.
About this article
Cite this article
Liu, D. Efficient and distributed access control for sensor networks. Wireless Netw 16, 2151–2167 (2010). https://doi.org/10.1007/s11276-010-0249-z
- Access control
- Sensor networks