Distributed User Access Control in Sensor Networks

  • Haodong Wang
  • Qun Li
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4026)


User access control in sensor networks defines a process of granting user the access right to the information and resources. It is essential for the future real sensor network deployment in which sensors may provide users with different services in terms of data and resource access. A centralized access control mechanism requires base station to be involved whenever a user requests to get authenticated and access the information stored in the sensor node, which is inefficient, not scalable, and is exposed to many potential attacks along the long communication path. In this paper, we propose a distributed user access control under a realistic adversary model in which sensors can be compromised and user may collude. We split the access control into local authentication conducted by the sensors physically close to the user, and a light remote authentication based on the endorsement of the local sensors. Elliptic Curve Cryptography (ECC), a public key cryptography scheme, is used for local authentication. We implement the access control protocols on a testbed of TelosB motes. Our analysis and experimental results show that our scheme is feasible for real access control requirement.


Sensor Network Sensor Node Access Control Local Sensor Message Authentication Code 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Balfanz, D., Durfee, G., Shankar, N., Smetters, D., Staddon, J., Wong, H.: Secret handshakes from pairing-based key agreements. In: 2003 IEEE Symposium on Security and Privacy, Berkeley, CA (May 2003)Google Scholar
  2. 2.
    Chan, H., Perrig, A.: Pike: Peer intermediaries for key establishment in sensor networks. In: INFOCOM 2005, Miami, FL (March 2005)Google Scholar
  3. 3.
    Chan, H., Perrig, A., Song, D.: Random key predistribution schemes for sensor networks. In: In IEEE Symposium on Security and Privacy, pp. 197–213. Berkeley, California ( May 2003)Google Scholar
  4. 4.
  5. 5.
    Du, W., Deng, J.: A pairwise key pre-distribution scheme for wireless sensor networks. In: ACM CCS (2003)Google Scholar
  6. 6.
    Du, W., Deng, J., Han, Y.S., Chen, S., Varshney, P.: A key management scheme for wireless sensor networks using deployment knowledge. In: IEEE INFOCOM 2004, Hong Kong (March 2004)Google Scholar
  7. 7.
    Eschenauer, L., Gligor, V.D.: A key-management scheme for distributed sensor networks. In: In Proceedings of the 9th ACM conference on Computer and Communication Security (November 2002)Google Scholar
  8. 8.
    Ganesan, P., Venugopalan, R., Peddabachagari, P., Dean, A., Mueller, F., Sichitiu, M.: Analyzing and modeling encryption overhead for sensor network nodes. In: WSNA 2003, San Diego, CA (September 2003)Google Scholar
  9. 9.
    Gura, N., Patel, A., Wander, A., Eberle, H., Shantz, S.C.: Comparing elliptic curve cryptography and rsa on 8-bit cpus. In: CHES, Boston (August 2004)Google Scholar
  10. 10.
    Liu, D., Ning, P.: Establishing pairwise keys in distributed sensor networks. In: CCS 2003, Washington, DC (October 2003)Google Scholar
  11. 11.
    Perrig, A., Stankovic, J., Wagner, D.: Security in wireless sensor networks. Communications of The ACM 47(6), 53–57 (2004)CrossRefGoogle Scholar
  12. 12.
    Perrig, A., Szewczyk, R., Wen, V., Culler, D., Tygar, D.: Spins: Security protocols for sensor networks. ACM/Kluwer Wireless Networks Journal (WINET) (September 2002)Google Scholar
  13. 13.
    Rivest, R.L.: The rc5 encryption algorithm. In: Proceedings of the 1994 Leuven Workshop on Fast Software Encryption (Springer 1995), pp. 86–96. Springer, Heidelberg (1995)Google Scholar
  14. 14.
    Jajodia, S., Zhu, S., Setia, S., Ning, P.: An interleaved hop-by-hop authentication scheme for filtering of injected false data in sensor networks. In: In Proc. IEEE Symposium on Security and Privacy, Oakland, CA (May 2004)Google Scholar
  15. 15.
    Vogt, H.: Exploring message authentication in sensor networks. In: Castelluccia, C., Hartenstein, H., Paar, C., Westhoff, D. (eds.) ESAS 2004. LNCS, vol. 3313, pp. 19–30. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  16. 16.
    Wang, H., Sheng, B., Li, Q.: Telosb implementation of elliptic curve cryptography over primary field. In Technical Report (December 2005)Google Scholar
  17. 17.
    Ye, F., Luo, H., Lu, S., Zhang, L.: Statistical en-route filtering of injected false data in sensor networks. In: INFOCOM 2004 (2004)Google Scholar
  18. 18.
    Zhang, W., Song, H., Zhu, S., Cao, G.: Least privilege and privilege deprivation: Towards tolerating mobile sink compromises in wireless sensor networks. In: MobiHoc 2005, Chicago, IL (May 2005)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Haodong Wang
    • 1
  • Qun Li
    • 1
  1. 1.Department of Computer ScienceCollege of William and MaryWilliamsburgUSA

Personalised recommendations