Distributed access control with privacy support in wireless sensor networks

Daojing He, Jiajun Bu, Sencun Zhu, Sammy Chan, Chun Chen

Research output: Contribution to journalArticle

61 Citations (Scopus)

Abstract

A distributed access control module in wireless sensor networks (WSNs) allows the network to authorize and grant user access privileges for in-network data access. Prior research mainly focuses on designing such access control modules for WSNs, but little attention has been paid to protect user's identity privacy when a user is verified by the network for data accesses. Often, a user does not want the WSN to associate his identity to the data he requests. In this paper, we present the design, implementation, and evaluation of a novel approach, Priccess, to ensure distributed privacy-preserving access control. In Priccess, users who have similar access privileges are organized into the same group by the network owner. A network user signs a query command on behalf of his group and then sends the signed query to the sensor nodes of his interest. The signature can be verified by its recipient as coming from someone authorized without exposing the actual signer. In addition to the theoretical analysis that demonstrates the security properties of Priccess, this paper also reports the experimental results of Priccess in a network of Imote2 motes, which show the efficiency of Priccess in practice.

Original languageEnglish (US)
Article number5967978
Pages (from-to)3472-3481
Number of pages10
JournalIEEE Transactions on Wireless Communications
Volume10
Issue number10
DOIs
StatePublished - Oct 1 2011

Fingerprint

Distributed Control
Access Control
Access control
Privacy
Wireless Sensor Networks
Wireless sensor networks
Sensor nodes
Query
Module
Privacy Preserving
Signed
Theoretical Analysis
Signature
Sensor
Evaluation
Experimental Results
Vertex of a graph
Demonstrate

All Science Journal Classification (ASJC) codes

  • Computer Science Applications
  • Electrical and Electronic Engineering
  • Applied Mathematics

Cite this

He, Daojing ; Bu, Jiajun ; Zhu, Sencun ; Chan, Sammy ; Chen, Chun. / Distributed access control with privacy support in wireless sensor networks. In: IEEE Transactions on Wireless Communications. 2011 ; Vol. 10, No. 10. pp. 3472-3481.
@article{56f8c2a9184643a58c520f316eeccfe2,
title = "Distributed access control with privacy support in wireless sensor networks",
abstract = "A distributed access control module in wireless sensor networks (WSNs) allows the network to authorize and grant user access privileges for in-network data access. Prior research mainly focuses on designing such access control modules for WSNs, but little attention has been paid to protect user's identity privacy when a user is verified by the network for data accesses. Often, a user does not want the WSN to associate his identity to the data he requests. In this paper, we present the design, implementation, and evaluation of a novel approach, Priccess, to ensure distributed privacy-preserving access control. In Priccess, users who have similar access privileges are organized into the same group by the network owner. A network user signs a query command on behalf of his group and then sends the signed query to the sensor nodes of his interest. The signature can be verified by its recipient as coming from someone authorized without exposing the actual signer. In addition to the theoretical analysis that demonstrates the security properties of Priccess, this paper also reports the experimental results of Priccess in a network of Imote2 motes, which show the efficiency of Priccess in practice.",
author = "Daojing He and Jiajun Bu and Sencun Zhu and Sammy Chan and Chun Chen",
year = "2011",
month = "10",
day = "1",
doi = "10.1109/TWC.2011.072511.102283",
language = "English (US)",
volume = "10",
pages = "3472--3481",
journal = "IEEE Transactions on Wireless Communications",
issn = "1536-1276",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
number = "10",

}

Distributed access control with privacy support in wireless sensor networks. / He, Daojing; Bu, Jiajun; Zhu, Sencun; Chan, Sammy; Chen, Chun.

In: IEEE Transactions on Wireless Communications, Vol. 10, No. 10, 5967978, 01.10.2011, p. 3472-3481.

Research output: Contribution to journalArticle

TY - JOUR

T1 - Distributed access control with privacy support in wireless sensor networks

AU - He, Daojing

AU - Bu, Jiajun

AU - Zhu, Sencun

AU - Chan, Sammy

AU - Chen, Chun

PY - 2011/10/1

Y1 - 2011/10/1

N2 - A distributed access control module in wireless sensor networks (WSNs) allows the network to authorize and grant user access privileges for in-network data access. Prior research mainly focuses on designing such access control modules for WSNs, but little attention has been paid to protect user's identity privacy when a user is verified by the network for data accesses. Often, a user does not want the WSN to associate his identity to the data he requests. In this paper, we present the design, implementation, and evaluation of a novel approach, Priccess, to ensure distributed privacy-preserving access control. In Priccess, users who have similar access privileges are organized into the same group by the network owner. A network user signs a query command on behalf of his group and then sends the signed query to the sensor nodes of his interest. The signature can be verified by its recipient as coming from someone authorized without exposing the actual signer. In addition to the theoretical analysis that demonstrates the security properties of Priccess, this paper also reports the experimental results of Priccess in a network of Imote2 motes, which show the efficiency of Priccess in practice.

AB - A distributed access control module in wireless sensor networks (WSNs) allows the network to authorize and grant user access privileges for in-network data access. Prior research mainly focuses on designing such access control modules for WSNs, but little attention has been paid to protect user's identity privacy when a user is verified by the network for data accesses. Often, a user does not want the WSN to associate his identity to the data he requests. In this paper, we present the design, implementation, and evaluation of a novel approach, Priccess, to ensure distributed privacy-preserving access control. In Priccess, users who have similar access privileges are organized into the same group by the network owner. A network user signs a query command on behalf of his group and then sends the signed query to the sensor nodes of his interest. The signature can be verified by its recipient as coming from someone authorized without exposing the actual signer. In addition to the theoretical analysis that demonstrates the security properties of Priccess, this paper also reports the experimental results of Priccess in a network of Imote2 motes, which show the efficiency of Priccess in practice.

UR - http://www.scopus.com/inward/record.url?scp=80855130876&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=80855130876&partnerID=8YFLogxK

U2 - 10.1109/TWC.2011.072511.102283

DO - 10.1109/TWC.2011.072511.102283

M3 - Article

AN - SCOPUS:80855130876

VL - 10

SP - 3472

EP - 3481

JO - IEEE Transactions on Wireless Communications

JF - IEEE Transactions on Wireless Communications

SN - 1536-1276

IS - 10

M1 - 5967978

ER -