Distributed privacy-preserving access control in sensor networks

Rui Zhang, Yanchao Zhang, Kui Ren

Research output: Contribution to journalArticle

26 Citations (Scopus)

Abstract

The owner and users of a sensor network may be different, which necessitates privacy-preserving access control. On the one hand, the network owner need enforce strict access control so that the sensed data are only accessible to users willing to pay. On the other hand, users wish to protect their respective data access patterns whose disclosure may be used against their interests. This paper presents DP 2 AC, a Distributed Privacy-Preserving Access Control scheme for sensor networks, which is the first work of its kind. Users in DP 2 AC purchase tokens from the network owner whereby to query data from sensor nodes which will reply only after validating the tokens. The use of blind signatures in token generation ensures that tokens are publicly verifiable yet unlinkable to user identities, so privacy-preserving access control is achieved. A central component in DP 2 AC is to prevent malicious users from reusing tokens, for which we propose a suite of distributed token reuse detection (DTRD) schemes without involving the base station. These schemes share the essential idea that a sensor node checks with some other nodes (called witnesses) whether a token has been used, but they differ in how the witnesses are chosen. We thoroughly compare their performance with regard to TRD capability, communication overhead, storage overhead, and attack resilience. The efficacy and efficiency of DP 2 AC are confirmed by detailed performance evaluations.

Original languageEnglish (US)
Article number6095540
Pages (from-to)1427-1438
Number of pages12
JournalIEEE Transactions on Parallel and Distributed Systems
Volume23
Issue number8
DOIs
StatePublished - 2012

Fingerprint

Access control
Sensor networks
Sensor nodes
Base stations
Communication

Keywords

  • access control
  • privacy
  • security
  • Wireless sensor networks

ASJC Scopus subject areas

  • Hardware and Architecture
  • Signal Processing
  • Computational Theory and Mathematics

Cite this

Distributed privacy-preserving access control in sensor networks. / Zhang, Rui; Zhang, Yanchao; Ren, Kui.

In: IEEE Transactions on Parallel and Distributed Systems, Vol. 23, No. 8, 6095540, 2012, p. 1427-1438.

Research output: Contribution to journalArticle

@article{241206b96bf54711b8c4b36d341cee9b,
title = "Distributed privacy-preserving access control in sensor networks",
abstract = "The owner and users of a sensor network may be different, which necessitates privacy-preserving access control. On the one hand, the network owner need enforce strict access control so that the sensed data are only accessible to users willing to pay. On the other hand, users wish to protect their respective data access patterns whose disclosure may be used against their interests. This paper presents DP 2 AC, a Distributed Privacy-Preserving Access Control scheme for sensor networks, which is the first work of its kind. Users in DP 2 AC purchase tokens from the network owner whereby to query data from sensor nodes which will reply only after validating the tokens. The use of blind signatures in token generation ensures that tokens are publicly verifiable yet unlinkable to user identities, so privacy-preserving access control is achieved. A central component in DP 2 AC is to prevent malicious users from reusing tokens, for which we propose a suite of distributed token reuse detection (DTRD) schemes without involving the base station. These schemes share the essential idea that a sensor node checks with some other nodes (called witnesses) whether a token has been used, but they differ in how the witnesses are chosen. We thoroughly compare their performance with regard to TRD capability, communication overhead, storage overhead, and attack resilience. The efficacy and efficiency of DP 2 AC are confirmed by detailed performance evaluations.",
keywords = "access control, privacy, security, Wireless sensor networks",
author = "Rui Zhang and Yanchao Zhang and Kui Ren",
year = "2012",
doi = "10.1109/TPDS.2011.299",
language = "English (US)",
volume = "23",
pages = "1427--1438",
journal = "IEEE Transactions on Parallel and Distributed Systems",
issn = "1045-9219",
publisher = "IEEE Computer Society",
number = "8",

}

TY - JOUR

T1 - Distributed privacy-preserving access control in sensor networks

AU - Zhang, Rui

AU - Zhang, Yanchao

AU - Ren, Kui

PY - 2012

Y1 - 2012

N2 - The owner and users of a sensor network may be different, which necessitates privacy-preserving access control. On the one hand, the network owner need enforce strict access control so that the sensed data are only accessible to users willing to pay. On the other hand, users wish to protect their respective data access patterns whose disclosure may be used against their interests. This paper presents DP 2 AC, a Distributed Privacy-Preserving Access Control scheme for sensor networks, which is the first work of its kind. Users in DP 2 AC purchase tokens from the network owner whereby to query data from sensor nodes which will reply only after validating the tokens. The use of blind signatures in token generation ensures that tokens are publicly verifiable yet unlinkable to user identities, so privacy-preserving access control is achieved. A central component in DP 2 AC is to prevent malicious users from reusing tokens, for which we propose a suite of distributed token reuse detection (DTRD) schemes without involving the base station. These schemes share the essential idea that a sensor node checks with some other nodes (called witnesses) whether a token has been used, but they differ in how the witnesses are chosen. We thoroughly compare their performance with regard to TRD capability, communication overhead, storage overhead, and attack resilience. The efficacy and efficiency of DP 2 AC are confirmed by detailed performance evaluations.

AB - The owner and users of a sensor network may be different, which necessitates privacy-preserving access control. On the one hand, the network owner need enforce strict access control so that the sensed data are only accessible to users willing to pay. On the other hand, users wish to protect their respective data access patterns whose disclosure may be used against their interests. This paper presents DP 2 AC, a Distributed Privacy-Preserving Access Control scheme for sensor networks, which is the first work of its kind. Users in DP 2 AC purchase tokens from the network owner whereby to query data from sensor nodes which will reply only after validating the tokens. The use of blind signatures in token generation ensures that tokens are publicly verifiable yet unlinkable to user identities, so privacy-preserving access control is achieved. A central component in DP 2 AC is to prevent malicious users from reusing tokens, for which we propose a suite of distributed token reuse detection (DTRD) schemes without involving the base station. These schemes share the essential idea that a sensor node checks with some other nodes (called witnesses) whether a token has been used, but they differ in how the witnesses are chosen. We thoroughly compare their performance with regard to TRD capability, communication overhead, storage overhead, and attack resilience. The efficacy and efficiency of DP 2 AC are confirmed by detailed performance evaluations.

KW - access control

KW - privacy

KW - security

KW - Wireless sensor networks

UR - http://www.scopus.com/inward/record.url?scp=84863522640&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84863522640&partnerID=8YFLogxK

U2 - 10.1109/TPDS.2011.299

DO - 10.1109/TPDS.2011.299

M3 - Article

AN - SCOPUS:84863522640

VL - 23

SP - 1427

EP - 1438

JO - IEEE Transactions on Parallel and Distributed Systems

JF - IEEE Transactions on Parallel and Distributed Systems

SN - 1045-9219

IS - 8

M1 - 6095540

ER -