Identity Based Authentication And Access Control Computer Science Essay

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

This chapter is an introductory chapter of this research. This chapter begins with the background of this research. Then it states the problem statement of this research, goal and purpose; and the research methodology of this research. This chapter concludes with identifying the intended audience and stating the structure of this thesis.

The development of the wireless sensor network (WSN) has opened a new era in the modern information and communication technology. The development of micro sensor node helps to bring the wireless sensor network in front. A wireless sensor network (WSN) consists of spatially distributed autonomous sensors to cooperatively monitor physical or environmental conditions, such as temperature, sound, vibration, pressure, motion or pollutants [1, 2, 3]. A wireless sensor network has many features in common with the traditional networks. It consists of a large number of self-organizing, low-power; low-cost wireless sensor nodes and base stations where the sensor nodes are interconnected by the wireless connection and the base stations are connected by traditional wired connection.

The initial development of the wireless sensor networks was motivated by the military applications such as battlefield surveillance [4]. Day by day, the wireless sensor network is getting more popular due to its low cost, easy to implement (also in rugged environment), alternative where traditional networks are fail etc. Now a day's the sensor networks are used in variety of the applications that also include the industry and civilian applications. Some important sensor applications are current implementations monitor factory instrumentation, light, moisture, pollution levels, freeway traffic, the structural integrity of buildings, disaster management, monitoring ocean, wildfire and earthquake, climate sensing and control in office buildings and home environmental sensing systems for temperature and motion. [7]

The traditional security that is used in the tradition network cannot be applied directly into the wireless sensor network because of the nature of the sensor network. The sensor device has energy limitation, low durability, and limited computational and communicational capabilities. Most of the time the sensor nodes are install into the human accessible area which causes the risk of different kinds of physical attacks. Sensor nodes are closely contact with its environment that includes different kind of people who might be make some problems in the security of the network and also the sensor node communicates with other nodes via wireless network. So it might be vulnerable to more security attacks. So the security of the sensor network is a vital issue.

The securities of the sensor applications are varying from one application to others. For example- the military application must need the highest security assurance. The traditional wired network has five major security elements such as - confidentiality, non-repudiation, authentication, integrity and availability. Like the traditional wired network, the sensor network also has the same security elements. Confidentiality ensures that the information that passed through the network is not visible without the intended receiver, integrity ensures that the message or the information are transferred without any corruption from one node to other, authentication means the information only be accessible by the authorized users or nodes, non-repudiation ensures that when a node sent or received a message to or from another node, it never deny and availability ensures that the information will be available when expected. To make the wireless sensor network more secure, it is necessary to consider some other essential security elements that mainly include key establishment, secrecy, authentication and access control, privacy, robustness to denial-of-service attacks, secure routing, and node capture [5].

The sensor network has resource constraints. The sensor device has energy limitation, low durability, and limited computational and communicational capabilities. These are the reasons not to apply the traditional security solution directly to the sensor network. At the beginning of its (wireless sensor network) journey, it had lots of open issues to sort out and research also has been done to solve the problems in WSN. Still research is going on to make the wireless sensor network more secure. Authentication and access control is an important issue of the sensor network.

1.2 Problem Statement

The sensor nodes sense or monitor the environmental and physical changes to collect data. It also collects data from its neighbor nodes and its surrounding environment. This data are communicated to the other nodes over the wireless connection. The data that are collected by the sensor node may be confidential and in some cases the data is only visible to the authenticated users. The security in sensor network varies from application to application. In some application, some outsider user also may feel interest to access the data that are collected by the sensor node. So the authentication of the collected data, data source and also the user is critical. Data should need to protect from the unauthorized access. On the other hand all the authenticated users do not have the right to access all kind of information from a node. Every user has their own right to the access of information in the network. Some information may need to hide from some users. So the user access control is also important.

1.3 Goal

The aim of this research is to propose an efficient identity-based authentication and access control of wireless sensor network that helps to protect the information of a sensor node from illegitimate access and overcome the existing problems in authentication as well as access control of sensor network and also preserve the security issues of the nodes.

1.4 Purpose

Usually the wireless sensor network deploy in any environment without having any prior infrastructure. The sensor nodes are collecting data and communicate this data with each other to perform different types of functions. Sometime the data in the sensor nodes may contain private information and the node does not want to reveal this information to the outside. Discloser of this information may vulnerable of the system. The purpose of this thesis is to emphasize the main security issues into the wireless sensor network in the area of authentication and access control which is based on the finding of problems in the existing authentication system in the WSN and propose an efficient identity-based authentication system that help to ensure the proper authentication to make confidentiality and integrity of information and also provide the proper user access control.

1.5 Method

This research is an artifact development because the research proposes a new authentication and access control scheme. To achieve the goal of this research, different methodologies have been considered. But in this project, mainly the deductive research method is used. It is deductive because it proposes a new scheme that solves the authentication and access control problems in the wireless sensor network.

Through this research, the existing problems of authentication and access control are traced out and at the end of this research an efficient authentication and access control scheme are proposed using the following sequence of steps.

At the first step, the existing authentication system of the wireless sensor network is reviewed, find out the problems on that and at the end of this step an efficient authentication system has been proposed.

The second step is almost similar with the first step, the only difference in this step that it works on the access control of the wireless sensor network and makes a solution for the access control.

The third step is based on the result of first and second steps. This step integrates the solutions of authentication and access control; and makes an efficient scheme that provides both functionalities (authentication and access control) for the wireless sensor network.

Research works are two types- quantitative and qualitative. Quantitative methods are those which focus on numbers and frequencies rather than on meaning and experience; and provide information which is easy to analyse statistically and fairly reliable; whereas qualitative methods are ways of collecting data which are concerned with describing meaning, rather than with drawing statistical inferences. [6] This research deals with the authentication and access control problem and will make a proper solution for those problems. So it based on the qualitative analysis. The data collection methods in qualitative analysis are literature study, interview, field study etc. In this research, mostly the data collections are done through the literature study.

1.6 Intended Audience

The thesis describes the general idea of the wireless sensor network and its security solution. So a person who has knowledge in the area of information and communication system security would be an appropriate audience or a person who have interest to do research/study in the security specially authentication and access control of wireless sensor network would also be a proper audience. In general the thesis has been written in a very simple way, so any reader can easily understand the content of the thesis.

1.7 Thesis disposition

The thesis has been organized into six chapters. The first chapter contains the background information of the thesis, problem statement, goal and purpose. Then it describes the research methodology of this research. Finally this chapter concludes with the identification of some intended audience of this thesis. The second chapter contains the technical background of the thesis. To read this chapter, the readers can easily get the knowledge of the wireless sensor network. The third chapter describes various issues concerning the authentication and access control of wireless sensor network. The chapter four will describe the new authentication and access control protocol along with the assumptions and analysis of that protocol for the wireless sensor network. Chapter five will discuss about the shortcoming of this research and the future studies. Finally chapter six contains the references.

Chapter 2: Technical Background

This chapter provides some background knowledge of the wireless sensor network.

2.1 Wireless Sensor Networks

A wireless sensor network is a collection of sensor nodes (from dozen to a few thousand) and base stations. Nodes are capable to interact with each other through the base station over the wireless link. Nodes are collecting information with the interaction of its environment by sensing the different kinds of physical parameters like temperature, motion, light, vibration, sound etc. Every node in sensor network can make their own decision based on the stored information of the node, the knowledge of computing and the communication with other resources.

A typical overview of the wireless sensor network is shown in the Figure 2.1. In the figure there are three main components for the WSN - sensor nodes that are spread over the area, one or more base stations and an interconnecting communication network. The figure also show the existence of an adversary who tells the fact that the entire network is susceptible to attacks.


Figure 2-1: Wireless sensor network architecture. (From [9])

2.2 Elements of Wireless sensor network

Wireless sensor network has three main elements. These are sensor nodes, base station and communication used to communicate sensor nodes to the base station and a base station to other base station.

2.2.1 Wireless sensor node

A sensor node in a wireless sensor network is capable to perform some processing, collect and store information, and interact with other nodes in the network. A sensor node consists of one or more sensor units, a micro-controller, external memory, a transceiver, a power unit, an antenna and some optional components such as location finding system, power generator, mobilize or actuator etc. The micro-controller performs the tasks into the node. It also processes the data and controls the functionality among the different components within the node. Micro-controller has on-chip memory. Most of the time on-chip memory is used for the operation. Off-chip memory is rare. But the memory requirement varies application to application. Two categories of memory based on the purpose of storage are: user memory used for storing application related or personal data, and program memory used for programming the device. [11] Transceiver is responsible to perform the operation of a transmitter and a receiver. It has built-in state machine to perform automatically and it has four different operational states like transmit, receive, idle and sleep. All the functions that perform within the node are power consuming. The power of the sensor nodes stored into the batteries or capacitors. The battery or capacitor may be rechargeable or non-rechargeable. A typical architecture of a sensor node is shown in the figure 2.2.

Figure 2.2: Wireless sensor node architecture. (From [10])

2.2.2 Base Stations

A base station in the sensor network may be a fixed or mobile node that has the capability to connect the sensor network to the existing communication infrastructure or to the internet where a user can get access of the data that they demands. [8] Base station in the sensor network can acts as a gateway to other networks. Base station is much powerful comparing to any of the sensor nodes in the network. It is capable to transmit data to the sensor nodes via the communication medium. Normally the size of the base station is much bigger than the sensor node because of its functions. Mainly the function includes transfer or receive large amount of data, process and store those data. A typical scenario of the base station is shown in figure below.

Figure 2.3: Wireless sensor network base station

2.2.3 Communication

Two types of communication are present in the sensor network. One is local communication and other is external communication. Local communication means the communication among nodes and node to base station which is handled by the radio transceivers using various technologies. Technology are varies on the application. A standard technology 802.15 is used to communicate among the nodes and node to base stations.

External communication means the communication of one base station to other base stations. Mostly the communication is managed through the internet and the GSM mobile network.

2.2 Features of Wireless Sensor Network

The sensor network shares some common features with the traditional network. So the design of the protocol in sensor network must need to consider the properties of the traditional network which includes the following.

Limited energy supply of the sensor nodes.

Communication medium is not reliable because of the wireless medium.

Self configuration ability that may require very little or no human interference.

However some features are exist in the sensor network that are not present in any other network, are given below.

Size of the sensor network is the order of 1000s where as the traditional network is 10s.

Sensor nodes are typically immobile.

Sensor nodes may be installed into the rugged environment so the unexpected failures of the nodes are common.

Sensor nodes are much smaller than any other nodes in the traditional network with smaller battery and less memory.

Sensor network is more cooperative so it is reliable and produces quality of services (QoS).

Size of the packets in the sensor network is short.

Sometime the sensor network has many to one traffic pattern.

2.3 Network topology in WSN

Network topology is a layout or pattern to interconnect various elements like nodes or links etc. in the network. The network topology is two types- physical and logical. Physical topology is the physical design of a network where as the logical topology handles how the data is actually transmitted into the network. Various network topologies are used in the traditional network. Some network topologies that are used in the sensor network are given below.

2.3.1 Star topology

This is a very simple topology where every end point (sensor node) is directly connected with the gateway (base station). Every information for the sensor nodes passes through the base station. No node can communicate directly with other node unless through the base station. It has low power consumption but it has high probability to loss of data because it does not have any redundant path to reach a node. This topology is a good alternative for a network where the area is small. It covers a limited area depends on the range of the transceiver.

Figure 2.4: Star topology

2.3.2 Mesh topology

Mesh is the fully connected network topology where all sensor nodes are connected with some other sensor nodes or to the base station. This kind of connection is bit more complex because of the connection to all nodes. This is most reliable topology because if a single communication link fail then other link may present to reach the destination. This is most expensive and difficult to implement. In this topology the sensor nodes need to do extra capability to perform some sort of routing task. The performance is depends on the physical distribution of the sensor nodes. It has redundant path that increase the fault tolerance and cover larger area than the star topology.

Figure 2.5: Mesh topology

2.3.3 Hybrid topology

Hybrid networks use a combination of any two or more topologies in such a way that the resulting network does not exhibit one of the standard topologies. [12] The figure shown below is a hybrid network which is the combination of both mesh and star. This network can be divided into the sub-network. The top node in every sub-network acts as a router. This network can easily expandable and has low power consumption in sensor node. On the other hand the router node should need to always on. This network also has redundant path to reach a node.

Figure 2.6: Hybrid topology

2.3.4 Tree topology

Tree is a hierarchical topology. The router nodes are placed into the root and the normal sensor nodes are placed into the leaf. This can also be divided into some sub-network where every sub-network has a router node to connect other nodes. The sensor nodes talks with its respective router and the router can only talk with its higher router or with the central root. This is easily expandable, has low power consumption. This network do not hold redundant path to reach a node. The figure shown below is a typical scenario for a tree topology.

Figure 2.7: Tree topology

2.4 Traffic in Wireless Sensor Networks

Sensor nodes are communicated with other sensor nodes through the base station. Communication can be done in the form of multi-hop. Most of the traffic in the wireless sensor network is categorized into three groups. [16]

Many-to-one traffic

One-to-many traffic

Local communication

In many-to-one traffic, multiple sensor nodes sent their data to the base station or the multiple sensor nodes combine their data and then sent it to the base station in the network. In one-to-many traffic, base station may send (multicast or broadcast) the data to the multiples sensor nodes. On the other hand in the local communication, the sensor nodes coordinate among all nodes to collect their neighbor information.

2.5 Routing in Wireless Sensor Networks

Routing protocols plays an important role in any network (wired or wireless). It helps to route the data from one node to other node, from one node to the base station or vice-versa. Routing protocol decides how data will reach to the destination with an optimal way or minimum cost. Routing decision can be based on the entity in the routing table which is updated periodically at any change in the network. Several routing protocol are proposed for the sensor network. The routing protocol in sensor network can be categorized into the following categories: [17]

Flat based routing protocols

Hierarchical routing protocols

Location based routing protocols

Every sensor nodes has to perform some role or function. When all the nodes do the same role or function, flat based routing is used. On the other hand if the sensor nodes have different roles or functions, the hierarchical routing is used. In the sensor network, sensor nodes are placed in different location and the location based routing applies when the routing decision depends on the location of the nodes.

Beside of the above routing protocol, some other routing also used in the wireless sensor network such as multi-hop routing and multi-path routing. Multi-path routing is used when the network size is large; the network is more vulnerable to attacks and the desired security level is high. In this routing, redundant routing paths are present in the network that increases the network performance and reliability. Multi-hop routing is another alternative to move data within the network. This routing is very popular in the wireless sensor network. In multi-hop routing, data are transfer from sender node to destination node through the hop-by-hop. In practice the multi-hop and multi-path routing are very useful in the sensor network.

2.6 Communication medium in WSN

The communication medium that is currently used in the wireless sensor network application is ZigBee. Other than ZigBee, Bluetooth is also used in the sensor applications. But the Bluetooth has smaller coverage and high energy consumption.

The table shown below summarizes the most important characteristics of the wireless communication protocols.










Monitoring and control

Web, email, video

Cable replacement

System resources

50 to 60 Kbytes

> 1 Mbyte

> 250 Kbytes

Battery life

100 to > 1000

1 to 5

1 to 7

Network size





20 to 250 Kb/s (802.15.4, 2003)

54 Mbits/s

(802.11g, 2003)

3 Mbits/s (V2.0 + EDR, 2004)

Maximum transmission range (m)




Success metrics

Reliability, Power, Cost

Speed, flexibility

Cost, convenience

Table 2.1 Comparison of wireless communication protocol. [13]

2.6.1 ZigBee

The most popular ZigBee protocol for WSN communication was introduced by the ZigBee alliance in 2004. ZigBee is based on the standard IEEE 802.15.4. IEEE 802.15.4 is a low data rate personal area network standard that was introduced by the new standard committee of IEEE in 2003. ZigBee standard can be defined as "The name of a specification for a suite of high level communication protocols using small low power digital radio based on the IEEE 802.15.4 for Wireless Personal Area Network". [14]

ZigBee provide the low data rate and less power consumption. So the applications which require low data rate and less power consumption can use the ZigBee. Currently it is very much popular in the WSN and is used into the variety of the applications due to its less expensive, self organizing, reliable etc. characteristics. CSMA/CA is used in ZigBee as a media access control protocol. Network nodes in ZigBee

Three types of network nodes are in the ZigBee standard. These are coordinator node, router node and end-device or sensor node.

Coordinator node plays an important role to form the network. Only one node in the network can act as a coordinator node. The coordinator node stores the security key of the network and also store different information about the network.

Router node provides the routing service for the network devices.

The main purpose of the end-device or sensor node is to communicate with the coordinator or router node in the network. End-device can be sleepy device, non sleepy device or mobile device. ZigBee protocol stack

ZigBee is a collection of layers. The IEEE 802.15.4 standard defines the physical and the data link (medium access control) layer and the other layers are defined by the ZigBee alliance. The specification goes on to complete the standard by adding four main components: network layer, application layer, ZigBee device objects (ZDO's) and manufacturer-defined application objects which allow for customization and favor total integration. [15]

zigbee protocol stack.png

Figure 2.8: ZigBee protocol stack architecture (From [14])

2.6.2 Bluetooth

Bluetooth is mostly used in wireless communication to make a personal area network (PAN). Usually it is used to exchange data from mobile and fixed devices within a short distance using short wavelength radio transmission. A master device can connect with other six to seven devices to make the network. The slave and master devices are not fixed, any device can change their role at any time according their agreement. Data transfer can be made from the master device to other. This is the replacement of the serial port or RS232 cable. Sometimes Bluetooth is used as communication medium for the wireless sensor network when the short coverage is required.

Chapter 3: Authentication and access control in WSN

3.1 Authentication and its importance in WSN

Authentication is process by which a user can verify its identity to the system. It is the binding of an identity to a subject [18]. To be authenticated, a user must provide some information (its identity like username, password) to the system that the system can easily recognize the user. The information that a user presents to the system to verify its identity are following [18] -

What the entity is, for example fingerprints or retinal characteristics

Where the entity is, for example in front of a particular terminal

What the entity knows, for example passwords or secret information

What the entity has, for example a badge or card

Wireless sensor network collect data from their environment and these data are valuable in the network. The data are communicating form the source node to the base station, to other node and sometime to the outsider users. Communication must be secure and to provide the secure communication, all the entity in the network must authenticate to each other.

3.2 Access control and its importance in WSN

Access control is a process by which a user can be identified by the system through the authentication procedure and then grant some privileges to the information, system or on the resources. Generally access control restricts or allows the access based on something other than the user identity [19]. The main objective of the access control is to protect the CIA1 of the information, system and resources.

Access control is an important security issue in wireless sensor network. Nodes are collecting data from their environment and these data are accessed by other nodes or users on later time. So it is very important that the disclosure of the information to other nodes or users should be based on their privilege on that data.

3.3 Attacks during authentication and access control in WSN

In WSN, there are a number of attacks can be taken place during the authentication and the access control. Some of them are given below-

3.3.1 Insider attack

This is the most common attack and difficult to diagnosis. Generally it is assumed that the legitimate users are honest and they never disclose their authentication credential to his or her colleagues. Insider attack can be taken in place into the system whenever a user breaches his or her honesty. To find out this kind of attack, the system administrator only can check the history log file of the users query. If a user place queries from different zones at the same or overlapping time then the insider attack can be identified and the user can be place into the black list. But this kind of checking is not an optimal solution to find out the insider attack and do not work for all times. To minimize this attack it is important for the user to take more responsibility for their credential not to be disclosed and also change the credential over time (more frequent).

3.3.2 Reply attack

A replay attack is an attack to a network where an attacker replies an authentication session to make a sensor node foolish into granting the access. It is usually a form of retransmission of data into the network to obtain authentication in a falsified manner. It

1In this case CIA means Confidentiality, Integrity, and Authentication.

can be prevented by assigning a large random session token and this token is used only once.

3.3.3 Active attack

In the active attack, the attacker is able to transmit data to one or both communicating parties. The attacker also can block the stream of data in one or both directions. The attacker may be located into in between of two communicating parties. During the authentication, the attacker may try to take a place into the client or server. According to the WSN, the client may be user of the WSN or the sensor node itself and the server may be the sensor node or the base station in WSN.

3.3.4 DoS attack

A denial of service (DoS) attack makes unavailable of the resources of a network to its intended users. This kind of attack is concentrated effort of attacker to avert service from operating efficiently or not at all temporarily or indefinitely. This attack may occur during the authentication, if the attacker can make unavailable the authenticator entity or makes the authenticator entity busy that it cannot response for any request or provide very slow response.

3.3.5 False data injection attack

In this kind of attack, the attacker injects false data into the network to mislead the base station and the sensor node.

3.3.5 Node capture attack

WSN deploy into the distributed environment which is very easier for the human to get physical access of the network. In this kind of attack, the attacker can gain the physical control over a sensor node. Then the attacker extracts all data and the security parameters from that node and instructs the node to do whatever he wants.

3.4 Key exchange protocol in WSN

Traditional networks security solutions are based on the public key cryptography which is not suitable for the WSN due to resource constraint sensor nodes that have low memory and low power (nodes are operating by AA battery). Most of the time, the security protocol in WSN depends on the symmetric key cryptography to provide the security. Key exchange is an important feature to provide the security functionality like authentication, confidentiality, integrity etc. Generally cryptography operations required key whereas the key exchange protocol mostly involve to do the key management functionalities for a network. In the symmetric key cryptography, the key sharing is mandatory and the key management is very vital in sensor network.

Mostly the sensor nodes in the network share a master secret with its base station. This means the sensor nodes must have some preinstalled key which is called boot strapping of the key. In some cases, the key may generate dynamically. The sensor nodes in distributed sensor network use the pre-distributed keys directly otherwise use the key generating equipment to produce pair-wise or group-wise key dynamically.

Sensor network is vulnerable to attacks and its success depends on the concealment of the keys. If the encryption key is compromised then it has no meaning how strong the cryptography algorithm is used and the encryption is not in use. Generally a sensor node has a boot strapped master key which is used to perform cryptography operations and also used to generate a key. Different security protocols provide securities to the sensor applications in different ways. Most of them completely depend on the key exchange protocols. LEAP (Localized Encryption and Authentication Protocol) completely depends on the key-exchange protocol to provide the security of the WSN [20]. SPIN another protocol providing security to the sensor applications and relays on the key exchange protocol for the broadcast authentication. It tries to attain asymmetry using the symmetric cryptography [21].

Due to the resource constraint of network, the sensor application always need an optimal key management protocol that requires low memory space, low computational power etc. Cost is an important factor to deploy a network. The overall cost of a WSN depends on the different factors like communication cost, computational cost etc. So an efficient key management protocol helps to reduce the computational cost and communicational cost of the wireless sensor network [22].

3.5 Related work

Different work on user authentication in WSN has been performed by different researcher on various times. The problem of user authentication in WSN was first addressed in 2004 by Benenson et al [23]. Different mechanisms are proposed for the user authentication used in traditional network but not all of these are suitable for the WSN due to its resource constraint characteristics such as the limiter power, low computational capabilities makes these traditional authentication scheme are unusable in WSN. On the hand the wireless sensor network can be installed in any environment (including rugged environment) that may make more susceptible for the node capture attack where the attacker take physical control over a node and then can extract the all data and the security parameters of that node. So the role to verify the authentication information of an entity must not be limited into a single node as in the traditional user authentication system.

Benenson et al [24] proposed a user authentication mechanism based on public key cryptography. This authentication scheme solved the problem of the node capture attack and protects data collected by the sensor nodes, from the unauthorized user. This system will make the system secure also when the compromise node is less than the communicating node in range of the user. But this solution has some drawbacks. Firstly, in this scheme the user are authenticated by more than one node. Each pair of nodes needs to share a secret key that require high storage space in the node. Secondly, the user can make a query only to a node in its range on the network. To do so it is important to find out the target node but Benenson et al. does not provide any information how to find out the target node. Thirdly if a node is compromised and the user makes a query to that node then the node may send the false information which is not addressed in the solution.

Banerjee et al. [25] describe in their paper another authentication scheme based on symmetric key cryptography. In solution [24], only one node is providing the response of the user query but in this solution [25] a set of node will provide response to the user query. BIundo et al. [26] present a mechanism to share the pair-wise key. This scheme uses that technique for sharing pair-wise key. The set of node which are responsible to generate the response of the user query, produce a nonce. The user then uses the pair-wise keys to compute the message authentication codes (MACs) of the nonce and send its query. When the nodes receive the query with a valid MAC then it reply back to the user otherwise ignore the request. The problems of this authentication scheme are, the author does not mention how to make the group of the node which will involve in the user request, the scheme is more vulnerable to the node compromise attack and does not provide the mutual authentication.

Jiang et al. [27] discussed in their paper about a distributed user authentication scheme of WSN. This scheme is based on the Self-Certified Key (SCK) cryptography and Elliptic Curve Cryptography (ECC). The authors are made an assumption of existence a key distribution center which is responsible to generate private or public keys for the users and the sensor nodes in the WSN. Here at first the user, who wants to gain access of the network, sends a broadcast message containing the identity of the user and a parameter used for calculating the public key of the user. The receiving nodes will calculate the shared pair-wise key and send an encrypted nonce (using ECC) back to the user. The user then decrypts this message to gain the access to the network.

Tseng et al. [28] have proposed a dynamic user authentication scheme. This scheme is an improvement of another authentication scheme proposed by Wong et al. [29]. In [29], there was some security weakness such as foreign attack, replay attack which is solved in the improved solution [28]. Here the user provides their login information to a sensor node then the sensor node forward the user login information to the gateway node which then verify the user. The gateway node also performs the activities for the registration of a node or user. The problems in this solution are the node compromise attack and time synchronization between the sensor nodes which is very difficult to do in the WSN.

Chapter 4: Identity-based Authentication and access control in WSN

Chapter 5: References

[1] Ian F. Akyildiz, W. Su, Y. Sankarasubramaniam, and E. Cayirci, "Wireless Sensor Networks: A Survey," Computer Networks Elsevier Journal, Vol. 38, No. 4, pp. 393-422, March 2002.

[2] Römer, Kay; Friedemann Mattern (December 2004), "The Design Space of Wireless Sensor Networks", IEEE Wireless Communications 11 (6): 54-61, doi:10.1109/MWC.2004.1368897, 

[3] Thomas Haenselmann (2006-04-05), Sensornetworks, GFDL Wireless Sensor Network textbook,, retrieved 2006-08-29.

[4], access date . 15-10-2010

[5] Lei Feng-Yu, Cui Guo-Hua, Fu Cai, Xu Peng, Secure Authentication Scheme based on IBE, September 2010

[6], access date 27-10-2010

[7] Haowen Chan and Adrian Perrig, Security and Privacy in Sensor Networks, October 2003

[8] Ke Li and Chunnian Zeng, Hong Liang, Better Power Management of Wireless Sensor Network, 2009

[9] Ali Nur Mohammad Noman and Md. Hedayetul Islam, A Generic Framework for Defining Security Environments of Sensor Applications

[10] Kazem Sohraby, Daniel Minoli, and Taieb Znati. Wireless Sensor Networks

- Technology, Protocols, and Applications. John Wiley and Sons, Inc., 2007.

[11] access date 29-10-2010

[12], Access date 2010-11-09

[13] Stevanovic Dusan, Presentation, ZigBee / IEEE802.15.4 Standard, ZigBee Alliance. June 2007

[14] Shadi Arafa, Secure Messaging in Wireless Sensor Networks, DSV Publication 2007.

[15], Access date 2010-11-13

[15], Access date 2010-11-13

[16] Xiao Chen, Jawad Drissi, An Efficient Key Management Scheme in Hierarchical

Sensor Networks, MASS 2005 Workshop-WSN05.

[17] Jian Wang, Z Y XIA, Lein HARN, et al, Storage -optimal key sharing with authentication in sensor networks.

[18] Matt Bishop, Introduction to Computer Security, Prentice Hall PTR, 2004

[19], Access date 2010-12-05

[20] Sencun Zhu, Sanjeev Setia and Sushil Jajodia, LEAP: Efficient Security Mechanisms for LargeScale Distributed Sensor Networks, ACM, 2004

[21] Adrian Perrig, Robert Szewczyk, Victor Wen, David Culler, J. D. Tygar, SPINS: Security Protocol for Sensor Networks.

[22] I.F.Akyildiz, Weilian Su, Y. Sankarasubramaniam, and E.Cayirci. A Survey on Sensor Networks.

[23] Z. Benenson, F. Gartner and D. Kesdogan, "User authentication in sensor networks, 2004.

[24] Z. Benenson, N. Gedicke and O. Raivio, "Realizing robust user authentication in sensor networks" REALWSN 2005.

[25] S. BaneIjee and D. Mukhopadhyay, "Symmetric key based authentication querying in wireless sensor networks", 2006.

[26] C. Blundo, A. D. Santis, A. Herzberg, S. Kutten, U. Vaccaro and M. Yung, "Perfectly-secure key distribution for dynamic conferences;" CRYPTO 92

[27] C. Jiang, B. Li and H. Xu, "An efficient scheme for user authentication in wireless sensor networks" AINAW', 2007.

[28] H.-R. Tseng, R.H. Jan and W. Yang, "An improved dynamic user authentication scheme for wireless sensor networks."

[29] Y. Z. K. H. M., J. Cao and S. Wang, "A dynamic user authentication scheme for wireless sensor networks" SUTC, 2006.

Omar Cheikhrouhou, Anis Koubaa, Manel Boujelbenl, and Mohamed Abid, A Lightweight User Authentication Scheme for Wireless Sensor Networks, May 2010

KunZhang, and Cuirong Wang, A new Group Key Management Scheme with Simple Hash Based Authentication for Wireless Sensor Networks, June 2010

Qing Chang, Y ong-ping ZHANG, Lin-lin Qin, A Node Authentication Protocol based on ECC in WSN, June 2010

Rui Chen, Research on Security Authentication of Hierarchy Distributed Wireless Sensor Network, February 2010

Mihai-Lica Pura, and Victor-Valeriu Patriciu, Security Analysis of Robust User Authentication Protocol, June 2010

Rehana Yasmin, Eike Ritter, and Guilin Wang, An Authentication Framework forWireless Sensor Networks using Identity-Based Signatures, July 2010

Joseph K. Liu, Joonsang Baek, Jianying Zhou, Yanjiang Yang, and Jun Wen Wong, Efficient Online/Offline Identity-Based Signature for Wireless Sensor Network, 2010

Zhang Li-Ping, and Wang Yi, An ID-Based Key Agreement Protocol for Wireless Sensor Networks, December 2009

Feng Yang, and Xuehai Zhou, Distributed Node Authentication in Wireless Sensor Networks, September 2009

WANG Wei-hong, CUI Yi-ling, and CHEN Tie-ming, Identity-based Authentication protocol with Paring of Tate on WSN, September 2009

Piotr Szczechowiak, and Martin Collier, TinyIBE: Identity-Based Encryption for Heterogeneous Sensor Networks, December 2009

Geng Yang, Chunming Rong, Christian Veigner, Jiangtao Wang, and Hongbing Cheng, Identity-Based Key Agreement and Encryption For Wireless Sensor Networks, May 2006

Binod Vaidya, Min Chen and Joel J. P. C. Rodrigues, Improved Robust User Authentication Scheme for Wireless Sensor Networks, December 2009

Manik Lal Das, Two-Factor User Authentication in Wireless Sensor Networks, March 2009