81
C H A P T E R 6
Access Control of Aggregated
Data in Sensor Clouds
6.1 INTRODUCTION
Sensor clouds share some of the same security issues as WSNs and introduce some new ones
owing to multiple users and multiple WSN owners [96]. e security issue we consider in this
chapter is access control of sensor data. Sensor clouds are distributed systems which generate
data in real time and on-demand. e data is aggregated in-network by using algorithms like
PIP which means that the access control mechanism should support secure data aggregation.
To aggravate the issue, in sensor clouds, the network topology is not known in advance since
the nodes are provisioned and de-provisioned on-demand for each user. Moreover, a sensor
cloud composed of multiple WSNs may be owned by different users each of which may place
certain restrictions on who can and cannot access the data being generated by their sensors. is
possibility is unique to sensor clouds and, thus, what is required is an access control scheme
for sensor clouds where only authorized users are able to access data from the sensors. e
access control scheme should be able to work in an environment where the data is aggregated
in network and the topology of sensor nodes can vary for each user and each query. is access
control scheme should also be able to integrate the WSN owner permissions on who can access
data from their sensor nodes.
A naive solution for this is to use Access Control Lists (ACLs) in wireless sensors where
each sensor verifies the access allowed for each user by validating them against its ACL. is
solution, however, is not scalable and not suitable in a dynamic environment where users can
leave and new users can join. A solution which has been proposed in [97] and [98] is to encrypt
data such that only the authorized users are able to decrypt it. e solutions in [97] and [98],
however, have considered only a partially distributed system. e system model in these works
does not consider an in-network data aggregation scenario. User access control schemes have
generally been designed for standalone sensors or smaller networks and do not take large net-
works into consideration. In large networks, data is generally aggregated in-network during data
collection.
In this chapter, we will discuss an attribute-based user access control scheme, which takes
into account the fact that data is usually aggregated in WSNs to save energy and bandwidth. e
scheme also considers that each WSN in the sensor cloud may impose authorization restriction
on the data usage. In this scheme, data instead of being stored on a node is collected in response
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.