6.3. MODELS 83
access is controlled by the wireless device itself rather than being co-ordinated by a trusted au-
thority. e scheme uses CP-ABE [103] for access control of data, where the access policy is
embedded in the ciphertext itself. However, it is computationally expensive when compared to
other ABE methods. In [97], each attribute of the data is associated with a public key com-
ponent. An access tree based on the attributes of required data is created for a given user. e
access tree is then used to generate the private key which is provided to the user. e user then
provides the access tree to the sensor and the sensor provides data to the user according to the
access tree. e data is encrypted such that it can only be decrypted with a private key generated
based on that access tree. is scheme was further enhanced in [98] to include multiple base sta-
tion each of which controls a set of attributes. e concept of ABE was first introduced in [104].
Goyal et al. then proposed key policy-based ABE in [105]. e ABE schemes were proposed
for wired systems, where the data is stored at a server and the access is provided according to the
attributes held by various users. e schemes in [97] and [98] are direct adaptations of KP-ABE
in WSNs and do not take the distributed nature of sensor clouds into account. In the system
model presented in [97] and [98], users access data either directly from sensor nodes or from
a storage node which collects data from other sensors. While this is a feasible model, the het-
erogeneity limits the flexibility of the network. In this chapter, a dynamic attribute-based access
control mechanism for sensor clouds is presented which works under the general assumption of
a homogeneous network.
6.3 MODELS
6.3.1 SYSTEM MODEL
e sensor cloud system as illustrated in Figure 6.1 consists of three parties: the Users (U ), the
Sensor Cloud Administrator (SCA), and the Sensor Nodes (SN). e sensor nodes are grouped
in the form of individual WSNs which are maintained by the WSN owners. To access data
from the sensors, a user first contacts the SCA with a query over the attributes of the data it
wants to access. It then receives a secret key over these attributes from the SCA. is secret key
is then used to access data from the wireless sensors, which has been encrypted based on the
said attributes.
6.3.2 ADVERSARY MODEL
We assume that the adversary is capable of capturing a certain percentage of sensor nodes. e
adversary has the following goals:
to try to get access to the data, for which it does not have the secret key;
to try to access data for which the user does not have authorization; and
to tamper with the keys and data meant for other users, so as to disrupt the protocol.
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
18.224.59.231