DP 2AC: Distributed privacy-preserving access control in sensor networks

Rui Zhang; Yanchao Zhang; Kui Ren

doi:10.1109/INFCOM.2009.5062039

DP ²AC: Distributed privacy-preserving access control in sensor networks

Rui Zhang, Yanchao Zhang, Kui Ren

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

41 Scopus citations

Abstract

The owner and users of a sensor network may be different, which necessitates privacy-preserving access control. On the one hand, the network owner need enforce strict access control so that the sensed data are only accessible to users willing to pay. On the other hand, users wish to protect their respective data access patterns whose disclosure may be used against their interests. This paper presents DP ²AC, a Distributed Privacy-Preserving Access Control scheme for sensor networks, which is the first work of its kind. Users in DP ²AC purchase tokens from the network owner whereby to query data from sensor nodes which will reply only after validating the tokens. The use of blind signatures in token generation ensures that tokens are publicly verifiable yet unlinkable to user identities, so privacypreserving access control is achieved. A central component in DP ²AC is to prevent malicious users from reusing tokens. We propose a suite of distributed techniques for token-reuse detection (TRD) and thoroughly compare their performance with regard to TRD capability, communication overhead, storage overhead, and attack resilience. The efficacy and efficiency of DP ²AC are confirmed by detailed performance evaluations.

Original language	English (US)
Title of host publication	IEEE INFOCOM 2009 - The 28th Conference on Computer Communications
Pages	1251-1259
Number of pages	9
DOIs	https://doi.org/10.1109/INFCOM.2009.5062039
State	Published - 2009
Externally published	Yes
Event	28th Conference on Computer Communications, IEEE INFOCOM 2009 - Rio de Janeiro, Brazil Duration: Apr 19 2009 → Apr 25 2009

Publication series

Name	Proceedings - IEEE INFOCOM
ISSN (Print)	0743-166X

Other

Other	28th Conference on Computer Communications, IEEE INFOCOM 2009
Country/Territory	Brazil
City	Rio de Janeiro
Period	4/19/09 → 4/25/09

ASJC Scopus subject areas

General Computer Science
Electrical and Electronic Engineering

Access to Document

10.1109/INFCOM.2009.5062039

Cite this

Zhang, R, Zhang, Y & Ren, K 2009, DP ²AC: Distributed privacy-preserving access control in sensor networks. in IEEE INFOCOM 2009 - The 28th Conference on Computer Communications., 5062039, Proceedings - IEEE INFOCOM, pp. 1251-1259, 28th Conference on Computer Communications, IEEE INFOCOM 2009, Rio de Janeiro, Brazil, 4/19/09. https://doi.org/10.1109/INFCOM.2009.5062039

@inproceedings{50d8237ed88148168a721a1985a42770,

title = "DP 2AC: Distributed privacy-preserving access control in sensor networks",

abstract = "The owner and users of a sensor network may be different, which necessitates privacy-preserving access control. On the one hand, the network owner need enforce strict access control so that the sensed data are only accessible to users willing to pay. On the other hand, users wish to protect their respective data access patterns whose disclosure may be used against their interests. This paper presents DP 2AC, a Distributed Privacy-Preserving Access Control scheme for sensor networks, which is the first work of its kind. Users in DP 2AC purchase tokens from the network owner whereby to query data from sensor nodes which will reply only after validating the tokens. The use of blind signatures in token generation ensures that tokens are publicly verifiable yet unlinkable to user identities, so privacypreserving access control is achieved. A central component in DP 2AC is to prevent malicious users from reusing tokens. We propose a suite of distributed techniques for token-reuse detection (TRD) and thoroughly compare their performance with regard to TRD capability, communication overhead, storage overhead, and attack resilience. The efficacy and efficiency of DP 2AC are confirmed by detailed performance evaluations.",

author = "Rui Zhang and Yanchao Zhang and Kui Ren",

year = "2009",

doi = "10.1109/INFCOM.2009.5062039",

language = "English (US)",

isbn = "9781424435135",

series = "Proceedings - IEEE INFOCOM",

pages = "1251--1259",

booktitle = "IEEE INFOCOM 2009 - The 28th Conference on Computer Communications",

note = "28th Conference on Computer Communications, IEEE INFOCOM 2009 ; Conference date: 19-04-2009 Through 25-04-2009",

}

TY - GEN

T1 - DP 2AC

T2 - 28th Conference on Computer Communications, IEEE INFOCOM 2009

AU - Zhang, Rui

AU - Zhang, Yanchao

AU - Ren, Kui

PY - 2009

Y1 - 2009

N2 - The owner and users of a sensor network may be different, which necessitates privacy-preserving access control. On the one hand, the network owner need enforce strict access control so that the sensed data are only accessible to users willing to pay. On the other hand, users wish to protect their respective data access patterns whose disclosure may be used against their interests. This paper presents DP 2AC, a Distributed Privacy-Preserving Access Control scheme for sensor networks, which is the first work of its kind. Users in DP 2AC purchase tokens from the network owner whereby to query data from sensor nodes which will reply only after validating the tokens. The use of blind signatures in token generation ensures that tokens are publicly verifiable yet unlinkable to user identities, so privacypreserving access control is achieved. A central component in DP 2AC is to prevent malicious users from reusing tokens. We propose a suite of distributed techniques for token-reuse detection (TRD) and thoroughly compare their performance with regard to TRD capability, communication overhead, storage overhead, and attack resilience. The efficacy and efficiency of DP 2AC are confirmed by detailed performance evaluations.

AB - The owner and users of a sensor network may be different, which necessitates privacy-preserving access control. On the one hand, the network owner need enforce strict access control so that the sensed data are only accessible to users willing to pay. On the other hand, users wish to protect their respective data access patterns whose disclosure may be used against their interests. This paper presents DP 2AC, a Distributed Privacy-Preserving Access Control scheme for sensor networks, which is the first work of its kind. Users in DP 2AC purchase tokens from the network owner whereby to query data from sensor nodes which will reply only after validating the tokens. The use of blind signatures in token generation ensures that tokens are publicly verifiable yet unlinkable to user identities, so privacypreserving access control is achieved. A central component in DP 2AC is to prevent malicious users from reusing tokens. We propose a suite of distributed techniques for token-reuse detection (TRD) and thoroughly compare their performance with regard to TRD capability, communication overhead, storage overhead, and attack resilience. The efficacy and efficiency of DP 2AC are confirmed by detailed performance evaluations.

UR - http://www.scopus.com/inward/record.url?scp=70349658629&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=70349658629&partnerID=8YFLogxK

U2 - 10.1109/INFCOM.2009.5062039

DO - 10.1109/INFCOM.2009.5062039

M3 - Conference contribution

AN - SCOPUS:70349658629

SN - 9781424435135

T3 - Proceedings - IEEE INFOCOM

SP - 1251

EP - 1259

BT - IEEE INFOCOM 2009 - The 28th Conference on Computer Communications

Y2 - 19 April 2009 through 25 April 2009

ER -