A Survey of Access Control Schemes in Wireless Sensor Networks Youssou Faye, Ibrahima Niang, and Thomas Noel Abstract—Access control is a critical security service in Wire- less Sensor Networks (WSNs). To prevent malicious nodes from joining the sensor network, access control is required. On one hand, WSN must be able to authorize and grant users the right to access to the network. On the other hand, WSN must organize data collected by sensors in such a way that an unauthorized entity (the adversary) cannot make arbitrary queries. This restricts the network access only to eligible users and sensor nodes, while queries from outsiders will not be answered or forwarded by nodes. In this paper we presentee different access control schemes so as to ?nd out their objectives, provision, communication complexity, limits, etc. Using the node density parameter, we also provide a comparison of these proposed access control algorithms based on the network topology which can be flat or hierarchical. Keywords—Access Control, Authentication, Key Management, Wireless Sensor Networks. I. I NTRODUCTION S ENSOR nodes in WSNs are short-range radio communi- cation capabilities. WSNs are being deployed for a wide variety of applications, including military sensing and tracking, environ- ment monitoring, patient monitoring, etc. They have some unique characteristics such as large scale of deployment with large number of sensor nodes. Each node has constraints on resource such as energy, memory, computation speed and bandwidth. Many factors like deployment nature in hostile en- vironment, wireless communication, the physical interactions with the environment, and other objects make WSNs more vulnerable to various attacks. Thus, access control become a very challenge. It de?nes policies that entities (base station, sensor nodes or users) join and/or queries the WSN. In general, the collected data may not be so critical, such as the query of the current temperature in a location within a building. However, in WSNss critical applications, the collected data and secrets should be protect by preventing unauthorized users from gaining the information. Data in real-time WSNs applications are made available to users on demand. Data may no longer be accessed only at the base station or a gateway node. They could be accessed anywhere from a sensor node in an ad-hoc manner [1]. Y. Faye is with the Department of Computer Science (Laboratory LIFC) ,University of Franche-Comte, Besanon, FR, 25000 France (phone:+33.3.81.66.20.78; +33.6.37.04.95.49; e-mail:yfaye@lifc.univ- fcomte.fr). I. Niang is with the Department Mathematic and Computer Science (Laboratory LID), Cheikh Anta Diop University, Dakar, Senegal (e-mail: iniang@ucad.sn). T. Noel is with the Department Mathematic and Computer Science (Laboratory LSIIT), Strasbourg University, Strasbourg, France (e-mail: see noel@unistra.fr). Note that, access control becomes especially difficult in presence of node capture, query replay and denial of service (DoS) attacks. In hostile environments, not only sensor nodes but also users may be compromised by adversaries. Node capture means gaining full control over a sensor node by a physical attack. User capture means the attackers can disguise themselves into legitimate users to use network resources and attack the networks. Authenticated packets which are sent over a multi-hop connection using only symmetric cryptography is challenging because the intermediate nodes that forward the packets may also have the symmetric key used for authentication (they need this key to be able to authenticate the packet). An attacker that captures a node will get access to the symmetric key. Thus, security solutions in this domain cannot rely on single sensor. There are tree types of general access control: new node addition schemes, user authentication schemes and authenti- cated querying. Based on network topology and node density parameter, we provide a comparison between these schemes. The reminder of the paper is setup as follows: background is presented in section II. Section III and IV present respectively access control challenges and access control schemes. We conclude with future works in section V. II. BACKGROUND A. Security Vulnerabilities in WSNs Sensor networks possess a large number of vulnerabilities which makes them even more prone to attacks. We distinguish physical vulnerabilities and technological vulnerabilities. 1) Physical vulnerabilities: Due to the deployment nature (in public and hostile environments) renders more link at- tacks ranging from passive eavesdropping to active interfering, sensor nodes would be highly vulnerable to capture and vandalism. WSN can scale up to thousands of sensor nodes without any fixed infrastructure. This implies the need to develop simple, flexible, and scalable security protocols. And new nodes addition and failure make the network topology dynamic and the solutions more complex. 2) Technological vulnerabilities: Security services in WSNs must consider the hardware constraints of the sensor nodes: • Energy: energy consumption in sensor nodes can be cate- gorized into three parts: energy for the sensor transducer, energy for communication, energy for microprocessor computation. • Computation: sensor nodes’s processors are not gener- ally powerful such as complex cryptographic algorithms cannot be used in WSNs. World Academy of Science, Engineering and Technology International Journal of Computer and Information Engineering Vol:5, No:11, 2011 1254 International Scholarly and Scientific Research & Innovation 5(11) 2011 scholar.waset.org/1307-6892/3624 International Science Index, Computer and Information Engineering Vol:5, No:11, 2011 waset.org/Publication/3624