Composable Distributed Access Control and Integrity Policies for Query-Based Wireless Sensor Networks
AIR FORCE INST OF TECH WRIGHT-PATTERSON AFB OH
Pagination or Media Count:
An expected requirement of wireless sensor networks WSN is the support of a vast number of users while permitting limited access privileges. While WSN nodes have severe resource constraints, WSNs will need to restrict access to data, enforcing security policies to protect data within WSNs. To date, WSN security has largely been based on encryption and authentication schemes. WSN Authorization Specification Language WASL is specified and implemented using tools coded in JavaTM. WASL is a mechanismindependent policy language that can specify arbitrary, composable security policies. The construction, hybridization, and composition of wellknown security models is demonstrated and shown to preserve security while providing for modifications to permit internetwork accesses with no more impact on the WSN nodes than any other policy update. Using WASL and a naive data compression scheme, a multi-level security policy for a 1000-node network requires 66 bytes of memory per node. This can reasonably be distributed throughout a WSN. The compilation of a variety of policy compositions are shown to be feasible using a notebookclass computer like that expected to be performing typical WSN management responsibilities.
- Computer Systems Management and Standards