Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.

Share this Page URL

9.6 Evaluation > 9.6.2 Evaluation of the Multi-Access Query Scheme - Pg. 246

246 CHAPTER 9 Efficient and Distributed Access Control for Sensor Networks for any digitally signed broadcast message. The additional overhead for a broadcast message will be the space for the committing values. However, due to the bandwidth limit, a broadcast message can only include a limited number of committing values. In case of a densely deployed sensor net- work, a broadcast message may only pass the fil- tering method at a fraction of neighbor nodes, generating an effect similar to the message loss. This will certainly affect the performance of the broadcast protocol. In the following discussion, we assume that we have 40 bytes of additional space for committing values in a broadcast mes- sage. Although we believe that the payload of a broadcast message for future sensor platforms will increase, we still want to show through simu- lation that 40 bytes of space is sufficient for most applications. Many energy efficient flooding mechanisms could be used for broadcast [18, 19, 25­29]. However, most of them are developed for wire- less ad hoc networks and do not work well in sen- sor networks due to the limited bandwidth and the lossy channel. Instead, we use a naive broad- cast protocol in our evaluation. In this method, when a sensor node receives an authentic broad- cast message for the first time, it will re-broadcast it at a probability of P r . Hence, on average, there are a fraction P r of sensor nodes participating in the broadcast of a given message. In our simulation, we randomly deploy 5093 sensor nodes in a field of 1000 × 1000-square- meter size. Every two sensor nodes can talk to each other if they are no more than 50 m away. Thus, there are 40 neighbor nodes on aver- age for every sensor node. The broadcast will always start from the center of the field. Every sensor node will only pick b neighbors for re- broadcasting. Figure 9-6 shows the coverage (the fraction of sensor nodes that receives the broad- cast message) and the average travel distance (the average number of hops a broadcast message travels to reach a sensor node) under different set- tings. The coverage affects the effectiveness of the broadcast, and the average travel distance affects the latency of the broadcast. From the figure, we can see that increasing b does improve the approach only involves a few efficient one-way hash operations for access enforcement. It has been shown that performing one hash operation is hundreds of times more efficient than perform- ing one ECC-based signature operation [24]. As a result, our approach is significantly more efficient than the ECC-based signature scheme in Refs. [5, 6]. Third, our access enforcement component only involves a single message for each access query, while the schemes in Refs. [5, 6] need three messages for a local sensor node and many more messages for a remote sensor node. In addition, a fixed number (t ) of local sensor nodes have to work together to commit the query message for accessing a remote sensor node. This intro- duces at least t more messages and also signifi- cantly complicates the protocol and increases the overhead. In our protocol, we do not need such collaboration. Fourth, the uni-access scheme can also support privilege delegation, which allows a user to delegate all or part of its privilege to others without using the base station. This fea- ture makes our approach much more flexible for access control than previous solutions. Finally, our approach is more resilient to the compromise of sensor nodes. Indeed, no matter how many sensor nodes or users are compromised, the con- trol of the access from any user to any benign sensor node is always properly enforced. In con- trast, for the schemes in Refs. [5, 6], the collusion of a few sensor nodes will allow the attacker to access any sensor node easily. 9.6.2. Evaluation of the Multi-Access Query Scheme In the following, we want to validate our previous analysis on the multi-access query scheme and also evaluate how practical it is for a resource-constrained sensor network. The simulation study will focus on two aspects of the proposed filtering method, its impact on the broadcast protocol and its performance in deal- ing with the DOS attacks against the signature verification. Note that the proposed filtering method can be easily generalized to provide DOS protection