To make meaningful comparisons of the current access control models in WSNs, the evalu- ation framework is defined to compare and contrast current access control models by using the following features and characteristics [48], [90], [114], [85].
1. Support Data Privacy
The need for data privacy is growing among all the real world applications in WSNs. Data privacy becomes more and more important in WSNs, when data are to be re- leased to only authorised and legitimate users. The more data being disclosed, the more the owner of that data loses his own privacy.
2. Support User Privacy
The need for user privacy is important in some applications. Sometimes a user, who tries to access data from the network, does not want to share his detailed information with other users in the network. It means that the users’ privacy preservation is needed to protect the privacy of user information in the network.
3. Flexibility
No matter how perfect an access control system is, if it does not support accommoda- tion to changes, such as insertion and deletion of new application systems, the access control model is not feasible to use in the real world. In WSNs, the user characteris- tics and the access context are changing continuously. Therefore, the access control decisions must be synchronised with continuously changing security conditions. It is desirable for the access control model to handle the dynamism of users and environ- ments. Therefore, the access control model needs to be flexible enough to support changes and synchronise with the access control decisions.
2.6 Comparison of WSN Access Control Models 29
Access Control
Models SupportData
Privacy Support User Privacy Flexibility Support For Emergency Access Context Sensitivity Granularity Zhu’s Model [155] Yes No No No No Coarse-Grained
CA-RBAC [43] Yes No Yes Yes Yes Fine-Grained
TC-BAC [32] Yes No Yes No No Coarse-Grained
Maerien’s Model
[79] Yes No No No No Coarse-Grained Gaurkar’s Model
[45] Yes No No No No Coarse-Grained
BT G − AC [84] Yes No Yes Yes No Coarse-Grained
FDAC [144] Yes No Yes No Yes Fine-Grained
DFAC [113] Yes No Yes No Yes Fine-Grained
DFG-AC [56] Yes No No No Yes Fine-Grained
Wang, Sheng and
Li Model [133] Yes No No No No Coarse-Grained
Zhou, Zhang
and Fang Model [153] Yes No No No No Coarse-Grained Al-Mahmud and Morogan Model [8] Yes No No No No Coarse-Grained Chatterjee, Das and Sing Model [27]
Yes No No No No Fine-Grained
DP2AC [150] Yes Yes No No No Coarse-Grained
PRICCESS [54] Yes Yes No No No Coarse-Grained
T BA2C Yes Yes Yes Yes Yes Fine-Grained
Table 2.2 Comparison of Access Control Models based on Features in WSNs
4. Support Emergency Data Access
An ideal access control model needs to support data access not only in normal situ- ations but also in an emergency situation. Many applications will benefit from such
30 Literature Review of Current WSN Access Control Models provision.
5. Context Sensitivity
An access control model is context sensitive when context information plays a role in making the appropriate access decision. It means that the contextual information (such as location and time) is used in defining policies for making access control decision dynamically.
6. Granularity
There are two different types of granularity in access control, which are fine-grained and coarse-grained. Fine-grained means that the access control systems facilitate granting differential access rights to a set of users and allow flexibility in specify- ing the access rights of individual users [51]. Coarse-grained means that groups of users and collections of objects often share the same access control requirements. The access control system should then offer support for authorisation specific to the groups of users, objects and possibly actions.
These six supporting features listed above are used to evaluate the current access control models in WSNs. Table 2.2 shows a comparison of current access control models based on these features and characteristics. The first row of the table describes evaluation criteria and the first column lists access control models. Each cell in the table shows whether the model of that row has the feature of that column.
All the access control models in WSNs provide data confidentiality and data privacy in normal condition but users’ privacy preservation is only supported in DP2AC and PRIC- CESS. The access control models which use ABE and contextual information to make ac- cess decisions, provide flexibility in the system. Based on Table 2.2, all the access control models in WSNs support authorisation decisions and allow for changes like roles, users, policy, etc. Among them, CA-RBAC and BT G − AC support emergency and immediate data access. There are few access control models that make authorisation decisions based on context information. Approximately equal numbers of access control models support coarse-grained and fine-grained. As a summary, the authorisation policy for each scheme is different, that means all models are proposed to solve different problems and look from different point of view to address the issues in WSNs area. As a summary, the authorisation policy for each scheme is different, that means all models are proposed to solve different
2.7 Conclusion 31