{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,12]],"date-time":"2025-11-12T03:18:41Z","timestamp":1762917521258,"version":"build-2065373602"},"reference-count":63,"publisher":"MDPI AG","issue":"2","license":[{"start":{"date-parts":[[2014,6,20]],"date-time":"2014-06-20T00:00:00Z","timestamp":1403222400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/3.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["JSAN"],"abstract":"<jats:p>Wireless sensor networks (WSNs) have attracted considerable interest in the research community, because of their wide range of applications. However, due to the distributed nature of WSNs and their deployment in remote areas, these networks are vulnerable to numerous security threats that can adversely affect their proper functioning. Resource constraints in sensor nodes mean that security mechanisms with a large overhead of computation and communication are impractical to use in WSNs; security in sensor networks is, therefore, a challenge. Access control is a critical security service that offers the appropriate access privileges to legitimate users and prevents illegitimate users from unauthorized access. However, access control has not received much attention in the context of WSNs. This paper provides an overview of security threats and attacks, outlines the security requirements and presents a state-of-the-art survey on access control models, including a comparison and evaluation based on their characteristics in WSNs. Potential challenging issues for access control schemes in WSNs are also discussed.<\/jats:p>","DOI":"10.3390\/jsan3020150","type":"journal-article","created":{"date-parts":[[2014,6,20]],"date-time":"2014-06-20T11:34:08Z","timestamp":1403264048000},"page":"150-180","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":33,"title":["A Survey of Access Control Models in Wireless Sensor Networks"],"prefix":"10.3390","volume":"3","author":[{"given":"Htoo","family":"Maw","sequence":"first","affiliation":[{"name":"Department of Computer Science, University of Hertfordshire, Hatfield, AL10 9AB, UK"}]},{"given":"Hannan","family":"Xiao","sequence":"additional","affiliation":[{"name":"Department of Computer Science, University of Hertfordshire, Hatfield, AL10 9AB, UK"}]},{"given":"Bruce","family":"Christianson","sequence":"additional","affiliation":[{"name":"Department of Computer Science, University of Hertfordshire, Hatfield, AL10 9AB, UK"}]},{"given":"James","family":"Malcolm","sequence":"additional","affiliation":[{"name":"Department of Computer Science, University of Hertfordshire, Hatfield, AL10 9AB, UK"}]}],"member":"1968","published-online":{"date-parts":[[2014,6,20]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","unstructured":"Garcia-Morchon, O., and Wehrle, K. (2010, January 9\u201311). Modular context-aware access control for medical sensor networks. Proceedings of the 15th ACM symposium on Access control models and technologies (SACMAT \u201910), Pittsburgh, PA, USA.","DOI":"10.1145\/1809842.1809864"},{"key":"ref_2","unstructured":"Ngo, D.N. (2006). Deployment of 802.15.4 Sensor Networks for C4ISR Operations. [PhD Thesis, Navy Postgraduate School]."},{"key":"ref_3","first-page":"814","article-title":"A survey of access control schemes in wireless sensor networks","volume":"5","author":"Faye","year":"2011","journal-title":"World Acad. Sci. Eng. Technol."},{"key":"ref_4","unstructured":"Vella, M.N. (2008). Survey of Wireless Sensor Network Security, Texas A and M University-Corpus Christi, Computer Science Program, Texas A and M University Press. Report."},{"key":"ref_5","first-page":"55","article-title":"A survey on wireless sensor network security","volume":"1","author":"Sen","year":"2009","journal-title":"Int. J. Commun. Netw. Inf. Secur."},{"key":"ref_6","doi-asserted-by":"crossref","first-page":"138","DOI":"10.1007\/s10550-006-0051-8","article-title":"Security issues of wireless sensor networks in healthcare applications","volume":"24","author":"Ng","year":"2006","journal-title":"BT Technol. J."},{"key":"ref_7","doi-asserted-by":"crossref","unstructured":"Wang, W., and Bhargava, B. (2004, January 26). Visualization of wormholes in sensor networks. Proceedings of the 3rd ACM Workshop on Wireless Security (WiSe \u201904), Philadelphia, PA, USA.","DOI":"10.1145\/1023646.1023657"},{"key":"ref_8","doi-asserted-by":"crossref","unstructured":"Newsome, J., Shi, E., Song, D., and Perrig, A. (2004, January 26\u201327). The sybil attack in sensor networks: Analysis & defenses. Proceedings of the 3rd International Symposium on Information Processing in Sensor Networks, Berkeley, CA, USA.","DOI":"10.1145\/984622.984660"},{"key":"ref_9","unstructured":"Li, Z., and Gong, G. (2008). A Survey on Security in Wireless Sensor Networks, University of Waterloo. Technical Report."},{"key":"ref_10","unstructured":"Karlof, C., and Wagner, D. (2003, January 11). Secure routing in wireless sensor networks: attacks and countermeasures. Proceedings of the 1st IEEE International Workshop on Sensor Network Protocols and Applications, Anchorage, AK, USA."},{"key":"ref_11","doi-asserted-by":"crossref","first-page":"54","DOI":"10.1109\/MC.2002.1039518","article-title":"Denial of service in sensor networks","volume":"35","author":"Wood","year":"2002","journal-title":"Computer"},{"key":"ref_12","doi-asserted-by":"crossref","first-page":"53","DOI":"10.1145\/990680.990707","article-title":"Security in wireless sensor networks","volume":"47","author":"Perrig","year":"2004","journal-title":"Commun. ACM"},{"key":"ref_13","doi-asserted-by":"crossref","first-page":"120","DOI":"10.1007\/978-3-642-22137-8_18","article-title":"Handling new adversaries in wireless ad-hoc networks (transcript of discussion)","volume":"Volume 6615","author":"Gligor","year":"2011","journal-title":"Security Protocols XVI"},{"key":"ref_14","doi-asserted-by":"crossref","first-page":"20","DOI":"10.1109\/COMST.2006.315852","article-title":"A survey of security issues in wireless sensor networks","volume":"8","author":"Wang","year":"2006","journal-title":"IEEE Commun. Surv. Tutor."},{"key":"ref_15","doi-asserted-by":"crossref","first-page":"2688","DOI":"10.1016\/j.comnet.2010.05.003","article-title":"Wireless sensor networks for healthcare: A survey","volume":"54","author":"Alemdar","year":"2010","journal-title":"Comput. Netw."},{"key":"ref_16","doi-asserted-by":"crossref","unstructured":"Pathan, A.S.K., Lee, H.-W., and Hong, C.S. (2006, January 20\u201322). Security in wireless sensor networks: Issues and challenges. Proceedings of the 8th International Conference on Advanced Communication Technology, Pyeongchang, Korea.","DOI":"10.1109\/ICACT.2006.206151"},{"key":"ref_17","doi-asserted-by":"crossref","first-page":"74","DOI":"10.1109\/MPRV.2008.6","article-title":"Denial-of-service in wireless sensor networks: Attacks and defenses","volume":"7","author":"Raymond","year":"2008","journal-title":"IEEE Pervasive Comput."},{"key":"ref_18","unstructured":"Ferraiolo, D.F., and Kuhn, D.R. (1992, January 13\u201316). Role-based access controls. Proceedings of the 15th National Computer Security Conference, Baltimore, MD, USA."},{"key":"ref_19","doi-asserted-by":"crossref","unstructured":"Sandhu, R., and Munawer, Q. (1998, January 22\u201323). How to do discretionary access control using roles. Proceedings of the 3rd ACM Workshop on Role-Based Access Control, Fairfax, VA, USA.","DOI":"10.1145\/286884.286893"},{"key":"ref_20","unstructured":"Lampson, B. (, January January). Protection. Proceedings of the 5th Princeton Conference on Information Sciences and Systems, Princeton, NJ, USA."},{"key":"ref_21","doi-asserted-by":"crossref","first-page":"137","DOI":"10.1007\/3-540-45608-2_3","article-title":"Access control: Policies, models, and mechanisms","volume":"Volume 2171","author":"Samarati","year":"2001","journal-title":"Foundation of Security Analysis and Design"},{"key":"ref_22","doi-asserted-by":"crossref","unstructured":"Zhao, G., and Chadwick, D.W. (2008, January 23\u201325). On the modeling of bell-lapadula security policies using RBAC. Proceedings of the 2008 IEEE 17th Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE \u201908), Washington, DC, USA.","DOI":"10.1109\/WETICE.2008.34"},{"key":"ref_23","doi-asserted-by":"crossref","first-page":"137","DOI":"10.1109\/TNSM.2009.03.090301","article-title":"A lightweight policy system for body sensor network","volume":"6","author":"Zhu","year":"2009","journal-title":"IEEE Trans. Netw. Serv. Manag."},{"key":"ref_24","unstructured":"Zhu, Y., Keoh, S.L., Sloman, M., Lupu, E., Zhang, Y., Dulay, N., and Pryce, N. (October, January 29). Finger: An efficient policy system for body sensor networks. Proceedings of 5th IEEE International Conference on Mobile Ad Hoc and Sensor Systems, Atlanta, GA, USA."},{"key":"ref_25","unstructured":"Morchon, O.G., and Wehrle, K. (April, January 29). Efficient and context-aware access control for pervasive medical sensor networks. Proceedings of 2010 8th IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOM Workshops), Mannheim, Germany."},{"key":"ref_26","doi-asserted-by":"crossref","unstructured":"Ferreria, A., Correia, R., Monterio, H., Brito, M., and Antunes, L. (2011, January 27\u201330). Usable access control policy and model for healthcare. Proceedings of 2011 24th International Symposium on Computer-Based Medical Systems (CBMS), Bristol, UK.","DOI":"10.1109\/CBMS.2011.5999035"},{"key":"ref_27","first-page":"1","article-title":"Analysis of existing privacy-aware access control for e-commerce application","volume":"12","author":"Ghani","year":"2012","journal-title":"Glob. J. Comput. Sci. Technol."},{"key":"ref_28","doi-asserted-by":"crossref","unstructured":"Al-Hamdani, W.A. (2010, January 1\u20133). Cryptography based access control in healthcare web systems. Proceedings of 2010 Information Security Curriculum Development Conference (InfoSecCD \u201910), Kennesaw, GA, USA.","DOI":"10.1145\/1940941.1940960"},{"key":"ref_29","doi-asserted-by":"crossref","first-page":"673","DOI":"10.1109\/TPDS.2010.130","article-title":"Fdac: Toward fine-grained distributed data access control in wireless sensor networks","volume":"22","author":"Yu","year":"2011","journal-title":"IEEE Trans. Parallel Distrib. Syst."},{"key":"ref_30","doi-asserted-by":"crossref","first-page":"96","DOI":"10.1145\/357980.358017","article-title":"A method for obtaining digital signatures and public-key cryptosystems","volume":"26","author":"Rivest","year":"1983","journal-title":"Commun. ACM"},{"key":"ref_31","unstructured":"Malan, D.J., Welsh, M., and Smith, M.D. (2004, January 4\u20137). A public-key infrastructure for key distribution in tinyos based on elliptic curve cryptography. Proceedings of the First Annual IEEE Communications Society Conference on Sensor and Ad Hoc Communications and Networks, Santa Clara, CA, USA."},{"key":"ref_32","doi-asserted-by":"crossref","unstructured":"Boneh, D., Gentry, C., and Waters, B. (2005, January 20\u201324). Collusion resistant broadcast encryption with short ciphertexts and private keys. Proceedings of the 25th annual international conference on Advances in Cryptology (CRYPTO\u201905), Berlin\/Heidelberg, Germany.","DOI":"10.1007\/11535218_16"},{"key":"ref_33","unstructured":"Gaubatz, G., Kaps, J.-P., and Sunar, B. (2004). Security in Ad-hoc and Sensor Networks, Springer."},{"key":"ref_34","unstructured":"Gura, N., Patel, A., Wander, A., Eberle, H., and Shantz, S.C. (2004). Cryptographic Hardware and Embedded Systems\u2014CHES 2004, Springer."},{"key":"ref_35","unstructured":"Wander, A.S., Gura, N., Eberle, H., Gupta, V., and Shantz, S.C. (2005, January 8\u201312). Energy analysis of public-key cryptography for wireless sensor networks. Proceedings of the 3rd IEEE International Conference on Pervasive Computing and Communications (PERCOM \u201905), Kauai Island, HI, USA."},{"key":"ref_36","doi-asserted-by":"crossref","first-page":"3","DOI":"10.1016\/j.adhoc.2006.05.014","article-title":"Access control in wireless sensor networks","volume":"5","author":"Zhou","year":"2007","journal-title":"Ad Hoc Netw."},{"key":"ref_37","unstructured":"Goyal, V., Pandey, O., Sahai, A., and Waters, B. (November, January 30). Attribute-based encryption for fine-grained access control of encrypted data. Proceedings of ACM Conference on Computer and Communications Security, Alexandria, VA, USA."},{"key":"ref_38","unstructured":"Gentry, C. (2006). Handbook of information Security, John Wiley and Sons."},{"key":"ref_39","doi-asserted-by":"crossref","unstructured":"Bethencourt, J., Sahai, A., and Waters, B. (2007, January 20\u201323). Ciphertext-policy attribute-based encryption. Proceedings of the 2007 IEEE Symposium on Security and Privacy, Washington, DC, USA.","DOI":"10.1109\/SP.2007.11"},{"key":"ref_40","doi-asserted-by":"crossref","unstructured":"Li, J., Zhao, G., Chen, X., Xie, D., Rong, C., Li, W., Tang, L., and Tang, Y. (2010, January 30). Fine-grained data access control systems with user accountability in cloud computing. Proceedings of IEEE 2nd International Conference on Cloud Computing Technology and Science, Indianapolis, IN, USA.","DOI":"10.1109\/CloudCom.2010.44"},{"key":"ref_41","doi-asserted-by":"crossref","unstructured":"Ruj, S., Nayak, A., and Stojmenovic, I. (2011, January 16\u201320). Distributed fine-grained access control in wireless sensor networks. Proceedings of 2011 IEEE International Parallel and Distributed Processing Symposium (IPDPS), Anchorage, AK, USA.","DOI":"10.1109\/IPDPS.2011.42"},{"key":"ref_42","doi-asserted-by":"crossref","unstructured":"Chase, M., and Chow, S.S.M. (2009, January 9\u201313). Improving privacy and security in multi-authority attribute-based encryption. Proceedings of the 16th ACM Conference on Computer and Communications Security, Chicago, IL, USA.","DOI":"10.1145\/1653662.1653678"},{"key":"ref_43","doi-asserted-by":"crossref","first-page":"1235","DOI":"10.1007\/s11276-011-0345-8","article-title":"Fine-grained data access control for distributed sensor networks","volume":"17","author":"Hur","year":"2011","journal-title":"Wirel. Netw."},{"key":"ref_44","doi-asserted-by":"crossref","unstructured":"Ye, F., Luo, H., Cheng, J., Lu, S., and Zhang, L. (2002, January 23\u201328). A two-tier data dissemination model for large-scale wireless sensor networks. Proceedings of the 8th Annual International Conference on Mobile Computing and Networking (MobiCom\u201902), Atlanta, Georgia, USA.","DOI":"10.1145\/570662.570664"},{"key":"ref_45","doi-asserted-by":"crossref","unstructured":"Maw, H., Xiao, H., and Christianson, B. (2013, January 9\u201312). An adaptive access control model for medical data in wireless sensor networks. Proceedings of 2013 IEEE 15th International Conference on e-Health Networking, Applications and Services (Healthcom) (IEEE Healthcom 2013), Lisbon, Portugal.","DOI":"10.1109\/HealthCom.2013.6720690"},{"key":"ref_46","doi-asserted-by":"crossref","unstructured":"Maw, H.A., Xiao, H., and Christianson, B. (2012, January 24\u201325). An adaptive access control model with privileges overriding and behaviour monitoring in wireless sensor networks. Proceedings of the 8th ACM International Symposium on QoS and Security for Wireless and Mobile Networks 2012 (ACM Q2SWinet 2012), Paphos, Cyprus.","DOI":"10.1145\/2387218.2387236"},{"key":"ref_47","doi-asserted-by":"crossref","first-page":"127","DOI":"10.1504\/IJSN.2006.011772","article-title":"Elliptic curve cryptography based access control in sensor networks","volume":"1","author":"Wang","year":"2006","journal-title":"Int. J. Secur. Netw."},{"key":"ref_48","first-page":"18","article-title":"Identity-based authentication and access control in wireless sensor networks","volume":"41","author":"Morogan","year":"2012","journal-title":"Int. J. Comput. Appl."},{"key":"ref_49","doi-asserted-by":"crossref","first-page":"47","DOI":"10.1007\/3-540-39568-7_5","article-title":"Identity-based cryptosystems and signature schemes","volume":"Volume 196","author":"Shamir","year":"1985","journal-title":"Advances in Cryptology"},{"key":"ref_50","doi-asserted-by":"crossref","first-page":"36","DOI":"10.1007\/s102070100002","article-title":"The elliptic curve digital signature algorithm (ECDSA)","volume":"1","author":"Johnson","year":"2001","journal-title":"Int. J. Inf. Secur."},{"key":"ref_51","doi-asserted-by":"crossref","unstructured":"Wang, Y., Wong, D.S., and Huang, L. (2011, January 5\u20139). A one-pass key establishment protocol for anonymous wireless roaming with PFS. Proceedings of 2011 IEEE International Conference on Communications (ICC), Kyoto, Japan.","DOI":"10.1109\/icc.2011.5962523"},{"key":"ref_52","doi-asserted-by":"crossref","unstructured":"Zhang, R., Zhang, Y., and Ren, K. (2009, January 19\u201325). DP2AC: Distributed privacy-preserving access control in sensor networks. Proceedings of the 28th IEEE International Conference on Computer Communications, Joint Conference of the IEEE Computer and Communications Societies (INFOCOM 2009), Rio de Janeiro, Brazil.","DOI":"10.1109\/INFCOM.2009.5062039"},{"key":"ref_53","doi-asserted-by":"crossref","first-page":"3472","DOI":"10.1109\/TWC.2011.072511.102283","article-title":"Distributed access control with privacy support in wireless sensor networks","volume":"10","author":"He","year":"2011","journal-title":"IEEE Trans. Wirel. Commun."},{"key":"ref_54","unstructured":"Radu, C., Govaerts, R., and Vandewalle, J. (1996, January 23\u201324). A restrictive blind signature scheme with applications to electronic cash. Proceedings of the IFIP TC6\/TC11 International Conference on Communications and Multimedia Security II, Essen, Germany."},{"key":"ref_55","doi-asserted-by":"crossref","first-page":"51","DOI":"10.1109\/MWC.2010.5416350","article-title":"Data security and privacy in wireless body area networks","volume":"17","author":"Li","year":"2010","journal-title":"Wirel. Commun."},{"key":"ref_56","doi-asserted-by":"crossref","first-page":"114","DOI":"10.1007\/s00145-007-9011-9","article-title":"Ring signatures: Stronger definitions, and constructions without random oracles","volume":"22","author":"Bender","year":"2008","journal-title":"J. Cryptol."},{"key":"ref_57","doi-asserted-by":"crossref","first-page":"189","DOI":"10.1023\/A:1017979419916","article-title":"Spins: Security protocols for sensor networks","volume":"8","author":"Perrig","year":"2001","journal-title":"Wirel. Netw."},{"key":"ref_58","doi-asserted-by":"crossref","unstructured":"Boneh, D., and Waters, B. (2013). Constrained Pseudorandom Functions and Their Applications, Springer. Cryptology ePrint Archive; Report 2013\/352.","DOI":"10.1007\/978-3-642-42045-0_15"},{"key":"ref_59","first-page":"10","article-title":"Analysis of existing access control models from web services applications\u2019 perspective","volume":"3","author":"Mohammad","year":"2011","journal-title":"J. Comput."},{"key":"ref_60","doi-asserted-by":"crossref","unstructured":"Sahafizadeh, E., and Parsa, S. (2010, January 21\u201324). Survey on access control models. Proceedings of 2nd International Conference on Future Computer and Communication, Wuhan, China.","DOI":"10.1109\/ICFCC.2010.5497850"},{"key":"ref_61","unstructured":"Twidle, K., Dulay, N., Lupu, E., and Sloman, M. Ponder2: A Policy System for Autonomous Pervasive Environments. Available online: http:\/\/pubs.doc.ic.ac.uk\/ponder2-policy-pervasive\/ponder2-policy-pervasive.pdf."},{"key":"ref_62","doi-asserted-by":"crossref","unstructured":"Liu, A., and Ning, P. (2008, January 22\u201324). TinyECC: A configurable library for elliptic curve cryptography in wireless sensor networks. Proceedings of 2008 International Conference on Information Processing in Sensor Networks, St. Louis, MO, USA.","DOI":"10.1109\/IPSN.2008.47"},{"key":"ref_63","unstructured":"Skipjack and KEA Algorithm Specifications, Available online: http:\/\/csrc.nist.gov\/encryption\/skipjack-kea.htm."}],"container-title":["Journal of Sensor and Actuator Networks"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/2224-2708\/3\/2\/150\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T21:12:46Z","timestamp":1760217166000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/2224-2708\/3\/2\/150"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2014,6,20]]},"references-count":63,"journal-issue":{"issue":"2","published-online":{"date-parts":[[2014,6]]}},"alternative-id":["jsan3020150"],"URL":"https:\/\/doi.org\/10.3390\/jsan3020150","relation":{},"ISSN":["2224-2708"],"issn-type":[{"type":"electronic","value":"2224-2708"}],"subject":[],"published":{"date-parts":[[2014,6,20]]}}}