Least privilege and privilege deprivation: Toward tolerating mobile sink compromises in wireless sensor networks

Hui Song, Sencun Zhu, Wensheng Zhang, Guohong Cao

Research output: Contribution to journalArticlepeer-review

16 Scopus citations


Mobile sinks are needed in many sensor network applications for efficient data collection, data querying, localized sensor reprogramming, identifying, and revoking compromised sensors, and other network maintenance. Employing mobile sinks however raises a new security challenge: if a mobile sink is given too many privileges, it will become very attractive for attack and compromise. Using a compromised mobile sink, an adversary may easily bring down or even take over the sensor network. Thus, security mechanisms that can tolerate mobile sink compromises are essential. In this article, based on the principle of least privilege, we first propose an efficient scheme to restrict the privilege of a mobile sink without impeding its ability to carry out any authorized operations for an assigned task. In addition, we present an extension to allow conditional trajectory change due to unexpected events. To further reduce the possible damage caused by a compromised mobile sink, we propose efficient message forwarding schemes for deleting the privilege assigned to a compromised mobile sink immediately after its compromise has been detected. Through detailed analysis, simulation, and real implementation, we show that our schemes are secure and efficient, and are highly practical for sensor networks consisting of the current generation of sensors.

Original languageEnglish (US)
Article number23
JournalACM Transactions on Sensor Networks
Issue number4
StatePublished - Aug 1 2008

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications


Dive into the research topics of 'Least privilege and privilege deprivation: Toward tolerating mobile sink compromises in wireless sensor networks'. Together they form a unique fingerprint.

Cite this