Security analysis and resource requirements of group-oriented user access control for hardware-constrained wireless network services.

We extend and analyse a previous access control solution for wireless network services with group-based authorization. Authentication and encryption are provided, and access control relies on user identity, group membership and time intervals. Both the basic solution and the extension focus on minimizing computation, energy, storage and communications on the sensor side: computations involved rely on symmetric cryptography and key derivation functions, and no additional messages between user and sensor are needed. The performance of our solution is proven by experiments on a highly constrained platform such as Arduino. Finally, its security is validated against the AVISPA tool.