User access control in sensor networks defines a process of granting user the access right to the information and resources. It is essential for the future real sensor network deployment in which sensors may provide users with different services in terms of data and resource access. A centralized access control mechanism requires base station to be involved whenever a user requests to get authenticated and access the information stored in the sensor node, which is inefficient, not scalable, and is exposed to many potential attacks along the long communication path. In this paper, we propose a distributed user access control under a realistic adversary model in which sensors can be compromised and user may collude. We split the access control into local authentication conducted by the sensors physically close to the user, and a light remote authentication based on the endorsement of the local sensors. Elliptic Curve Cryptography (ECC), a public key cryptography scheme, is used for local...