Building a virtual hierarchy to simplify certification path discovery in mobile ad-hoc networks

Satizábal, Cristina; Hernández-Serrano, Juan; Forné, Jordi; Pegueroles, Josep

doi:10.1016/j.comcom.2006.12.024

Cited by 20 publications

(11 citation statements)

References 15 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…The drawback of this approach is to assume that trust is transitive and the system becomes more vulnerable to the intrusion of malicious nodes. Satizabal et al [17] proposed an extension of Hubaux et al's [10] work by simplifying the certification path discovery. The authors present a protocol to establish a virtual hierarchy among the nodes in the network based on peer-to-peer PKI.…”

Section: Self-organized Pkimentioning

confidence: 99%

A secure and resistant architecture against attacks for mobile ad hoc networks

Rachedi

Benslimane

2009

Security Comm Networks

View full text Add to dashboard Cite

International audienceIn this paper, we propose a new architecture based on an efficient trust model and Secure Distributed Clustering Algorithm (SDCA) in order to distribute a certification authority (CA) for ensuring the distribution of certificates in each cluster. We use the combination of a fully self-organized security for trust models like PGP adapted to ad-hoc technology and the clustering algorithm which is based on the use of trust and mobility metrics, in order to select the clusterhead and to establish PKI in each cluster for authentication and exchange of data. Furthermore, we present a new approach: the Dynamic Demilitarized Zone (DDMZ) to protect the CA in each cluster. The principal idea of DDMZ consists in selecting the dispensable nodes, also called registration authorities (RA); these nodes must be confident and located at one-hope from the CA. Their roles are to receive, filter and treat the requests from any unknown node to the CA. With this approach, we can avoid the single point of failure in each cluster. Moreover, we propose a probabilistic model to define the direct connectivity between confident nodes in order to study the resistance degree of the DDMZ against different attacks. In addition, we evaluate the performance of the proposed SDCA and we estimate the robustness and the availability of DDMZ through the simulations. The effects of direct connectivity and transmission range on the stability and security of the network are analysed. The simulation's results confirm that the proposed architecture is scalable, secure and more resistant against attacks

show abstract

Section: Self-organized Pkimentioning

confidence: 99%

A secure and resistant architecture against attacks for mobile ad hoc networks

Rachedi

Benslimane

2009

Security Comm Networks

View full text Add to dashboard Cite

show abstract

“…We quote the Hubaux et al's [6] approach and Satizabal et al's [23] system. In these systems, each user is able to generate a certificate for other users.…”

Section: A Certification Authority In Manetmentioning

confidence: 99%

“…In classical Public Key Infrastructure (PKI) [9], a Registration Authority (RA) is used to collect and analyze users' requests before forwarding them to a CA to certify, issue and renew user's digital certificate. In Mobile Ad hoc Networks (MANETs), a decentralized certificate authority approach [6], [10], [23] is proposed, due to MANET characteristics, as a solution to avoid single point of failure, MANET attacks and consider nodes' mobility. To handle these requirements, a distributed clustering algorithm is proposed in [22] to cluster nodes based on a set of trusted nodes that belong to a confident community.…”

Section: Introductionmentioning

confidence: 99%

A Secure Mechanism Design-Based and Game Theoretical Model for MANETs

Rachedi

Benslimane²,

Otrok³

et al. 2009

Mobile Netw Appl

View full text Add to dashboard Cite

., resource consumption). In this paper, we propose a model based on mechanism design that will allow clusters with single trusted node (CA) to be created. Our mechanism will motivate nodes that do not belong to the confident community to participate by giving them incentives in the form of trust, which can be used for cluster's services. To achieve this goal, a RA selection algorithm is proposed that selects nodes based on a predefined selection criteria function and location (i.e., using directional antenna). Such a model is known as moderate. Based on the security risk, more RA nodes must be added to formalize a robust DDMZ. Here, we consider the tradeoff between security and resource consumption by formulating the problem as a nonzero-sum noncooperative game between the CA and attacker. Finally, empirical results are provided to support our solutions.Index Terms-MANET security, mechanism design, certificate authority and clustering.

show abstract

“…Different business corporations deploy different types of PKIs such as Single CA, Hierarchical, Bridge, Hybrid, and Mesh PKI [1] [2] [3]. The Mesh architecture is most widely used in applications such as MANET [4] [5], but certificate path development is more complex than in a hierarchy. Unlike a hierarchy, building a certificate path from a user"s certificate to a trust point is nondeterministic.…”

Section: Introductionmentioning

confidence: 99%

Creating Virtual Hierarchy in Peer-to-Peer PKI to Simplify Certificate Path Discovery

Muniyal¹,

Prema²,

Nayak³

2012

IJCA

View full text Add to dashboard Cite

Peer-to-Peer Public Key Infrastructure (also called Mesh PKI) architecture is one of the most popular PKI trust models that is widely used in Mobile Ad-hoc networks(MANETs), but certificate path verification is very complex since there are multiple paths between users and the certification path is bidirectional. Unlike a Hierarchical PKI, in Mesh PKI, building a certificate path from a user"s certificate to a trust point is nondeterministic. Certificate Path verification in Hierarchical PKI is simple and straightforward. In this paper, a novel method to establish a virtual hierarchy in Mesh PKI to simplify the certificate path discovery is proposed.

show abstract

Building a virtual hierarchy to simplify certification path discovery in mobile ad-hoc networks

Cited by 20 publications

References 15 publications

A secure and resistant architecture against attacks for mobile ad hoc networks

A secure and resistant architecture against attacks for mobile ad hoc networks

A Secure Mechanism Design-Based and Game Theoretical Model for MANETs

Creating Virtual Hierarchy in Peer-to-Peer PKI to Simplify Certificate Path Discovery

Contact Info

Product

Resources

About