- Research Article
- Open Access
Integrating a Trust Framework with a Distributed Certificate Validation Scheme for MANETs
EURASIP Journal on Wireless Communications and Networking volume 2006, Article number: 078259 (2006)
Many trust establishment solutions in mobile ad hoc networks (MANETs) rely on public key certificates. Therefore, they should be accompanied by an efficient mechanism for certificate revocation and validation. Ad hoc distributed OCSP for trust (ADOPT) is a lightweight, distributed, on-demand scheme based on cached OCSP responses, which provides certificate status information to the nodes of a MANET. In this paper we discuss the ADOPT scheme and issues on its deployment over MANETs. We present some possible threats to ADOPT and suggest the use of a trust assessment and establishment framework, named ad hoc trust framework (ATF), to support ADOPT's robustness and efficiency. ADOPT is deployed as a trust-aware application that provides feedback to ATF, which calculates the trustworthiness of the peer nodes' functions and helps ADOPT to improve its performance by rapidly locating valid certificate status information. Moreover, we introduce the TrustSpan algorithm to reduce the overhead that ATF produces, and the TrustPath algorithm to identify and use trusted routes for propagating sensitive information, such as third parties' accusations. Simulation results show that ATF adds limited overhead compared to its efficiency in detecting and isolating malicious and selfish nodes. ADOPT's reliability is increased, since it can rapidly locate a legitimate response by using information provided by ATF.
Stajano F, Anderson R: The resurrecting duckling: security issues for ad-hoc wireless networks.Proceedings of 7th International Workshop on Security Protocols, April 1999, Cambridge, UK 172–194.
Zhou L, Haas ZJ: Securing ad hoc networks.IEEE Network 1999,13(6):24–30. 10.1109/65.806983
Kong J, Zerfos P, Luo H, Lu S, Zhang L: Providing robust and ubiquitous security support for mobile ad-hoc networks.Proceedings of International Conference on Network Protocols (ICNP '01), November 2001, Riverside, Calif, USA 251–260.
Yi S, Kravets R: MOCA: mobile certificate authority for wireless ad hoc networks.Proceedings of 2nd Annual PKI Research Workshop (PKI '03), April 2003, Gaithersburg, Md, USA
Papapanagiotou K, Marias GF, Georgiadis P, Gritzalis S: Performance evaluation of a distributed OCSP protocol over MANETs.Proceedings of 3rd IEEE Consumer Communications and Networking Conference (CCNC '06), January 2006, Las Vegas, Nev, USA1: 1–5.
Marias GF, Tsetsos V, Sekkas O, Georgiadis P: Performance evaluation of a self-evolving trust building framework.Proceedings of 1st IEEE/CREATE-NET Workshop on the Value of Security Through Collaboration (SECOVAL '05), September 2005, Athens, Greece
Housley R, Polk W, Ford W, Solo D: RFC 3280 - Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile. IETF, April 2002
Johnson D, Maltz D: Dynamic source routing in ad hoc wireless networks. In Mobile Computing. Volume 353. Kluwer Academic, Boston, Mass, USA; 1996:153–181. chapter 5 10.1007/978-0-585-29603-6_5
Arnes A: Public key certificate revocation schemes, M.S. thesis. Norwegian University of Science and Technology, Kingson, Ontario, Canada; February 2000.
Myers M, Ankney R, Malpani A, Galperin S, Adams C: RFC 2560 - X.509 Internet Public Key Infrastructure Online Certificate Status Protocol—OCSP. IETF, June 1999
Marias GF, Papapanagiotou K, Georgiadis P: Caching alternatives for a MANET-oriented OCSP scheme.Proceedings of 1st IEEE/CREATE-NET Workshop on Security and QoS in Communication Networks (SecQoS '05), September 2005, Athens, Greece
Abdul-Rahman A, Hailes S: A distributed trust model. In Proceedings of New Security Paradigms Workshop (NSPW '97), September 1997, Langdale, Cumbria, UK. ACM; 48–60.
Cieslak M, Forster D, Tiwana G, Wilson R: Web cache coordination protocol v2.0. IETF Internet draft, 2000, http://www.ietf.org/intenet-drafts/draft-wilson-wrec-wccp-v2–00.txt
Buchegger S, Le Boudec J-Y: A robust reputation system for P2P and mobile ad-hoc networks.Proceedings of the 2nd Workshop on Economics of Peer-to-Peer Systems, June 2004, Cambridge, Mass, USA
Michiardi P, Molva R: Core: a collaborative reputation mechanism to enforce node cooperation in mobile ad hoc networks.Proceedings of IFIP TC6/TC11 6th Joint Working Conference on Communications and Multimedia Security (CMS '02), September 2002, Portoroz, Slovenia 107–121.
Wang Y, Vassileva J: Bayesian network trust model in peer-to-peer networks.Proceedings of 2nd International Workshop on Agents and Peer-to-Peer Computing (AP2PC '03), July 2003, Melbourne, Australia 23–34.
Castelfranchi C, Falcone R: Trust is much more than subjective probability: mental components and sources of trust.Proceedings of the 33rd Hawaii International Conference on System Sciences (HICSS-33 '00), January 2000, Maui, Hawaii, USA 132.
Buchegger S, Le Boudec J-Y: The effect of rumor spreading in reputation systems for mobile ad-hoc networks.Proceedings of 1st Workshop on Modeling and Optimization in Mobile, Ad Hoc and Wireless Networks (WiOpt '03), March 2003, Sophia-Antipolis, France
Buchegger S, Le Boudec J-Y: Performance analysis of the CONFIDANT protocol.Proceedings of the 3rd ACM International Symposium on Mobile Ad Hoc Networking & Computing (MobiHoc '02), June 2002, Lausanne, Switzerland 226–236.
Marti S, Giuli TJ, Lai K, Baker M: Mitigating routing misbehaviour in mobile ad hoc networks.Proceedings of the 6th Annual International Conference on Mobile Computing and Networking (MobiCom '00), August 2000, Boston, Mass, USA 255–265.
Clark D, Partridge C, Ramming JC, Wroclawski J: A knowledge plane for the internet.Proceedings of the ACM Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications (SIGCOMM '03), August 2003, Karlsruhe, Germany 3–10.
J-SIM simulator package, http://www.j-sim.org/
Cheambe J, Tchouto J-J, Tittel C, Luckenbach T, Bechler M: Security in wireless ad-hoc networks.Proceedings of 13th IST Mobile & Wireless Communications Summit, June 2004, Lyon, France
Čapkun S, Hubaux J-P: BISS: building secure routing out of an incomplete set of security associations.Proceedings of the ACM Workshop on Wireless Security (WiSe '03), September 2003, San Diego, Calif, USA 21–29.
Sanzgiri K, Dahill B, Levine B, Shields C, Royer E: A secure routing protocol for ad hoc networks.Proceedings of 10th IEEE International Conference on Network Protocols (ICNP '02), November 2002, Paris, France 78–89.
Zapata MG, Asokan N: Securing ad hoc routing protocols.Proceedings of the ACM Workshop on Wireless Security (WiSe '02), September 2002, Atlanta, Ga, USA 1–10.
Leung V, Song J-H, Kawamoto Y, Wong V: Secure routing with tamper resistant module for mobile ad hoc networks.Proceedings of the 4th ACM Interational Symposium on Mobile Ad Hoc Networking and Computing (MobiHoc '03), June 2003, Annapolis, Md, USA
He Q, Wu D, Khosla P: SORI: a secure and objective reputation-based incentive scheme for ad-hoc networks.Proceedings of IEEE Wireless Communications and Networking Conference (WCNC '04), March 2004, Atlanta, Ga, USA2: 825–830.
Bansal S, Baker M: Observation-based cooperation enforcement in ad-hoc networks. Stanford University, Stanford, Calif, USA; 2003.
About this article
Cite this article
Marias, G., Papapanagiotou, K., Tsetsos, V. et al. Integrating a Trust Framework with a Distributed Certificate Validation Scheme for MANETs. J Wireless Com Network 2006, 078259 (2006). https://doi.org/10.1155/WCN/2006/78259
- Information System
- System Application
- Establishment Framework
- Sensitive Information
- Efficient Mechanism