Open Access

Integrating a Trust Framework with a Distributed Certificate Validation Scheme for MANETs

  • Giannis F Marias1,
  • Konstantinos Papapanagiotou1Email author,
  • Vassileios Tsetsos1,
  • Odysseas Sekkas1 and
  • Panagiotis Georgiadis1
EURASIP Journal on Wireless Communications and Networking20062006:078259

https://doi.org/10.1155/WCN/2006/78259

Received: 1 October 2005

Accepted: 17 May 2006

Published: 1 August 2006

Abstract

Many trust establishment solutions in mobile ad hoc networks (MANETs) rely on public key certificates. Therefore, they should be accompanied by an efficient mechanism for certificate revocation and validation. Ad hoc distributed OCSP for trust (ADOPT) is a lightweight, distributed, on-demand scheme based on cached OCSP responses, which provides certificate status information to the nodes of a MANET. In this paper we discuss the ADOPT scheme and issues on its deployment over MANETs. We present some possible threats to ADOPT and suggest the use of a trust assessment and establishment framework, named ad hoc trust framework (ATF), to support ADOPT's robustness and efficiency. ADOPT is deployed as a trust-aware application that provides feedback to ATF, which calculates the trustworthiness of the peer nodes' functions and helps ADOPT to improve its performance by rapidly locating valid certificate status information. Moreover, we introduce the TrustSpan algorithm to reduce the overhead that ATF produces, and the TrustPath algorithm to identify and use trusted routes for propagating sensitive information, such as third parties' accusations. Simulation results show that ATF adds limited overhead compared to its efficiency in detecting and isolating malicious and selfish nodes. ADOPT's reliability is increased, since it can rapidly locate a legitimate response by using information provided by ATF.

[1234567891011121314151617181920212223242526272829]

Authors’ Affiliations

(1)
Department of Informatics and Telecommunications, Panepistimiopolis, University of Athens

References

  1. Stajano F, Anderson R: The resurrecting duckling: security issues for ad-hoc wireless networks.Proceedings of 7th International Workshop on Security Protocols, April 1999, Cambridge, UK 172–194.Google Scholar
  2. Zhou L, Haas ZJ: Securing ad hoc networks.IEEE Network 1999,13(6):24–30. 10.1109/65.806983View ArticleGoogle Scholar
  3. Kong J, Zerfos P, Luo H, Lu S, Zhang L: Providing robust and ubiquitous security support for mobile ad-hoc networks.Proceedings of International Conference on Network Protocols (ICNP '01), November 2001, Riverside, Calif, USA 251–260.Google Scholar
  4. Yi S, Kravets R: MOCA: mobile certificate authority for wireless ad hoc networks.Proceedings of 2nd Annual PKI Research Workshop (PKI '03), April 2003, Gaithersburg, Md, USAGoogle Scholar
  5. Papapanagiotou K, Marias GF, Georgiadis P, Gritzalis S: Performance evaluation of a distributed OCSP protocol over MANETs.Proceedings of 3rd IEEE Consumer Communications and Networking Conference (CCNC '06), January 2006, Las Vegas, Nev, USA1: 1–5.Google Scholar
  6. Marias GF, Tsetsos V, Sekkas O, Georgiadis P: Performance evaluation of a self-evolving trust building framework.Proceedings of 1st IEEE/CREATE-NET Workshop on the Value of Security Through Collaboration (SECOVAL '05), September 2005, Athens, GreeceView ArticleGoogle Scholar
  7. Housley R, Polk W, Ford W, Solo D: RFC 3280 - Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile. IETF, April 2002Google Scholar
  8. Johnson D, Maltz D: Dynamic source routing in ad hoc wireless networks. In Mobile Computing. Volume 353. Kluwer Academic, Boston, Mass, USA; 1996:153–181. chapter 5 10.1007/978-0-585-29603-6_5View ArticleGoogle Scholar
  9. Arnes A: Public key certificate revocation schemes, M.S. thesis. Norwegian University of Science and Technology, Kingson, Ontario, Canada; February 2000.Google Scholar
  10. Myers M, Ankney R, Malpani A, Galperin S, Adams C: RFC 2560 - X.509 Internet Public Key Infrastructure Online Certificate Status Protocol—OCSP. IETF, June 1999Google Scholar
  11. Marias GF, Papapanagiotou K, Georgiadis P: Caching alternatives for a MANET-oriented OCSP scheme.Proceedings of 1st IEEE/CREATE-NET Workshop on Security and QoS in Communication Networks (SecQoS '05), September 2005, Athens, GreeceView ArticleGoogle Scholar
  12. Abdul-Rahman A, Hailes S: A distributed trust model. In Proceedings of New Security Paradigms Workshop (NSPW '97), September 1997, Langdale, Cumbria, UK. ACM; 48–60.Google Scholar
  13. Cieslak M, Forster D, Tiwana G, Wilson R: Web cache coordination protocol v2.0. IETF Internet draft, 2000, http://www.ietf.org/intenet-drafts/draft-wilson-wrec-wccp-v2–00.txtGoogle Scholar
  14. Buchegger S, Le Boudec J-Y: A robust reputation system for P2P and mobile ad-hoc networks.Proceedings of the 2nd Workshop on Economics of Peer-to-Peer Systems, June 2004, Cambridge, Mass, USAGoogle Scholar
  15. Michiardi P, Molva R: Core: a collaborative reputation mechanism to enforce node cooperation in mobile ad hoc networks.Proceedings of IFIP TC6/TC11 6th Joint Working Conference on Communications and Multimedia Security (CMS '02), September 2002, Portoroz, Slovenia 107–121.Google Scholar
  16. Wang Y, Vassileva J: Bayesian network trust model in peer-to-peer networks.Proceedings of 2nd International Workshop on Agents and Peer-to-Peer Computing (AP2PC '03), July 2003, Melbourne, Australia 23–34.Google Scholar
  17. Castelfranchi C, Falcone R: Trust is much more than subjective probability: mental components and sources of trust.Proceedings of the 33rd Hawaii International Conference on System Sciences (HICSS-33 '00), January 2000, Maui, Hawaii, USA 132.Google Scholar
  18. Buchegger S, Le Boudec J-Y: The effect of rumor spreading in reputation systems for mobile ad-hoc networks.Proceedings of 1st Workshop on Modeling and Optimization in Mobile, Ad Hoc and Wireless Networks (WiOpt '03), March 2003, Sophia-Antipolis, FranceGoogle Scholar
  19. Buchegger S, Le Boudec J-Y: Performance analysis of the CONFIDANT protocol.Proceedings of the 3rd ACM International Symposium on Mobile Ad Hoc Networking & Computing (MobiHoc '02), June 2002, Lausanne, Switzerland 226–236.Google Scholar
  20. Marti S, Giuli TJ, Lai K, Baker M: Mitigating routing misbehaviour in mobile ad hoc networks.Proceedings of the 6th Annual International Conference on Mobile Computing and Networking (MobiCom '00), August 2000, Boston, Mass, USA 255–265.Google Scholar
  21. Clark D, Partridge C, Ramming JC, Wroclawski J: A knowledge plane for the internet.Proceedings of the ACM Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications (SIGCOMM '03), August 2003, Karlsruhe, Germany 3–10.Google Scholar
  22. J-SIM simulator package, http://www.j-sim.org/
  23. Cheambe J, Tchouto J-J, Tittel C, Luckenbach T, Bechler M: Security in wireless ad-hoc networks.Proceedings of 13th IST Mobile & Wireless Communications Summit, June 2004, Lyon, FranceGoogle Scholar
  24. Čapkun S, Hubaux J-P: BISS: building secure routing out of an incomplete set of security associations.Proceedings of the ACM Workshop on Wireless Security (WiSe '03), September 2003, San Diego, Calif, USA 21–29.Google Scholar
  25. Sanzgiri K, Dahill B, Levine B, Shields C, Royer E: A secure routing protocol for ad hoc networks.Proceedings of 10th IEEE International Conference on Network Protocols (ICNP '02), November 2002, Paris, France 78–89.Google Scholar
  26. Zapata MG, Asokan N: Securing ad hoc routing protocols.Proceedings of the ACM Workshop on Wireless Security (WiSe '02), September 2002, Atlanta, Ga, USA 1–10.Google Scholar
  27. Leung V, Song J-H, Kawamoto Y, Wong V: Secure routing with tamper resistant module for mobile ad hoc networks.Proceedings of the 4th ACM Interational Symposium on Mobile Ad Hoc Networking and Computing (MobiHoc '03), June 2003, Annapolis, Md, USAGoogle Scholar
  28. He Q, Wu D, Khosla P: SORI: a secure and objective reputation-based incentive scheme for ad-hoc networks.Proceedings of IEEE Wireless Communications and Networking Conference (WCNC '04), March 2004, Atlanta, Ga, USA2: 825–830.Google Scholar
  29. Bansal S, Baker M: Observation-based cooperation enforcement in ad-hoc networks. Stanford University, Stanford, Calif, USA; 2003.Google Scholar

Copyright

© GF.Marias et al. 2006

This article is published under license to BioMed Central Ltd. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.