Skip to main content

Integrating a Trust Framework with a Distributed Certificate Validation Scheme for MANETs


Many trust establishment solutions in mobile ad hoc networks (MANETs) rely on public key certificates. Therefore, they should be accompanied by an efficient mechanism for certificate revocation and validation. Ad hoc distributed OCSP for trust (ADOPT) is a lightweight, distributed, on-demand scheme based on cached OCSP responses, which provides certificate status information to the nodes of a MANET. In this paper we discuss the ADOPT scheme and issues on its deployment over MANETs. We present some possible threats to ADOPT and suggest the use of a trust assessment and establishment framework, named ad hoc trust framework (ATF), to support ADOPT's robustness and efficiency. ADOPT is deployed as a trust-aware application that provides feedback to ATF, which calculates the trustworthiness of the peer nodes' functions and helps ADOPT to improve its performance by rapidly locating valid certificate status information. Moreover, we introduce the TrustSpan algorithm to reduce the overhead that ATF produces, and the TrustPath algorithm to identify and use trusted routes for propagating sensitive information, such as third parties' accusations. Simulation results show that ATF adds limited overhead compared to its efficiency in detecting and isolating malicious and selfish nodes. ADOPT's reliability is increased, since it can rapidly locate a legitimate response by using information provided by ATF.



  1. [1]

    Stajano F, Anderson R: The resurrecting duckling: security issues for ad-hoc wireless networks.Proceedings of 7th International Workshop on Security Protocols, April 1999, Cambridge, UK 172–194.

    Google Scholar 

  2. [2]

    Zhou L, Haas ZJ: Securing ad hoc networks.IEEE Network 1999,13(6):24–30. 10.1109/65.806983

    Article  Google Scholar 

  3. [3]

    Kong J, Zerfos P, Luo H, Lu S, Zhang L: Providing robust and ubiquitous security support for mobile ad-hoc networks.Proceedings of International Conference on Network Protocols (ICNP '01), November 2001, Riverside, Calif, USA 251–260.

    Google Scholar 

  4. [4]

    Yi S, Kravets R: MOCA: mobile certificate authority for wireless ad hoc networks.Proceedings of 2nd Annual PKI Research Workshop (PKI '03), April 2003, Gaithersburg, Md, USA

    Google Scholar 

  5. [5]

    Papapanagiotou K, Marias GF, Georgiadis P, Gritzalis S: Performance evaluation of a distributed OCSP protocol over MANETs.Proceedings of 3rd IEEE Consumer Communications and Networking Conference (CCNC '06), January 2006, Las Vegas, Nev, USA1: 1–5.

    Google Scholar 

  6. [6]

    Marias GF, Tsetsos V, Sekkas O, Georgiadis P: Performance evaluation of a self-evolving trust building framework.Proceedings of 1st IEEE/CREATE-NET Workshop on the Value of Security Through Collaboration (SECOVAL '05), September 2005, Athens, Greece

    Book  Google Scholar 

  7. [7]

    Housley R, Polk W, Ford W, Solo D: RFC 3280 - Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile. IETF, April 2002

    Google Scholar 

  8. [8]

    Johnson D, Maltz D: Dynamic source routing in ad hoc wireless networks. In Mobile Computing. Volume 353. Kluwer Academic, Boston, Mass, USA; 1996:153–181. chapter 5 10.1007/978-0-585-29603-6_5

    Chapter  Google Scholar 

  9. [9]

    Arnes A: Public key certificate revocation schemes, M.S. thesis. Norwegian University of Science and Technology, Kingson, Ontario, Canada; February 2000.

    Google Scholar 

  10. [10]

    Myers M, Ankney R, Malpani A, Galperin S, Adams C: RFC 2560 - X.509 Internet Public Key Infrastructure Online Certificate Status Protocol—OCSP. IETF, June 1999

    Google Scholar 

  11. [11]

    Marias GF, Papapanagiotou K, Georgiadis P: Caching alternatives for a MANET-oriented OCSP scheme.Proceedings of 1st IEEE/CREATE-NET Workshop on Security and QoS in Communication Networks (SecQoS '05), September 2005, Athens, Greece

    Book  Google Scholar 

  12. [12]

    Abdul-Rahman A, Hailes S: A distributed trust model. In Proceedings of New Security Paradigms Workshop (NSPW '97), September 1997, Langdale, Cumbria, UK. ACM; 48–60.

    Google Scholar 

  13. [13]

    Cieslak M, Forster D, Tiwana G, Wilson R: Web cache coordination protocol v2.0. IETF Internet draft, 2000,–00.txt

    Google Scholar 

  14. [14]

    Buchegger S, Le Boudec J-Y: A robust reputation system for P2P and mobile ad-hoc networks.Proceedings of the 2nd Workshop on Economics of Peer-to-Peer Systems, June 2004, Cambridge, Mass, USA

    Google Scholar 

  15. [15]

    Michiardi P, Molva R: Core: a collaborative reputation mechanism to enforce node cooperation in mobile ad hoc networks.Proceedings of IFIP TC6/TC11 6th Joint Working Conference on Communications and Multimedia Security (CMS '02), September 2002, Portoroz, Slovenia 107–121.

    Google Scholar 

  16. [16]

    Wang Y, Vassileva J: Bayesian network trust model in peer-to-peer networks.Proceedings of 2nd International Workshop on Agents and Peer-to-Peer Computing (AP2PC '03), July 2003, Melbourne, Australia 23–34.

    Google Scholar 

  17. [17]

    Castelfranchi C, Falcone R: Trust is much more than subjective probability: mental components and sources of trust.Proceedings of the 33rd Hawaii International Conference on System Sciences (HICSS-33 '00), January 2000, Maui, Hawaii, USA 132.

    Google Scholar 

  18. [18]

    Buchegger S, Le Boudec J-Y: The effect of rumor spreading in reputation systems for mobile ad-hoc networks.Proceedings of 1st Workshop on Modeling and Optimization in Mobile, Ad Hoc and Wireless Networks (WiOpt '03), March 2003, Sophia-Antipolis, France

    Google Scholar 

  19. [19]

    Buchegger S, Le Boudec J-Y: Performance analysis of the CONFIDANT protocol.Proceedings of the 3rd ACM International Symposium on Mobile Ad Hoc Networking & Computing (MobiHoc '02), June 2002, Lausanne, Switzerland 226–236.

    Google Scholar 

  20. [20]

    Marti S, Giuli TJ, Lai K, Baker M: Mitigating routing misbehaviour in mobile ad hoc networks.Proceedings of the 6th Annual International Conference on Mobile Computing and Networking (MobiCom '00), August 2000, Boston, Mass, USA 255–265.

    Google Scholar 

  21. [21]

    Clark D, Partridge C, Ramming JC, Wroclawski J: A knowledge plane for the internet.Proceedings of the ACM Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications (SIGCOMM '03), August 2003, Karlsruhe, Germany 3–10.

    Google Scholar 

  22. [22]

    J-SIM simulator package,

  23. [23]

    Cheambe J, Tchouto J-J, Tittel C, Luckenbach T, Bechler M: Security in wireless ad-hoc networks.Proceedings of 13th IST Mobile & Wireless Communications Summit, June 2004, Lyon, France

    Google Scholar 

  24. [24]

    Čapkun S, Hubaux J-P: BISS: building secure routing out of an incomplete set of security associations.Proceedings of the ACM Workshop on Wireless Security (WiSe '03), September 2003, San Diego, Calif, USA 21–29.

    Google Scholar 

  25. [25]

    Sanzgiri K, Dahill B, Levine B, Shields C, Royer E: A secure routing protocol for ad hoc networks.Proceedings of 10th IEEE International Conference on Network Protocols (ICNP '02), November 2002, Paris, France 78–89.

    Google Scholar 

  26. [26]

    Zapata MG, Asokan N: Securing ad hoc routing protocols.Proceedings of the ACM Workshop on Wireless Security (WiSe '02), September 2002, Atlanta, Ga, USA 1–10.

    Google Scholar 

  27. [27]

    Leung V, Song J-H, Kawamoto Y, Wong V: Secure routing with tamper resistant module for mobile ad hoc networks.Proceedings of the 4th ACM Interational Symposium on Mobile Ad Hoc Networking and Computing (MobiHoc '03), June 2003, Annapolis, Md, USA

    Google Scholar 

  28. [28]

    He Q, Wu D, Khosla P: SORI: a secure and objective reputation-based incentive scheme for ad-hoc networks.Proceedings of IEEE Wireless Communications and Networking Conference (WCNC '04), March 2004, Atlanta, Ga, USA2: 825–830.

    Google Scholar 

  29. [29]

    Bansal S, Baker M: Observation-based cooperation enforcement in ad-hoc networks. Stanford University, Stanford, Calif, USA; 2003.

    Google Scholar 

Download references

Author information



Corresponding author

Correspondence to Konstantinos Papapanagiotou.

Rights and permissions

Open Access This article is distributed under the terms of the Creative Commons Attribution 2.0 International License ( ), which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

Reprints and Permissions

About this article

Cite this article

Marias, G., Papapanagiotou, K., Tsetsos, V. et al. Integrating a Trust Framework with a Distributed Certificate Validation Scheme for MANETs. J Wireless Com Network 2006, 078259 (2006).

Download citation


  • Information System
  • System Application
  • Establishment Framework
  • Sensitive Information
  • Efficient Mechanism