Towards flexible credential verification in mobile ad-hoc networks

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

Towards flexible credential verification in mobile ad-hoc networks

Full text

Pdf (281 KB)

Source

ACM Workshop On Principles Of Mobile Computing archive
Proceedings of the second ACM international workshop on Principles of mobile computing table of contents

Toulouse, France

SESSION: Security and Middleware Services table of contents

Pages: 58 - 65

Year of Publication: 2002

ISBN:1-58113-511-4

Authors

Sye Loong Keoh	Imperial College, London, U.K.
Emil Lupu	Imperial College, London, U.K.

Sponsors

SIGACT: ACM Special Interest Group on Algorithms and Computation Theory
ACM: Association for Computing Machinery

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 2, Downloads (12 Months): 27, Citation Count: 3

Additional Information:

abstract references cited by index terms collaborative colleagues

Tools and Actions:	Request Permissions Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/584490.584503 What is a DOI?

ABSTRACT

Ad-hoc networks facilitate interconnectivity between mobile devices without the support of a network infrastructure. In this paper we propose a flexible credential verification mechanism, which improves the likelihood that participants in an ad-hoc network can verify each other's credentials despite the lack of access to certification and attribute authorities. Users maintain Credential Assertion Statements (CASs), which are formed through extraction of X.509 and attribute certificates into an interoperable XML form. Trusted entities that can verify the credentials listed in the CAS can then issue signed Assertion Signature Statements (ASSs) to other participants in the ad-hoc network. In addition, each user maintains a key ring, which comprises the list of public-keys trusted to sign credential assertion statements. All public-keys in the ring are assigned a trustworthiness level. When a user presents his/her CAS together with matching ASSs to a verifier, the verifier checks the signatures in the ASSs against its key ring to determine whether credentials in the CAS are authentic and acceptable. Transitivity of trust is generally not allowed, but there are exceptional cases in which it is permitted.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	Bartel, M., Boyer, J., Fox, B., LaMacchia, B., and Simon, E. XML-Signature Syntax and Processing. W3C Recommendation, The Internet Society & W3C, 12 Febuary 2002.
	2	Bruce Christianson , William S. Harbison, Why Isn't Trust Transitive?, Proceedings of the International Workshop on Security Protocols, p.171-176, April 10-12, 1996
	3	Ferraiolo, D., and Kuhn, R., Role-based Access Controls. In 15th National Computer Security Conference. NIST, October 1992, 554--563.
	4	Frodigh, M., Johansson, P. and Larsson, P. Wireless Ad-hoc Networking - The Art of Networking Without a Network. Ericsson Review, 4, 2000.
	5	Hallam-Baker, P., and Maler, E. (Eds.). Assertions and Protocol for the OASIS Security Assertion Markup Language (SAML). Available online at <http://www.oasis-open.org/committees/security/docs>, 10 January 2002.
	6	Amir Herzberg , Yosi Mass , Joris Michaeli , Yiftach Ravid , Dalit Naor, Access Control Meets Public Key Infrastructure, Or: Assigning Roles to Strangers, Proceedings of the 2000 IEEE Symposium on Security and Privacy, p.2, May 14-17, 2000
	7	Amir Herzberg , Yosi Mass, Relying Party Credentials Framework, Proceedings of the 2001 Conference on Topics in Cryptology: The Cryptographer's Track at RSA, p.328-343, April 08-12, 2001
	8	Herzberg, A., and Mass, Y. Relying Party Credential Framework. In Special Issue on Security Aspects in E-Commerce of the Electronic Commerce Research Journal, 2002.
	9	Jean-Pierre Hubaux , Levente Buttyán , Srdan Capkun, The quest for security in mobile ad hoc networks, Proceedings of the 2nd ACM international symposium on Mobile ad hoc networking & computing, October 04-05, 2001, Long Beach, CA, USA [doi>10.1145/501436.501437]
	10	Linn, J., Trusts Model and Management in Public Key Infrastructures. RSA Labs, 6 Nov 2000.
	11	Rivest, R. L., and Lampson, B. SDSI - A Simple Distributed Security Infrastructure. April 1996.
	12	Satyanarayanan M. Pervasive Computing: Vision and Challenges. IEEE Personal Communications 8(4), August 2001, 10 -- 17.
	13	Sriganesh, R.P. Implementing Single-sign On in Java Technology-based Web Services. In Sun's 2002 Worldwide Java Developer Conference, San Francisco, CA, 25 - 29 March 2002.
	14	Thompson, M., Johnston, W., Mudumbai, S., Hoo, G., Jackson, K., and Essiari, A. Certificate-Based Access Control For Widely Distributed Resources. In Proceedings of the 8th USENIX Security Symposium, August 23-26, 1999.
	15	Weiser, M. The Computer for the 21st Century. Scientific American, September 1991.
	16	Philip R. Zimmermann, The official PGP user's guide, MIT Press, Cambridge, MA, 1995

CITED BY 3

	William Claycomb , Dongwan Shin, Towards secure resource sharing for impromptu collaboration in pervasive computing, Proceedings of the 2007 ACM symposium on Applied computing, March 11-15, 2007, Seoul, Korea
	Mohamad Aljnidi , Jean Leneutre, A security policy system for mobile autonomic networks, Proceedings of the 1st international conference on Autonomic computing and communication systems, October 28-30, 2007, Rome, Italy
	Giorgio Zanin , Roberto Di Pietro , Luigi V. Mancini, Robust RSA distributed signatures for large-scale long-lived ad hoc networks, Journal of Computer Security, v.15 n.1, p.171-196, January 2007