Design and evaluation of a security architecture for ad hoc networks

Purpose - Secure communication is very important for computer networks. Thereby, authentication is one of the most eminent preconditions. In ad hoc networks, common authentication schemes are not applicable since public key infrastructures with a centralized certification authority are hard to deplo...

Full description

Saved in:
Bibliographic Details
Published in:International journal of pervasive computing and communications 2009-11, Vol.5 (4), p.448
Main Authors: Kraft, Daniel, Bechler, Marc, Hof, Hans-Joachim, Pählke, Frank, Wolf, Lars
Format: Article
Language:English
Subjects:
Access control
Algorithms
Architecture
Certification
Communication
Confidentiality
Cybersecurity
Digital certificates
Infrastructure
Network security
Private networks
Security services
Wireless communications
Citations: Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Purpose - Secure communication is very important for computer networks. Thereby, authentication is one of the most eminent preconditions. In ad hoc networks, common authentication schemes are not applicable since public key infrastructures with a centralized certification authority are hard to deploy in ad hoc networking environments. This paper aims to investigate these issues. Design/methodology/approach - In order to overcome these issues, the paper proposes and evaluates a security concept based on a distributed certification facility. Thereby, a network is divided into clusters with one special head node each. These cluster head nodes perform administrative functions and hold shares of a network key used for certification. New nodes start to participate in the network as guests; they can only become full members with a network-signed certificate after their authenticity has been warranted by some other members. Access to resources and services within the ad hoc network is controlled using authorization certificates. Findings - The feasibility of this concept was verified by simulations. Three different models for node mobility were used in order to include realistic scenarios as well as to make the results comparable to other work. The simulation results include an evaluation of the log-on times, availability, and communication overhead. Originality/value - The paper introduces a cluster-based architecture to realize a distributed public key infrastructure that is highly adapted to the characteristics of ad hoc networks.
ISSN:1742-7371
1742-738X
DOI:10.1108/17427370911008848