Distributed certificate validation in MANET
نویسندگان
چکیده
The need for certificate management in mobile ad hoc networks (MANET) is the background for this report. A prototype implementation of a distributed certificate validation service is presented and evaluated. The proposed design is based on an overlay network of proxy nodes offering certificate validation over the XKMS protocol. The proxy nodes employ cooperative caching in order to offer certificate validation even when the central validation authority is out of reach. The cache will also contribute to lower network traffic in the area around the validation authority. The conclusion from the experimental evaluation shows that the availability of the validation service does increase as a result of the overlay proxy network, but is quite dependent on the mobility scenario in use. The observed traffic around the validation authority is reduced with a considerable margin. (root VA).
منابع مشابه
PKIX Certificate Status in Hybrid MANETs
Certificate status validation is a hard problem in general but it is particularly complex in Mobile Ad-hoc Networks (MANETs) because we require solutions to manage both the lack of fixed infrastructure inside the MANET and the possible absence of connectivity to trusted authorities when the certification validation has to be performed. In this sense, certificate acquisition is usually assumed a...
متن کاملDistributed Certificate Management in Mobile Ad Hoc Networks
PKI or public key infrastructure is used many security solutions that are designed for mobile ad hoc networks. These networks have special features that distinguish them from other wired and conventional networks and centralized Certificate Authorities cannot be used for certificate management in these kinds of networks. Thus many efforts have been made to adapt Certificate Authority’s (CA) tas...
متن کاملIntegrating a Trust Framework with a Distributed Certificate Validation Scheme for MANETs
Many trust establishment solutions in Mobile Ad Hoc Networks (MANETs) rely on public key certificates. Therefore, they should be accompanied by an efficient mechanism for certificate revocation and validation. Ad hoc Distributed OCSP for Trust (ADOPT) is a lightweight, distributed, ondemand scheme based on cached OCSP responses, which provides certificate status information to the nodes of a MA...
متن کاملEvaluation of Certificate-Based Authentication in Mobile Ad Hoc Networks
The certificate-based authentication is well studied in wired networks. However, adapting certificatebased authentication protocols to mobile ad hoc networks (MANETs) is a nontrivial task, mainly because, in a MANET, as opposed to conventional wired networks, there typically exists no fixed infrastructure or centralized management. For example, a conventional certificate-based authentication sy...
متن کاملAn Identity based Information Retrieval System for MANET
Mobile Ad Hoc Networks have unique characteristics like rapid movement of node in infrastructure less network that’s changes it’s topology, hence security has become a prime concern for providing security while communication between mobile nodes MANETs. Problems such as in distributed authentication environment problems of generation, distribution and assignment of session key due to a lack of ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2009